mirror of https://github.com/docker/docs.git
Engdocs 1912 - Freshness (#18913)
* security * faqs * one-off pages * extension api * Update content/desktop/extensions-sdk/dev/api/reference/interfaces/ExecStreamOptions.md Co-authored-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --------- Co-authored-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This commit is contained in:
parent
9970f81c0d
commit
cc62fb5887
|
@ -23,6 +23,7 @@ console.log(output);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -54,6 +55,7 @@ window.ddClient.backend
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [get](HttpService.md#get) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -82,6 +84,7 @@ window.ddClient.backend
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [post](HttpService.md#post) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -111,6 +114,7 @@ window.ddClient.backend
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [put](HttpService.md#put) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -140,6 +144,7 @@ window.ddClient.backend
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [patch](HttpService.md#patch) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -169,6 +174,7 @@ window.ddClient.backend
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [delete](HttpService.md#delete) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -197,6 +203,7 @@ window.ddClient.backend
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [head](HttpService.md#head) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -225,6 +232,7 @@ window.ddClient.backend
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [request](HttpService.md#request) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -258,6 +266,7 @@ console.log(output);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [exec](ExtensionCli.md#exec) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -294,6 +303,7 @@ window.ddClient.spawnInVMExtension(
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
|
|
@ -18,7 +18,7 @@ Allows opening native dialog boxes.
|
|||
|
||||
▸ **showOpenDialog**(`dialogProperties`): `Promise`<[`OpenDialogResult`](OpenDialogResult.md)\>
|
||||
|
||||
Display a native open dialog, allowing to select a file or a folder.
|
||||
Display a native open dialog. Lets you select a file or a folder.
|
||||
|
||||
```typescript
|
||||
ddClient.desktopUI.dialog.showOpenDialog({properties: ['openFile']});
|
||||
|
|
|
@ -16,7 +16,7 @@ skip_read_time: true
|
|||
|
||||
• `Readonly` **cli**: [`DockerCommand`](DockerCommand.md)
|
||||
|
||||
You can also directly execute the docker binary.
|
||||
You can also directly execute the Docker binary.
|
||||
|
||||
```typescript
|
||||
const output = await ddClient.docker.cli.exec("volume", [
|
||||
|
@ -39,7 +39,7 @@ For convenience, the command result object also has methods to easily parse it d
|
|||
|
||||
---
|
||||
|
||||
Streams the output as a result of the execution of a docker command.
|
||||
Streams the output as a result of the execution of a Docker command.
|
||||
It is useful when the output of the command is too long, or you need to get the output as a stream.
|
||||
|
||||
```typescript
|
||||
|
|
|
@ -23,6 +23,7 @@ The client is already connected to the backend.
|
|||
>**Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [extension](DockerDesktopClient.md#extension) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Inherited from
|
||||
|
||||
|
@ -90,6 +91,7 @@ const containers = await window.ddClient.listContainers();
|
|||
>**Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [listContainers](Docker.md#listcontainers) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -122,6 +124,7 @@ const images = await window.ddClient.listImages();
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [listImages](Docker.md#listimages) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -145,7 +148,7 @@ ___
|
|||
|
||||
▸ **navigateToContainers**(): `void`
|
||||
|
||||
Navigate to the containers window in Docker Desktop.
|
||||
Navigate to the container's window in Docker Desktop.
|
||||
```typescript
|
||||
window.ddClient.navigateToContainers();
|
||||
```
|
||||
|
@ -153,6 +156,7 @@ window.ddClient.navigateToContainers();
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [viewContainers](NavigationIntents.md#viewcontainers) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Returns
|
||||
|
||||
|
@ -176,6 +180,7 @@ await window.ddClient.navigateToContainer(id);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -207,6 +212,7 @@ await window.ddClient.navigateToContainerLogs(id);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -238,6 +244,7 @@ await window.ddClient.navigateToContainerInspect(id);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -270,6 +277,7 @@ await window.ddClient.navigateToContainerStats(id);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -301,6 +309,7 @@ await window.ddClient.navigateToImages(id);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [viewImages](NavigationIntents.md#viewimages) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Returns
|
||||
|
||||
|
@ -326,6 +335,7 @@ await window.ddClient.navigateToImage(id, tag);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [viewImage](NavigationIntents.md#viewimage) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -359,6 +369,7 @@ await window.ddClient.navigateToVolumes();
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [viewVolumes](NavigationIntents.md#viewvolumes) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Returns
|
||||
|
||||
|
@ -383,6 +394,7 @@ window.ddClient.navigateToVolume(volume);
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [viewVolume](NavigationIntents.md#viewvolume) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -413,6 +425,7 @@ window.ddClient.navigateToDevEnvironments();
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [viewDevEnvironments](NavigationIntents.md#viewdevenvironments) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Returns
|
||||
|
||||
|
@ -441,6 +454,7 @@ window.ddClient.execHostCmd(`cliShippedOnHost xxx`).then((cmdResult: any) => {
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [exec](ExtensionCli.md#exec) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -462,7 +476,7 @@ ___
|
|||
|
||||
▸ **spawnHostCmd**(`cmd`, `args`, `callback`): `void`
|
||||
|
||||
Invoke an extension binary on your host and getting the output stream.
