docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14476 from docker/master 

Publish updates from master
This commit is contained in:
Sebastiaan van Stijn 2022-03-31 16:16:29 +02:00 committed by GitHub
parent d0b486c35c 3534245ac6
commit c9a22b6c54
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 64 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
compose/compose-file/compose-file-v3.md
View File

@ -1798,8 +1798,8 @@ the service's task containers.
specified. specified.
- `mode`: The permissions for the file to be mounted in `/run/secrets/` - `mode`: The permissions for the file to be mounted in `/run/secrets/`
in the service's task containers, in octal notation. For instance, `0444` in the service's task containers, in octal notation. For instance, `0444`
represents world-readable. The default in Docker 1.13.1 is `0000`, but is represents world-readable. The default in Docker 1.13.1 is `0000`, but it is
be `0444` in newer versions. Secrets cannot be writable because they are mounted `0444` in newer versions. Secrets cannot be writable because they are mounted
in a temporary filesystem, so if you set the writable bit, it is ignored. The in a temporary filesystem, so if you set the writable bit, it is ignored. The
executable bit can be set. If you aren't familiar with UNIX file permission executable bit can be set. If you aren't familiar with UNIX file permission
modes, you may find this modes, you may find this

BIN
desktop/linux/.index.md.swp Normal file
View File

Binary file not shown.

