docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14522 from docker/master 

Publish updates from master
This commit is contained in:
Usha Mandya 2022-04-07 16:30:48 +01:00 committed by GitHub
parent 594241e064 4856f29d23
commit bce277c748
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 256 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
_data/compose-cli/docker_compose_build.yaml
View File

@ -19,6 +19,7 @@ options:
default_value: '[]'
description: Set build-time variables for services.
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
@ -28,6 +29,7 @@ options:
default_value: "true"
description: Compress the build context using gzip. DEPRECATED
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
@ -37,6 +39,7 @@ options:
default_value: "true"
description: Always remove intermediate containers. DEPRECATED
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
@ -47,6 +50,7 @@ options:
description: |
Set memory limit for the build container. Not supported on buildkit yet.
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
@ -56,6 +60,7 @@ options:
default_value: "false"
description: Do not use cache when building the image
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
@ -66,6 +71,7 @@ options:
description: |
Do not remove intermediate containers after a successful build. DEPRECATED
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
@ -75,6 +81,7 @@ options:
default_value: "true"
description: Build images in parallel. DEPRECATED
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
@ -82,8 +89,9 @@ options:
- option: progress
value_type: string
default_value: auto
description: Set type of progress output ("auto", "plain", "noTty")
description: Set type of progress output (auto, tty, plain, quiet)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
@ -93,6 +101,7 @@ options:
default_value: "false"
description: Always attempt to pull a newer version of the image.
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
@ -103,6 +112,17 @@ options:
default_value: "false"
description: Don't print anything to STDOUT
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: ssh
value_type: string
description: |
Set SSH authentications used when building service images. (use 'default' for using your default SSH Agent)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false

2
_data/toc.yaml
View File

@ -1270,6 +1270,8 @@ manuals:
title: Docker Context
- path: /engine/scan/
title: Docker Scan
- path: /engine/sbom/
title: Docker SBOM (Experimental)
- sectiontitle: Docker Compose
section:

BIN
desktop/mac/images/whale-x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 33 KiB

After

Width:  |  Height:  |  Size: 568 B

16
desktop/mac/install.md
View File

@ -66,6 +66,8 @@ Your Mac must meet the following requirements to install Docker Desktop successf
## Install and run Docker Desktop on Mac
### Install interactively
1. Double-click `Docker.dmg` to open the installer, then drag the Docker icon to
the Applications folder.
@ -88,6 +90,20 @@ Your Mac must meet the following requirements to install Docker Desktop successf
For more information, see [Docker Desktop License Agreement](../../subscription/index.md#docker-desktop-license-agreement). We recommend that you also read the [Blog](https://www.docker.com/blog/updating-product-subscriptions/){: target="_blank" rel="noopener" class="_" id="dkr_docs_desktop_install_btl"} and [FAQs](https://www.docker.com/pricing/faq){: target="_blank" rel="noopener" class="_" id="dkr_docs_desktop_install_btl"} to learn how companies using Docker Desktop may be affected.
### Install from the command line
After downloading `Docker.dmg`, run the following commands in a terminal to install Docker Desktop in the Applications folder:
```console
sudo hdiutil attach Docker.dmg
sudo /Volumes/Docker/Docker.app/Contents/MacOS/install
sudo hdiutil detach /Volumes/Docker
```
The `install` command accepts the following flags:
- `--accept-license`: accepts the [Docker Subscription Service Agreement](https://www.docker.com/legal/docker-subscription-service-agreement){: target="_blank" rel="noopener" class="_"} now, rather than requiring it to be accepted when the application is first run
- `--allowed-org=<org name>`: requires the user to sign in and be part of the specified Docker Hub organization when running the application
### Quick start guide
If you've just installed the app, Docker Desktop launches the Quick Start Guide. The tutorial includes a simple exercise to build an example Docker image, run it as a container, push and save the image to Docker Hub.