|
||||
Invoke an extension binary on your host and get the output stream.
|
||||
|
||||
```typescript
|
||||
window.ddClient.spawnHostCmd(
|
||||
|
@ -481,6 +495,7 @@ window.ddClient.spawnHostCmd(
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [exec](ExtensionCli.md#exec) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -504,7 +519,7 @@ ___
|
|||
|
||||
▸ **execDockerCmd**(`cmd`, `...args`): `Promise`<[`ExecResultV0`](ExecResultV0.md)\>
|
||||
|
||||
You can also directly execute the docker binary.
|
||||
You can also directly execute the Docker binary.
|
||||
|
||||
```typescript
|
||||
const output = await window.ddClient.execDockerCmd("info");
|
||||
|
@ -513,6 +528,7 @@ const output = await window.ddClient.execDockerCmd("info");
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [exec](DockerCommand.md#exec) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -535,8 +551,8 @@ The result will contain both the standard output and the standard error of the e
|
|||
For convenience, the command result object also has methods to easily parse it depending on the output format:
|
||||
|
||||
- `output.lines(): string[]` splits output lines.
|
||||
- `output.parseJsonObject(): any` parses a well-formed json output.
|
||||
- `output.parseJsonLines(): any[]` parses each output line as a json object.
|
||||
- `output.parseJsonObject(): any` parses a well-formed JSON output.
|
||||
- `output.parseJsonLines(): any[]` parses each output line as a JSON object.
|
||||
|
||||
If the output of the command is too long, or you need to get the output as a stream you can use the
|
||||
* spawnDockerCmd function:
|
||||
|
@ -560,6 +576,7 @@ ___
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [exec](DockerCommand.md#exec) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -592,12 +609,13 @@ window.ddClient.openExternal("https://docker.com");
|
|||
**Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [openExternal](Host.md#openexternal) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
| Name | Type | Description |
|
||||
| :------ | :------ | :------ |
|
||||
| `url` | `string` | The URL the browser will open (must have the protocol `http` or `https`). |
|
||||
| `url` | `string` | The URL the browser opens (must have the protocol `http` or `https`). |
|
||||
|
||||
#### Returns
|
||||
|
||||
|
@ -624,6 +642,7 @@ window.ddClient.toastSuccess("message");
|
|||
>**Warning`**
|
||||
>
|
||||
> It will be removed in a future version. Use [success](Toast.md#success) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -654,6 +673,7 @@ window.ddClient.toastWarning("message");
|
|||
> **Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [warning](Toast.md#warning) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
@ -684,6 +704,7 @@ window.ddClient.toastError("message");
|
|||
>**Warning**
|
||||
>
|
||||
> It will be removed in a future version. Use [error](Toast.md#error) instead.
|
||||
{ .warning }
|
||||
|
||||
#### Parameters
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ to true. The callback is then invoked once for each line.
|
|||
|
||||
| Name | Type | Description |
|
||||
| :------ | :------ | :------ |
|
||||
| `data` | { `stdout`: `string` ; `stderr?`: `undefined` } \| { `stdout?`: `undefined` ; `stderr`: `string` } | output content. Can include either stdout string, or stderr string, one at a time. |
|
||||
| `data` | `{ stdout: string; stderr?: undefined } \| { stdout?: undefined; stderr: string }` | Output content. Can include either stdout string, or stderr string, one at a time. |
|
||||
|
||||
##### Returns
|
||||
|
||||
|
@ -55,7 +55,7 @@ Invoked to report error if the executed command errors.
|
|||
|
||||
| Name | Type | Description |
|
||||
| :------ | :------ | :------ |
|
||||
| `error` | `any` | the error happening in the executed command |
|
||||
| `error` | `any` | The error happening in the executed command |
|
||||
|
||||
##### Returns
|
||||
|
||||
|
@ -77,7 +77,7 @@ Invoked when process exits.
|
|||
|
||||
| Name | Type | Description |
|
||||
| :------ | :------ | :------ |
|
||||
| `exitCode` | `number` | the process exit code |
|
||||
| `exitCode` | `number` | The process exit code |
|
||||
|
||||
##### Returns
|
||||
|
||||
|
|
|
@ -18,7 +18,7 @@ skip_read_time: true
|
|||
|
||||
Executes a command in the host.