60
desktop/linux/index.md
View File

@ -26,9 +26,9 @@ and Debian distributions.
To install Docker Desktop for Linux: To install Docker Desktop for Linux:
1. Set up the [Docker repository](../../engine/install/ubuntu.md#install-using-the-repository). 1. Set up the [Docker repository](../../engine/install/ubuntu.md#install-using-the-repository).
2. Download and install the Debian package: 2. Download and install the Debian package. If you have previously installed one of the preview releases, we recommend that you run `sudo apt remove docker-desktop`:
```console ```console
$ curl https://desktop-stage.docker.com/linux/main/amd64/76677/docker-desktop.deb --output docker-desktop.deb $ curl https://desktop-stage.docker.com/linux/main/amd64/76787/docker-desktop.deb --output docker-desktop.deb
$ sudo apt install ./docker-desktop.deb $ sudo apt install ./docker-desktop.deb
``` ```
@ -84,12 +84,6 @@ API version: 1.41
... ...
``` ```
> **Note:**
>
> Docker Desktop relies on `pass` to store credentials. Before signing in to
> Docker Hub from the Docker Dashboard or the Docker menu, you must initialize `pass`.
> Docker Desktop displays a warning if you've not initialized `pass`.
To enable Docker Desktop to start on login, from the Docker menu, select To enable Docker Desktop to start on login, from the Docker menu, select
**Settings** > **General** > **Start Docker Desktop when you log in**. **Settings** > **General** > **Start Docker Desktop when you log in**.
@ -107,6 +101,54 @@ Alternatively, open a terminal and run:
$ systemctl --user stop docker-desktop $ systemctl --user stop docker-desktop
``` ```
## Credentials management
Docker Desktop relies on [`pass`](https://www.passwordstore.org/){: target="_blank" rel="noopener" class="_"} to store credentials in gpg2-encrypted files.
Before signing in to Docker Hub from the Docker Dashboard or the Docker menu, you must initialize `pass`.
Docker Desktop displays a warning if you've not initialized `pass`.
You can intialize pass by using a gpg key. To generate a gpg key, run:
``` console
$ gpg --generate-key
...
GnuPG needs to construct a user ID to identify your key.
Real name: Molly
Email address: molly@example.com
You selected this USER-ID:
"Molly <molly@example.com>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
...
pub rsa3072 2022-03-31 [SC] [expires: 2024-03-30]
7865BA9185AFA2C26C5B505669FC4F36530097C2
uid Molly <molly@example.com>
sub rsa3072 2022-03-31 [E] [expires: 2024-03-30]
```
To initialize `pass`, run:
```console
molly@ubuntu:~$ pass init 7865BA9185AFA2C26C5B505669FC4F36530097C2
mkdir: created directory '/home/molly/.password-store/'
Password store initialized for 7865BA9185AFA2C26C5B505669FC4F36530097C2
```
Once `pass` is initialized, we can sign in on the Docker Dashboard and pull our private images.
When credentials are used by the Docker CLI or Docker Desktop, a user prompt may pop up for the password you set during the gpg key generation.
```console
$ docker pull molly/privateimage
Using default tag: latest
latest: Pulling from molly/privateimage
3b9cc81c3203: Pull complete
Digest: sha256:3c6b73ce467f04d4897d7a7439782721fd28ec9bf62ea2ad9e81a5fb7fb3ff96
Status: Downloaded newer image for molly/privateimage:latest
docker.io/molly/privateimage:latest
```
## Logs ## Logs
To create and upload a diagnostics bundle: To create and upload a diagnostics bundle:
@ -152,6 +194,8 @@ At the end of the installation process, `apt` displays an error due to installin
N: Download is performed unsandboxed as root, as file '/home/user/Downloads/docker-desktop.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) N: Download is performed unsandboxed as root, as file '/home/user/Downloads/docker-desktop.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
``` ```
If you have installed one of the previous releases and reinstall the new package over it (as opposed to removing the old package explicitly), you need to make sure that `~/.config/systemd/user/docker-desktop.service` and `~/.local/share/systemd/user/docker-desktop.service` are removed.
## Why Docker Desktop for Linux runs a VM ## Why Docker Desktop for Linux runs a VM
Docker Desktop for Linux runs a Virtual Machine (VM) for the following reasons: Docker Desktop for Linux runs a Virtual Machine (VM) for the following reasons:

28
docker-hub/access-tokens.md
View File

@ -4,15 +4,13 @@ description: Learn how to create and manage your personal Docker Hub access toke
keywords: docker hub, hub, security, PAT, personal access token keywords: docker hub, hub, security, PAT, personal access token
--- ---
Docker Hub lets you create personal access tokens as alternatives to your password. You can use tokens to Docker Hub lets you create personal access tokens as alternatives to your password. You can use tokens to access Hub images from the Docker CLI.
access Hub images from the Docker CLI.
Using personal access tokens provides some advantages over a password: Using personal access tokens provides some advantages over a password:
* You can investigate the last usage of the access token and disable or delete * You can investigate the last usage of the access token and disable or delete
it if you find any suspicious activity. it if you find any suspicious activity.
* When using an access token, you can't perform any admin activity on the account, * When using an access token, you can't perform any admin activity on the account, including changing the password. It protects your account if your computer is compromised.
including changing the password. It protects your account if your computer is compromised.
Docker provides a [Docker Hub CLI](https://github.com/docker/hub-tool#readme){: target="_blank" rel="noopener" class="_"} Docker provides a [Docker Hub CLI](https://github.com/docker/hub-tool#readme){: target="_blank" rel="noopener" class="_"}
tool (currently experimental) and an API that allows you to interact with Docker Hub. Browse tool (currently experimental) and an API that allows you to interact with Docker Hub. Browse
@ -57,24 +55,12 @@ To create your access token:
![PAT Menu](images/hub-create-token.png){:width="700px"} ![PAT Menu](images/hub-create-token.png){:width="700px"}