43
desktop/mac/release-notes/index.md
View File

@ -23,8 +23,8 @@ This page contains information about the new features, improvements, known issue
Take a look at the [Docker Public Roadmap](https://github.com/docker/roadmap/projects/1){: target="_blank" rel="noopener" class="_"} to see what's coming next.
## Docker Desktop 4.6.1
2022-03-22
## Docker Desktop 4.7.0
2022-04-07
> Download Docker Desktop
>
@ -33,6 +33,45 @@ Take a look at the [Docker Public Roadmap](https://github.com/docker/roadmap/pro
> chip](https://desktop.docker.com/mac/main/arm64/Docker.dmg?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-mac-arm64){:
> .button .primary-btn }
### Security
- Update Docker Engine to v20.10.14 to address [CVE-2022-24769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769){: target="_blank" rel="noopener" class="_"}
- Update containerd to v1.5.11 to address [CVE-2022-24769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769)
### New
- IT Administrators can now install Docker Desktop remotely using the command line. For more information, see [Install Docker Desktop using the command line](../install.md#install-from-the-command-line).
- Add the Docker Software Bill of Materials (SBOM) CLI plugin. The new CLI plugin enables users to generate SBOMs for Docker images. For more information, see [Docker SBOM](../../../engine/sbom/index.md).
- Use [cri-dockerd](https://github.com/Mirantis/cri-dockerd){: target="_blank" rel="noopener" class="_"} for new Kubernetes clusters instead of `dockershim`. The change is transparent from the user's point of view and Kubernetes containers run on the Docker Engine as before. `cri-dockerd` allows Kubernetes to manage Docker containers using the standard [Container Runtime Interface](https://github.com/kubernetes/cri-api#readme){: target="_blank" rel="noopener" class="_"}, the same interface used to control other container runtimes. For more information, see [The Future of Dockershim is cri-dockerd](https://www.mirantis.com/blog/the-future-of-dockershim-is-cri-dockerd/){: target="_blank" rel="noopener" class="_"}.
### Upgrades
- [Docker Engine v20.10.14](https://docs.docker.com/engine/release-notes/#201014)
- [Compose v2.4.1](https://github.com/docker/compose/releases/tag/v2.4.1)
- [Buildx 0.8.2](https://github.com/docker/buildx/releases/tag/v0.8.2)
- [containerd v1.5.11](https://github.com/containerd/containerd/releases/tag/v1.5.11)
- [Go 1.18](https://golang.org/doc/go1.18)
### Bug fixes and minor changes
- Fixed an issue that sometimes caused Docker Desktop to display a blank white screen. Fixes [docker/for-mac#6134](https://github.com/docker/for-mac/issues/6134).
- Fixed a bug where the Registry Access Management policy was never refreshed after a failure.
- Fixed an issue that caused Docker Desktop to become unresponsive during startup when osxfs is used for file sharing.
- Fixed a problem where gettimeofday() performance drops after waking from sleep when using Hyperkit. Fixes [docker/for-mac#3455](https://github.com/docker/for-mac/issues/3455).
- Logs and terminals in the UI now respect your OS theme in light and dark mode.
- Easily clean up many volumes at once via multi-select checkboxes.
- Improved login feedback.
### Deprecation
- Deprecate macOS 10.14. For macOS system requirements, see [Docker Desktop for Mac system requirements](../install.md#system-requirements).
## Docker Desktop 4.6.1
2022-03-22
> Download Docker Desktop
>
> [Mac with Intel chip](https://desktop.docker.com/mac/main/amd64/76265/Docker.dmg) |
> [Mac with Apple chip](https://desktop.docker.com/mac/main/arm64/76265/Docker.dmg)
### Upgrades
- [Buildx 0.8.1](https://github.com/docker/buildx/releases/tag/v0.8.1)