|
||||
|
||||
For example, execute the shipped binary `kubectl -h` command in the **host**:
|
||||
For example, execute the shipped binary `kubectl -h` command in the host:
|
||||
|
||||
```typescript
|
||||
await ddClient.extension.host.cli.exec("kubectl", ["-h"]);
|
||||
|
@ -28,7 +28,7 @@ await ddClient.extension.host.cli.exec("kubectl", ["-h"]);
|
|||
|
||||
Streams the output of the command executed in the backend container or in the host.
|
||||
|
||||
Provided the `kubectl` binary is shipped as part of your extension, you can spawn the `kubectl -h` command in the **host**:
|
||||
Provided the `kubectl` binary is shipped as part of your extension, you can spawn the `kubectl -h` command in the host:
|
||||
|
||||
```typescript
|
||||
await ddClient.extension.host.cli.exec("kubectl", ["-h"], {
|
||||
|
|
|
@ -18,7 +18,7 @@ skip_read_time: true
|
|||
|
||||
Executes a command in the backend container.
|
||||
|
||||
Example: Execute the command `ls -l` inside the **backend container**:
|
||||
Example: Execute the command `ls -l` inside the backend container:
|
||||
|
||||
```typescript
|
||||
await ddClient.extension.vm.cli.exec(
|
||||
|
@ -29,12 +29,12 @@ await ddClient.extension.vm.cli.exec(
|
|||
|
||||
Streams the output of the command executed in the backend container.
|
||||
|
||||
When the extension defines its own `docker-compose.yaml` file
|
||||
When the extension defines its own `compose.yaml` file
|
||||
with multiple containers, the command is executed on the first container defined.
|
||||
Change the order in which containers are defined to execute commands on another
|
||||
container.
|
||||
|
||||
Example: Spawn the command `ls -l` inside the **backend container**:
|
||||
Example: Spawn the command `ls -l` inside the backend container:
|
||||
|
||||
```typescript
|
||||
await ddClient.extension.vm.cli.exec("ls", ["-l"], {
|
||||
|
|
|
@ -16,7 +16,7 @@ skip_read_time: true
|
|||
|
||||
▸ **viewContainers**(): `Promise`<`void`\>
|
||||
|
||||
Navigate to the containers window in Docker Desktop.
|
||||
Navigate to the **Containers** tab in Docker Desktop.
|
||||
|
||||
```typescript
|
||||
ddClient.desktopUI.navigate.viewContainers()
|
||||
|
@ -32,7 +32,7 @@ ___
|
|||
|
||||
▸ **viewContainer**(`id`): `Promise`<`void`\>
|
||||
|
||||
Navigate to the container window in Docker Desktop.
|
||||
Navigate to the **Container** tab in Docker Desktop.
|
||||
|
||||
```typescript
|
||||
await ddClient.desktopUI.navigate.viewContainer(id)
|
||||
|
@ -56,7 +56,7 @@ ___
|
|||
|
||||
▸ **viewContainerLogs**(`id`): `Promise`<`void`\>
|
||||
|
||||
Navigate to the container logs window in Docker Desktop.
|
||||
Navigate to the **Container logs** tab in Docker Desktop.
|
||||
|
||||
```typescript
|
||||
await ddClient.desktopUI.navigate.viewContainerLogs(id)
|
||||
|
@ -80,7 +80,7 @@ ___
|
|||
|
||||
▸ **viewContainerInspect**(`id`): `Promise`<`void`\>
|
||||
|
||||
Navigate to the container inspect window in Docker Desktop.
|
||||
Navigate to the **Inspect container** view in Docker Desktop.
|
||||
|
||||
```typescript
|
||||
await ddClient.desktopUI.navigate.viewContainerInspect(id)
|
||||
|
@ -158,7 +158,7 @@ ___
|
|||
|
||||
▸ **viewImages**(): `Promise`<`void`\>
|
||||
|
||||
Navigate to the images window in Docker Desktop.
|
||||
Navigate to the **Images** tab in Docker Desktop.
|
||||
|
||||
```typescript
|
||||
await ddClient.desktopUI.navigate.viewImages()
|
||||
|
@ -220,7 +220,7 @@ ___
|
|||
|
||||
▸ **viewVolumes**(): `Promise`<`void`\>
|
||||
|
||||
Navigate to the volumes window in Docker Desktop.
|
||||
Navigate to the **Volumes** tab in Docker Desktop.
|
||||
|
||||
```typescript
|
||||
ddClient.desktopUI.navigate.viewVolumes()
|
||||
|
|
|
@ -32,4 +32,4 @@ ___
|
|||
|
||||
• `Optional` `Readonly` **bookmarks**: `string`[]
|
||||
|
||||
macOS only- An array matching the filePaths array of base64 encoded strings which contains security scoped bookmark data. securityScopedBookmarks must be enabled for this to be populated
|
||||
macOS only. An array matching the `filePaths` array of `base64` encoded strings which contains security scoped bookmark data. `securityScopedBookmarks` must be enabled for this to be populated.