The access permissions are scopes that set restrictions in your The access permissions are scopes that set restrictions in your
repositories. For example, for Read & Write permissions, an automation repositories. For example, for Read & Write permissions, an automation
pipeline can build an image and then push it to a repository. However, it pipeline can build an image and then push it to a repository. However, it
can not delete the repository. can not delete the repository.
5. The table below lists the tokens available in each subscription: 5. Copy the token that appears on the screen and save it. You will not be able
| Feature | Personal | Pro | Team | Business |
| --------------------- | ---- | ----- | ----- |----- |
| Personal Access Tokens (read, write, delete scope only)* |![yes](/images/green-check.svg)| ![yes](/images/green-check.svg) |![yes](/images/green-check.svg) |![yes](/images/green-check.svg)|
| Scoped Personal Access Tokens | |![yes](/images/green-check.svg)| ![yes](/images/green-check.svg)|![yes](/images/green-check.svg)|
| Unlimited Personal Access Tokens | | | ![yes](/images/green-check.svg)|![yes](/images/green-check.svg)|
*You can create 1 access token as part of the Docker Personal subscription, 5 tokens as part of Docker Pro, and Unlimited tokens as part of Docker Team and Business subscriptions.
For more information, see [Docker Pricing](https://www.docker.com/pricing?utm_source=docker&utm_medium=webreferral&utm_campaign=docs_driven_upgrade){: target="_blank" rel="noopener" class="_"}.
6. Copy the token that appears on the screen and save it. You will not be able
to retrieve the token once you close this prompt. to retrieve the token once you close this prompt.
![Copy Token](images/hub-copy-token.png){:width="700px"} ![Copy Token](images/hub-copy-token.png){:width="700px"}

2
docker-hub/onboarding-faqs.md
View File

@ -29,7 +29,7 @@ manage users, teams, and repositories in the organization. [Learn more](orgs.md)
### How many organizations can I create? ### How many organizations can I create?
You can create multiple organizations. However, if youre enabling SSO and have multiple organizations, each organization must have a domain associated with it. To begin, you should set up your first organization and contact the Customer Success team at customer-success@docker.com to add the additional organizations. Also, if you are enabling SSO, it is configured based on your domain, not your organization.
### Whats a team? ### Whats a team?

4
subscription/index.md
View File

@ -32,7 +32,7 @@ The following sections provide an overview of each tier. To compare features ava
Docker Personal is the new name for the Docker Free subscription. With its focus on the open-source communities, individual developers, education, and small businesses, Docker Personal will continue to allow free use of Docker components - including the Docker CLI, Docker Compose, Docker Engine, Docker Desktop, Docker Hub, Kubernetes, Docker Build and Docker BuildKit, Docker Official Images, Docker Scan, and more. Docker Personal is the new name for the Docker Free subscription. With its focus on the open-source communities, individual developers, education, and small businesses, Docker Personal will continue to allow free use of Docker components - including the Docker CLI, Docker Compose, Docker Engine, Docker Desktop, Docker Hub, Kubernetes, Docker Build and Docker BuildKit, Docker Official Images, Docker Scan, and more.
Docker Personal includes unlimited public repositories and unlimited collaborators for public repositories at no cost per month. Docker Personal includes unlimited public repositories, unlimmited [Scoped Access Tokens](../docker-hub/access-tokens.md), and unlimited collaborators for public repositories at no cost per month.
For a list of features available in each tier, see [Docker Pricing](https://www.docker.com/pricing/){: target="_blank" rel="noopener" class="_" id="dkr_docs_subscription_btl"}. For a list of features available in each tier, see [Docker Pricing](https://www.docker.com/pricing/){: target="_blank" rel="noopener" class="_" id="dkr_docs_subscription_btl"}.
@ -40,7 +40,7 @@ For a list of features available in each tier, see [Docker Pricing](https://www.
**Docker Pro** enables individual developers to get more control of their development environment and provides an integrated and reliable developer experience. It reduces the amount of time developers spend on mundane and repetitive tasks and empowers developers to spend more time creating value for their customers. **Docker Pro** enables individual developers to get more control of their development environment and provides an integrated and reliable developer experience. It reduces the amount of time developers spend on mundane and repetitive tasks and empowers developers to spend more time creating value for their customers.
Docker Pro includes all the features available in Personal, additionally, it includes unlimited private repositories, unlimited public repositories, unlimited [collaborators](../docker-hub/repos.md#collaborators-and-their-role) for public repositories, [Auto Builds](../docker-hub/builds/index.md) with 5 concurrent builds, 300 [Hub Vulnerability Scans](../docker-hub/vulnerability-scanning.md), 5 [Scoped Access Tokens](../docker-hub/access-tokens.md), and more. Docker Pro includes all the features available in Personal, additionally, it includes unlimited private repositories, unlimited public repositories, unlimited [collaborators](../docker-hub/repos.md#collaborators-and-their-role) for public repositories, [Auto Builds](../docker-hub/builds/index.md) with 5 concurrent builds, 300 [Hub Vulnerability Scans](../docker-hub/vulnerability-scanning.md), unlimited [Scoped Access Tokens](../docker-hub/access-tokens.md), and more.
For a list of features available in each tier, see [Docker Pricing](https://www.docker.com/pricing/){: target="_blank" rel="noopener" class="_" id="dkr_docs_subscription_btl"}. For a list of features available in each tier, see [Docker Pricing](https://www.docker.com/pricing/){: target="_blank" rel="noopener" class="_" id="dkr_docs_subscription_btl"}.