37
desktop/windows/install.md
View File

@ -102,6 +102,8 @@ Looking for information on using Windows containers?
## Install Docker Desktop on Windows
### Install interactively
1. Double-click **Docker Desktop Installer.exe** to run the installer.
If you haven't already downloaded the installer (`Docker Desktop Installer.exe`), you can get it from
@ -109,7 +111,9 @@ Looking for information on using Windows containers?
It typically downloads to your `Downloads` folder, or you can run it from
the recent downloads bar at the bottom of your web browser.
2. When prompted, ensure the **Enable Hyper-V Windows Features** or the **Install required Windows components for WSL 2** option is selected on the Configuration page.
2. When prompted, ensure the **Use WSL 2 instead of Hyper-V** option on the Configuration page is selected or not depending on your choice of backend.
If your system only supports one of the two options, you will not be able to select which backend to use.
3. Follow the instructions on the installation wizard to authorize the installer and proceed with the install.
@ -118,6 +122,37 @@ Looking for information on using Windows containers?
5. If your admin account is different to your user account, you must add the user to the **docker-users** group. Run **Computer Management** as an **administrator** and navigate to **Local Users and Groups** > **Groups** > **docker-users**. Right-click to add the user to the group.
Log out and log back in for the changes to take effect.
### Install from the command line
After downloading **Docker Desktop Installer.exe**, run the following command in a terminal to install Docker Desktop:
```console
"Docker Desktop Installer.exe" install
```
If youre using PowerShell you should run it as:
```console
Start-Process '.\win\build\Docker Desktop Installer.exe' -Wait install
```
If using the Windows Command Prompt:
```console
start /w "" "Docker Desktop Installer.exe" install
```
The install command accepts the following flags:
- `--quiet`: suppresses information output when running the installer
- `--accept-license`: accepts the [Docker Subscription Service Agreement](https://www.docker.com/legal/docker-subscription-service-agreement){: target="_blank" rel="noopener" class="_"} now, rather than requiring it to be accepted when the application is first run
- `--allowed-org=<org name>`: requires the user to sign in and be part of the specified Docker Hub organization when running the application
- `--backend=<backend name>`: selects the backend to use for Docker Desktop, `hyper-v` or `wsl-2` (default)
If your admin account is different to your user account, you must add the user to the **docker-users** group:
```
net localgroup docker-users <user> /add
```
## Start Docker Desktop
Docker Desktop does not start automatically after installation. To start Docker Desktop:

38
desktop/windows/release-notes/index.md
View File

@ -23,8 +23,8 @@ This page contains information about the new features, improvements, known issue
Take a look at the [Docker Public Roadmap](https://github.com/docker/roadmap/projects/1){: target="_blank" rel="noopener" class="_"} to see what's coming next.
## Docker Desktop 4.6.1
2022-03-22
## Docker Desktop 4.7.0
2022-04-07
> Download Docker Desktop
>
@ -32,6 +32,40 @@ Take a look at the [Docker Public Roadmap](https://github.com/docker/roadmap/pro
> Windows](https://desktop.docker.com/win/main/amd64/Docker%20Desktop%20Installer.exe?utm_source=docker&utm_medium=webreferral&utm_campaign=docs-driven-download-win-amd64){:
> .button .primary-btn }
### Security
- Update Docker Engine to v20.10.14 to address [CVE-2022-24769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769){: target="_blank" rel="noopener" class="_"}
- Update containerd to v1.5.11 to address [CVE-2022-24769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769)
### New
- IT Administrators can now install Docker Desktop remotely using the command line. For more information, see [Install Docker Desktop using the command line](../install.md#install-from-the-command-line).
- Add the Docker Software Bill of Materials (SBOM) CLI plugin. The new CLI plugin enables users to generate SBOMs for Docker images. For more information, see [Docker SBOM](../../../engine/sbom/index.md).
- Use [cri-dockerd](https://github.com/Mirantis/cri-dockerd){: target="_blank" rel="noopener" class="_"} for new Kubernetes clusters instead of `dockershim`. The change is transparent from the user's point of view and Kubernetes containers run on the Docker Engine as before. `cri-dockerd` allows Kubernetes to manage Docker containers using the standard [Container Runtime Interface](https://github.com/kubernetes/cri-api#readme){: target="_blank" rel="noopener" class="_"}, the same interface used to control other container runtimes. For more information, see [The Future of Dockershim is cri-dockerd](https://www.mirantis.com/blog/the-future-of-dockershim-is-cri-dockerd/){: target="_blank" rel="noopener" class="_"}.
### Upgrades
- [Docker Engine v20.10.14](https://docs.docker.com/engine/release-notes/#201014)
- [Compose v2.4.1](https://github.com/docker/compose/releases/tag/v2.4.1)
- [Buildx 0.8.2](https://github.com/docker/buildx/releases/tag/v0.8.2)
- [containerd v1.5.11](https://github.com/containerd/containerd/releases/tag/v1.5.11)
- [Go 1.18](https://golang.org/doc/go1.18)
### Bug fixes and minor changes
- Fixed a bug where the Registry Access Management policy was never refreshed after a failure.
- Fixed volume title. Fixes [docker/for-win#12616](https://github.com/docker/for-win/issues/12616).
- Fixed a bug in the WSL 2 integration that caused Docker commands to stop working after restarting Docker Desktop or after switching to Windows containers.
- Logs and terminals in the UI now respect your OS theme in light and dark mode.
- Easily clean up many volumes at once via multi-select checkboxes.
- Improved login feedback.
## Docker Desktop 4.6.1
2022-03-22
> Download Docker Desktop
>
> [For Windows](https://desktop.docker.com/win/main/amd64/76265/Docker%20Desktop%20Installer.exe)
### Upgrades
- [Buildx 0.8.1](https://github.com/docker/buildx/releases/tag/v0.8.1)

13
docker-compose.yml
View File

@ -1,20 +1,15 @@
services:
docs:
# By default, docker-compose up --build builds docs for a development
# By default, docker compose up --build builds docs for a development
# environment (no Google Analytics, omitting some enterprise redirects,
# etc.
# etc.)
#
# To test a "production" build, override the environment using:
#
# JEKYLL_ENV=production docker-compose up --build
# JEKYLL_ENV=production docker compose up --build
build:
args:
# FIXME: docker-compose should behave the same as the docker CLI here
# and if `JEKYLL_ENV` is not set in the current environment, ignore
# the --build-arg, and use the default that's defined in the Dockerfile.
# Setting a default here as a workaround.
# - JEKYLL_ENV
- JEKYLL_ENV=${JEKYLL_ENV:-development}
- JEKYLL_ENV
context: .
image: docs/docstage
ports:

2
docker-hub/index.md
View File

@ -130,7 +130,7 @@ Docker Hub.
1. Download and install [Docker Desktop](../desktop/#download-and-install). If on Linux, download [Docker Engine](../engine/install/).
2. Sign into the Docker Desktop application using the Docker ID you created in Step 1.
2. Sign in to the Docker Desktop application using the Docker ID you created in Step 1.
### Step 4: Build and push a container image to Docker Hub from your computer

2
docker-hub/registry-access-management.md
View File

@ -16,7 +16,7 @@ Registry Access Management is a feature available to organizations with a Docker
To configure Registry Access Management permissions, perform the following steps:
1. Sign into your [Docker Hub](https://hub.docker.com){: target="_blank" rel="noopener" class="_"} account as an organization owner.
2. Select an organization, navigate to the **Settings** tab on the **Organizations** page and click **Org Permissions**.
2. Select an organization, navigate to the **Settings** tab on the **Organizations** page and click **Registry Access**.
3. Enable Registry Access Management to set the permissions for your registry.
> **Note**