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
description: Frequently asked questions for all platforms
|
||||
description: Frequently asked Docker Desktop questions for all platforms
|
||||
keywords: desktop, mac, windows, faqs
|
||||
title: General FAQs for Desktop
|
||||
aliases:
|
||||
|
@ -43,30 +43,27 @@ No, there is no constraint on how each extension should be licensed, this is up
|
|||
|
||||
Yes, you can use Docker Desktop offline. However, you
|
||||
cannot access features that require an active internet
|
||||
connection. Additionally, any functionality that requires you to sign won't work while using Docker Desktop offline or in air-gapped environments.
|
||||
connection. Additionally, any functionality that requires you to sign in won't work while using Docker Desktop offline or in air-gapped environments.
|
||||
This includes:
|
||||
|
||||
- The resources in the [Learning Center](../use-desktop/index.md)
|
||||
- Pulling or pushing an image to Docker Hub
|
||||
- [Image Access Management](../../security/for-developers/access-tokens.md)
|
||||
- [Vulnerability scanning](../../docker-hub/vulnerability-scanning.md)
|
||||
- [Static vulnerability scanning](../../docker-hub/vulnerability-scanning.md)
|
||||
- Viewing remote images in the Docker Dashboard
|
||||
- Setting up [Dev Environments](../dev-environments/index.md)
|
||||
- Docker build when using [BuildKit](../../build/buildkit/index.md#getting-started).
|
||||
- Docker Build when using [BuildKit](../../build/buildkit/index.md#getting-started).
|
||||
You can work around this by disabling BuildKit. Run `DOCKER_BUILDKIT=0 docker build .` to disable BuildKit.
|
||||
- Deploying an app to the cloud through the Docker Compose
|
||||
[ACI and ECS](https://github.com/docker/compose-cli/tree/main/docs) integrations
|
||||
- [Kubernetes](../kubernetes.md) (Images are download when you enable Kubernetes for the first time)
|
||||
- Check for updates
|
||||
- Checking for updates
|
||||
- [In-app diagnostics](../troubleshoot/overview.md#diagnose-from-the-app) (including the [Self-diagnose tool](../troubleshoot/overview.md#diagnose-from-the-app))
|
||||
- Tip of the week
|
||||
- Sending usage statistics
|
||||
|
||||
### Where can I find information about diagnosing and troubleshooting Docker Desktop issues?
|
||||
|
||||
You can find information about diagnosing and troubleshooting common issues in the [Troubleshooting topic](../troubleshoot/overview.md).
|
||||
|
||||
If you do not find a solution in troubleshooting, browse the Github repositories or create a new issue:
|
||||
If you do not find a solution in troubleshooting, browse the GitHub repositories or create a new issue:
|
||||
|
||||
- [docker/for-mac](https://github.com/docker/for-mac/issues)
|
||||
- [docker/for-win](https://github.com/docker/for-win/issues)
|
||||
|
@ -103,7 +100,7 @@ For more information and examples, see [how to connect from a container to a ser
|
|||
|
||||
### Can I pass through a USB device to a container?
|
||||
|
||||
Unfortunately, it is not possible to pass through a USB device (or a
|
||||
It is not possible to pass through a USB device (or a
|
||||
serial port) to a container as it requires support at the hypervisor level.
|
||||
|
||||
### Can I run Docker Desktop in nested virtualization scenarios?
|
||||
|
@ -118,8 +115,9 @@ or have some visual artifacts.
|
|||
|
||||
To work around this issue, disable hardware acceleration by creating a `"disableHardwareAcceleration": true` entry in Docker Desktop's `settings.json` file. You can find this file at:
|
||||
|
||||
- **Mac**: `~/Library/Group Containers/group.com.docker/settings.json`
|
||||
- **Windows**: `C:\Users\[USERNAME]\AppData\Roaming\Docker\settings.json`
|
||||
- Mac: `~/Library/Group Containers/group.com.docker/settings.json`
|
||||
- Windows: `C:\Users\[USERNAME]\AppData\Roaming\Docker\settings.json`
|
||||
- Linux: `~/.docker/desktop/settings.json.`
|
||||
|
||||
After updating the `settings.json` file, close and restart Docker Desktop to apply the changes.
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
description: Frequently asked questions
|
||||
description: Frequently asked questions for Docker Desktop for Linux
|
||||
keywords: desktop, linux, faqs
|
||||
title: FAQs for Linux
|
||||
title: FAQs for Docker Desktop for Linux
|
||||
aliases:
|
||||
- /desktop/linux/space/
|
||||
---
|
||||
|
@ -92,32 +92,32 @@ Refer to the [Docker Context documentation](../../engine/context/working-with-co
|
|||
|
||||
Docker Desktop for Linux runs a Virtual Machine (VM) for the following reasons:
|
||||
|
||||
1. **To ensure that Docker Desktop provides a consistent experience across platforms**.
|
||||
1. To ensure that Docker Desktop provides a consistent experience across platforms.
|
||||
|
||||
During research, the most frequently cited reason for users wanting Docker Desktop for Linux (DD4L) was to ensure a consistent Docker Desktop
|
||||
During research, the most frequently cited reason for users wanting Docker Desktop for Linux was to ensure a consistent Docker Desktop
|
||||
experience with feature parity across all major operating systems. Utilizing
|
||||
a VM ensures that the Docker Desktop experience for Linux users will closely
|
||||
match that of Windows and macOS.
|
||||
|
||||
2. **To make use of new kernel features**
|
||||
2. To make use of new kernel features.
|
||||
|
||||
Sometimes we want to make use of new operating system features. Because we control the kernel and the OS inside the VM, we can roll these out to all users immediately, even to users who are intentionally sticking on an LTS version of their machine OS.
|
||||
|
||||
3. **To enhance security**
|
||||
3. To enhance security.
|
||||
|
||||
Container image vulnerabilities pose a security risk for the host environment. There is a large number of unofficial images that are not guaranteed to be verified for known vulnerabilities. Malicious users can push images to public registries and use different methods to trick users into pulling and running them. The VM approach mitigates this threat as any malware that gains root privileges is restricted to the VM environment without access to the host.
|
||||
|
||||
Why not run rootless Docker? Although this has the benefit of superficially limiting access to the root user so everything looks safer in "top", it allows unprivileged users to gain `CAP_SYS_ADMIN` in their own user namespace and access kernel APIs which are not expecting to be used by unprivileged users, resulting in [vulnerabilities](https://www.openwall.com/lists/oss-security/2022/01/18/7).
|
||||
|
||||
4. **To provide the benefits of feature parity and enhanced security, with minimal impact on performance**
|
||||
4. To provide the benefits of feature parity and enhanced security, with minimal impact on performance.
|
||||
|
||||
The VM utilized by DD4L uses [`virtiofs`](https://virtio-fs.gitlab.io), a shared file system that allows virtual machines to access a directory tree located on the host. Our internal benchmarking shows that with the right resource allocation to the VM, near native file system performance can be achieved with virtiofs.
|
||||
The VM utilized by Docker Desktop for Linux uses [`VirtioFS`](https://virtio-fs.gitlab.io), a shared file system that allows virtual machines to access a directory tree located on the host. Our internal benchmarking shows that with the right resource allocation to the VM, near native file system performance can be achieved with VirtioFS.
|
||||
|
||||
As such, we have adjusted the default memory available to the VM in DD4L. You can tweak this setting to your specific needs by using the **Memory** slider within the **Settings** > **Resources** tab of Docker Desktop.
|
||||
As such, we have adjusted the default memory available to the VM in Docker Desktop for Linux. You can tweak this setting to your specific needs by using the **Memory** slider within the **Settings** > **Resources** tab of Docker Desktop.
|
||||
|
||||
### How do I enable file sharing?
|
||||
|
||||
Docker Desktop for Linux uses [virtiofs](https://virtio-fs.gitlab.io/) as the
|
||||
Docker Desktop for Linux uses [VirtioFS](https://virtio-fs.gitlab.io/) as the
|
||||
default (and currently only) mechanism to enable file sharing between the host
|
||||
and Docker Desktop VM. In order not to require elevated privileges, without
|
||||
unnecessarily restricting operations on the shared files, Docker Desktop runs
|
||||
|
@ -210,7 +210,7 @@ Alternatively, to list images, run:
|
|||
$ docker image ls
|
||||
```
|
||||
|
||||
and then, to list containers, run:
|
||||
To list containers, run:
|
||||
|
||||
```console
|
||||
$ docker container ls -a
|
||||
|
@ -256,4 +256,4 @@ To reduce the maximum size of the disk image file:
|
|||
|
||||
3. Select **Apply & Restart**.
|
||||
|
||||
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images will be lost.
|
||||
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images are lost.
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
description: Frequently asked questions
|
||||
description: Frequently asked questions for Docker Desktop for Mac
|
||||
keywords: desktop, mac, faqs
|
||||
title: FAQs for Mac
|
||||
title: FAQs for Docker Desktop for Mac
|
||||
aliases:
|
||||
- /desktop/mac/space/
|
||||
- /docker-for-mac/space/
|
||||
|
@ -26,7 +26,7 @@ HyperKit is thinner than VirtualBox and VMWare fusion, and the version included
|
|||
|
||||
The privileged helper process `com.docker.vmnetd` is started by `launchd` and
|
||||
runs in the background. The process does not consume any resources unless
|
||||
Docker.app connects to it, so it's safe to ignore.
|
||||
`Docker.app` connects to it, so it's safe to ignore.