97
engine/sbom/index.md Normal file
View File

@ -0,0 +1,97 @@
---
title: Generate the SBOM for Docker images
description: Viewing the Software Bill of Materials (SBOM) for Docker images
keywords: Docker, sbom, Anchore, images, Syft, security
toc_min: 1
toc_max: 2
---
A Software Bill Of Materials (SBOM) is analogous to a packing list for a shipment. It lists all the components that make up the software, or were used to build it. For container images, this includes the operating system packages that are installed (for example, ca-certificates) along with language-specific packages that the software depends on (for example, Log4j). The SBOM could include a subset of this information or even more details, like the versions of components and their source.
> **Warning**
>
> The `docker sbom` command is currently experimental. This may change or be removed from future releases.
{: .warning }
The experimental `docker sbom` command allows you to generate the SBOM of a container image. Today, it does this by scanning the layers of the image using the [Syft project](https://github.com/anchore/syft) but in future it may read the SBOM from the image itself or elsewhere.
## Simple use
To output a tabulated SBOM for an image, use `docker sbom <image>:<tag>`:
```console
$ docker sbom neo4j:4.4.5
Syft v0.43.0
✔ Loaded image
✔ Parsed image
✔ Cataloged packages [385 packages]
NAME VERSION TYPE
...
bsdutils 1:2.36.1-8+deb11u1 deb
ca-certificates 20210119 deb
...
log4j-api 2.17.1 java-archive
log4j-core 2.17.1 java-archive
...
```
The output includes both system packages and software libraries used by applications in the container image.
## Output formatting and saving outputs
You can view the SBOM output in standard formats like [SPDX](https://spdx.dev){: target="_blank" rel="noopener" class="_"} and [CycloneDX](https://cyclonedx.org){: target="_blank" rel="noopener" class="_"} along with the Syft and GitHub formats using the `--format` option.
```console
$ docker sbom --format spdx-json alpine:3.15
{
"SPDXID": "SPDXRef-DOCUMENT",
"name": "alpine-3.15",
"spdxVersion": "SPDX-2.2",
"creationInfo": {
"created": "2022-04-06T21:13:32.035571Z",
"creators": [
"Organization: Anchore, Inc",
"Tool: syft-[not provided]"
],
"licenseListVersion": "3.16"
},
"dataLicense": "CC0-1.0",
"documentNamespace": "https://anchore.com/syft/image/alpine-3.15-4b1b99d8-bbb5-4426-af8e-c510189134ab",
"packages": [
{
"SPDXID": "SPDXRef-1e3f3285636676f3",
"name": "alpine-baselayout",
"licenseConcluded": "GPL-2.0-only",
"description": "Alpine base dir structure and init scripts",
"downloadLocation": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout",
"externalRefs": [
{
...
}
```
These outputs are more verbose and contain more information than the default tabulated output.
By default, the command outputs the SBOM to stdout. You can save the output to a file by specifying one with the `--output` flag.
```console
$ docker sbom --format spdx-json --output sbom.json alpine:3.15
Syft v0.43.0
✔ Loaded image
✔ Parsed image
✔ Cataloged packages [14 packages]
$ cat sbom.json
{
"SPDXID": "SPDXRef-DOCUMENT",
"name": "alpine-3.15",
"spdxVersion": "SPDX-2.2",
...
}
## Feedback
Thanks for trying the Docker SBOM CLI plugin. Wed love to hear from you. You can provide feedback and report any bugs through the Issues tracker in the [docker/[sbom-cli-plugin](https://github.com/docker/sbom-cli-plugin){: target="_blank" rel="noopener" class="_"} GitHub repository.

2
single-sign-on/index.md
View File

@ -109,7 +109,7 @@ The following video walks you through the process of configuring SSO.
### Domain control
Click **Add Domain** and specify the corporate domain youd like to manage with SSO. Domains should be formatted without protocol or www information, for example, yourcompany.com. Docker currently supports multiple domains that are part of your IdP.
Click **Add Domain** and specify the corporate domain youd like to manage with SSO. Domains should be formatted without protocol or www information, for example, yourcompany.com. Docker currently supports multiple domains that are part of your IdP. Make sure that your domain is reachable through email.
> **Note**
>