|
||||
|
||||
### Where does Docker Desktop store Linux containers and images?
|
||||
Docker Desktop stores Linux containers and images in a single, large "disk image" file in the Mac filesystem. This is different from Docker on Linux, which usually stores containers and images in the `/var/lib/docker` directory.
|
||||
|
@ -55,7 +55,10 @@ To move the disk image file to a different location:
|
|||
|
||||
3. Select **Apply & Restart** for the changes to take effect.
|
||||
|
||||
Do not move the file directly in Finder as this can cause Docker Desktop to lose track of the file.
|
||||
>**Important**
|
||||
>
|
||||
> Do not move the file directly in Finder as this can cause Docker Desktop to lose track of the file.
|
||||
{ .important }
|
||||
|
||||
##### How do I delete unnecessary containers and images?
|
||||
|
||||
|
@ -71,7 +74,7 @@ Alternatively, to list images, run:
|
|||
$ docker image ls
|
||||
```
|
||||
|
||||
and then, to list containers, run:
|
||||
To list containers, run:
|
||||
|
||||
```console
|
||||
$ docker container ls -a
|
||||
|
@ -85,10 +88,10 @@ $ docker system prune
|
|||
|
||||
This command removes all stopped containers, unused networks, dangling images, and build cache.
|
||||
|
||||
It might take a few minutes to reclaim space on the host depending on the format of the disk image file:
|
||||
It might take a few minutes to reclaim space on the host depending on the format of the disk image file. If the file is name:
|
||||
|
||||
- If the file is named `Docker.raw`: space on the host should be reclaimed within a few seconds.
|
||||
- If the file is named `Docker.qcow2`: space will be freed by a background process after a few minutes.
|
||||
- `Docker.raw`, space on the host is reclaimed within a few seconds.
|
||||
- `Docker.qcow2`, space is freed by a background process after a few minutes.
|
||||
|
||||
Space is only freed when images are deleted. Space is not freed automatically when files are deleted inside running containers. To trigger a space reclamation at any point, run the command:
|
||||
|
||||
|
@ -117,7 +120,7 @@ To reduce the maximum size of the disk image file:
|
|||
|
||||
3. Select **Apply & Restart**.
|
||||
|
||||
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images will be lost.
|
||||
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images are lost.
|
||||
|
||||
### How do I add TLS certificates?
|
||||
|
||||
|
@ -221,7 +224,7 @@ in the Docker Engine topics.
|
|||
|
||||
### How do I install shell completion?
|
||||
|
||||
Docker Desktop comes with scripts to enable completion for the `docker` and `docker-compose` commands. The completion scripts may be
|
||||
Docker Desktop comes with scripts to enable completion for the `docker` and `docker compose` commands. The completion scripts may be
|
||||
found inside `Docker.app`, in the `Contents/Resources/etc/` directory and can be
|
||||
installed both in Bash and Zsh.
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
description: Frequently asked questions for all platforms
|
||||
description: Frequently asked Docker Desktop questions for all platforms
|
||||
keywords: desktop, mac, windows, faqs
|
||||
title: FAQs on Docker Desktop releases
|
||||
---
|
||||
|
@ -14,7 +14,7 @@ Each Docker Desktop release is also delivered as a full installer for new users.
|
|||
|
||||
### How frequent will new releases be?
|
||||
|
||||
New releases are available roughly monthly, unless there are critical fixes that need to be released sooner.
|
||||
New releases are available roughly every month, unless there are critical fixes that need to be released sooner.
|
||||
|
||||
### How do I ensure that all users on my team are using the same version?
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
description: Frequently asked questions
|
||||
description: Frequently asked questions for Docker Desktop for Windows
|
||||
keywords: desktop, windows, faqs
|
||||
title: FAQs for Windows
|
||||
title: FAQs for Docker Desktop for Windows
|
||||
---
|
||||
|
||||
### Can I use VirtualBox alongside Docker Desktop?
|
||||
|
@ -58,7 +58,7 @@ See the [Stack Overflow post](https://stackoverflow.com/questions/67746843/clear
|
|||
|
||||
### How do I add custom CA certificates?
|
||||
|
||||
You can add trusted **Certificate Authorities (CAs)** to your Docker daemon to verify registry server certificates, and **client certificates**, to authenticate to registries.
|
||||
You can add trusted Certificate Authorities (CAs) to your Docker daemon to verify registry server certificates, and client certificates, to authenticate to registries.
|
||||
|
||||
Docker Desktop supports all trusted Certificate Authorities (CAs) (root or
|
||||
intermediate). Docker recognizes certs stored under Trust Root
|
||||
|
@ -84,7 +84,7 @@ directory on Moby (the Docker Desktop virtual machine running on Hyper-V).
|
|||
You need to restart Docker Desktop after making any changes to the keychain
|
||||
or to the `~/.docker/certs.d` directory in order for the changes to take effect.
|
||||
|
||||
The registry cannot be listed as an _insecure registry_ (see
|
||||
The registry cannot be listed as an insecure registry (see
|
||||
[Docker Daemon](../settings/windows.md#docker-engine)). Docker Desktop ignores
|
||||
certificates listed under insecure registries, and does not send client
|
||||
certificates. Commands like `docker run` that attempt to pull from the registry
|
||||
|
@ -116,9 +116,9 @@ For more information on Windows containers, refer to the following documentation
|
|||
- To understand how to connect to Windows containers from the local host, see
|
||||
[I want to connect to a container from Windows](../networking.md#i-want-to-connect-to-a-container-from-the-host)
|
||||
|
||||
> Settings dialog changes with Windows containers
|
||||
> **Note**
|
||||
>
|
||||
> When you switch to Windows containers, the Settings dialog only shows those tabs that are active and apply to your Windows containers:
|
||||
> When you switch to Windows containers, **Settings** only shows those tabs that are active and apply to your Windows containers. These are:
|
||||
>
|
||||
> * [General](../settings/windows.md#general)
|
||||
> * [Proxies](../settings/windows.md#proxies)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
title: Product release lifecycle
|
||||
description: describes to users the various stages of feature lifecycle from beta
|
||||
title: Docker's product release lifecycle
|
||||
description: Describes the various stages of feature lifecycle from beta
|
||||
to GA.
|
||||
keywords: beta, GA, Early Access,
|
||||
---
|
||||
|
@ -26,7 +26,7 @@ Experimental offerings are features that Docker is currently experimenting with.
|
|||
|
||||
**Customer availability:** Availability of experimental features is limited. A portion of users may have access to none, one or many experimental features.
|
||||
|
||||
**Support:** Support for Experimental features is best effort via Community support channels and forums.
|
||||
**Support:** Support for experimental features is best effort via Community support channels and forums.
|
||||
|
||||
**Limitations:** Experimental features may have potentially significant limitations such as functional limitations, performance limitations, and API limitations. Features and programmatic interfaces may change at any time without notice.
|
||||
|
||||
|
@ -38,7 +38,7 @@ Beta offerings are initial releases of potential future products or features. Cu
|
|||
|
||||
**Customer availability:** Participation in beta releases is by invitation or via use of clearly identified beta features in product. Beta invitations may be public or private.
|
||||
|
||||
**Support:** Support for Beta features is best effort via Community support channels and forums.
|
||||
**Support:** Support for beta features is best effort via Community support channels and forums.
|
||||
|
||||
**Limitations:** Beta releases may have potentially significant limitations such as functional limitations, performance limitations, and API limitations. Features and programmatic interfaces may change at any time without notice.
|
||||
|
||||
|
@ -60,11 +60,11 @@ Early Access offerings are products or features that may have potential feature
|
|||
|
||||
General Availability offerings are fully functional products or features that are openly accessible to all Docker customers.
|
||||
|
||||
**Customer availability:** All Docker users have access to General Availability offerings according to their subscription levels.
|
||||
**Customer availability:** All Docker users have access to GA offerings according to their subscription levels.
|
||||
|
||||
**Limitations:** General Availability features and products will have few or no limitations for supported use cases.
|
||||
|
||||
**Support:** All General Availability offerings are fully supported, as described in our [support page](https://www.docker.com/support/).
|
||||
**Support:** All GA offerings are fully supported, as described in our [support page](https://www.docker.com/support/).
|
||||
|
||||
**Retirement:** General Availability offerings follow the [retirement process](#retirement-process) outlined below.
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
description: Release notes for Docker
|
||||
keywords: docker, documentation, about, technology, understanding, release
|
||||
title: Docker release notes
|
||||
keywords: docker, documentation, about, technology, understanding, release, scout, desktop, hub, compose, build, engine
|
||||
title: Release notes for Docker
|
||||
grid:
|
||||
- title: Docker Desktop
|
||||
icon: web_asset
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
description: Enabling two-factor authentication on Docker Hub
|
||||
description: Learn how to enable two-factor authentication on Docker Hub
|
||||
keywords: Docker, docker, registry, security, Docker Hub, authentication, two-factor
|
||||
authentication
|
||||
title: Enable two-factor authentication for Docker Hub
|
||||
|
@ -25,7 +25,7 @@ Authenticator with a registered YubiKey.
|
|||
|
||||
## Enable two-factor authentication
|
||||
|
||||
1. Sign to your Docker Hub account.
|
||||
1. Sign in to your Docker Hub account.
|
||||
2. Select your avatar and then from the drop-down menu, select **My Account**.
|
||||
3. Select the **Security** tab and then select **Enable Two-Factor Authentication**.
|
||||
The next page reminds you to download an authenticator app.
|
||||
|
@ -36,7 +36,7 @@ Authenticator with a registered YubiKey.
|
|||
|
||||
6. Select **Next** and then open your authenticator app.
|
||||
You can choose between scanning the QR code or entering a text code into your authenticator app.
|
||||
7. Once you have linked your authenticator app, enter the six-digit code to in text field and then select **Next**.
|
||||
7. Once you have linked your authenticator app, enter the six-digit code in text field and then select **Next**.
|
||||
|
||||
Two-factor authentication is now enabled. The next time you sign
|
||||
in to your Docker Hub account, you will be asked for a security code.
|
||||
in to your Docker Hub account, you are asked for a security code.
|
|
@ -13,7 +13,6 @@ aliases:
|
|||
> Docker Hub account.
|
||||
{ .warning }
|
||||
|
||||
## Disable two-factor authentication
|
||||
1. Sign in to your Docker Hub account.
|
||||
2. Select your avatar and then from the dropdown menu, select **My Account**.
|
||||
3. Navigate to the **Security** tab and select **Disable 2FA**.
|
||||
|
|
|
@ -10,8 +10,6 @@ aliases:
|
|||
If you have lost your two-factor authentication recovery code and still have
|
||||
access to your Docker Hub account, you can generate a new recovery code.
|
||||
|
||||
## Generate a new recovery code
|
||||
|
||||
1. Sign in to your Docker Hub account.
|
||||
2. Select your avatar and then from the drop-down menu, select **My Account**.
|
||||
3. Navigate to the **Security** tab and select **Click here to generate a new code**.
|
||||
|
|
|
@ -12,4 +12,4 @@ If you have lost access to both your two-factor authentication application and y
|
|||
1. Navigate to [Docker Hub](https://hub.docker.com) and enter your username and password.
|
||||
2. Select **I've lost my authentication device** and **I've lost my recovery code**.
|
||||
3. Complete the [Contact Support form](https://hub.docker.com/support/contact/?category=2fa-lockout).
|
||||
You must enter the primary email address associated with your Docker ID in the Contact Support form for recovery instructions.
|
||||
You must enter the primary email address associated with your Docker ID in the **Contact Support** form for recovery instructions.
|
|
@ -7,20 +7,15 @@ aliases:
|
|||
- /docker-hub/access-tokens/
|
||||
---
|
||||
|
||||
You can create personal access tokens (PAT) to use as alternatives to your password for Docker CLI authentication.
|
||||
You can create a personal access token (PAT) to use as an alternative to your password for Docker CLI authentication.
|
||||
|
||||
Compared to passwords, personal access tokens provide the following advantages:
|
||||
Compared to passwords, PATs provide the following advantages:
|
||||
|
||||
- You can investigate when the PAT was last used and then disable or delete it if you find any suspicious activity.
|
||||
- When using an access token, you can't perform any admin activity on the account, including changing the password. It protects your account if your computer is compromised.
|
||||
|
||||
Access tokens are also valuable for building integrations, as you can issue multiple tokens, one for each integration, and revoke them at
|
||||
any time.
|
||||
> **Note**
|
||||
>
|
||||
> If you have [two-factor authentication (2FA)](2fa/index.md) enabled on
|
||||
> your account, you must create at least one personal access token. Otherwise,
|
||||
> you won't be able to sign in to your account from the Docker CLI.
|
||||
|
||||
## Create an access token
|
||||
|
||||
|
@ -48,9 +43,9 @@ any time.
|
|||
|
||||
## Use an access token
|
||||
|
||||
You can use an access token in place of your password when you log in using Docker CLI.
|
||||
You can use an access token in place of your password when you sign in using Docker CLI.
|
||||
|
||||
Log in from your Docker CLI client with the following command, replacing `YOUR_USERNAME` with your Docker ID:
|
||||
Sign in from your Docker CLI client with the following command, replacing `YOUR_USERNAME` with your Docker ID:
|
||||
|
||||
```console
|
||||
$ docker login --username <YOUR_USERNAME>
|
||||
|
|
|
@ -5,19 +5,19 @@ arm64: |
|
|||
ARM64 is the 64-bit extension of the ARM CPU architecture. arm64 architecture
|
||||
is used in Apple silicon machines.
|
||||
base image: |
|
||||
A **base image** has no parent image specified in its Dockerfile. It is created using a Dockerfile with the `FROM scratch` directive.
|
||||
A base image has no parent image specified in its Dockerfile. It is created using a Dockerfile with the `FROM scratch` directive.
|
||||
btrfs: |
|
||||
btrfs (B-tree file system) is a Linux [filesystem](#filesystem) that Docker
|
||||
supports as a storage backend. It is a [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write) filesystem.
|
||||
build: |
|
||||
build is the process of building Docker images using a [Dockerfile](#dockerfile).
|
||||
Build is the process of building Docker images using a [Dockerfile](#dockerfile).
|
||||
The build uses a Dockerfile and a "context". The context is the set of files in the directory in which the image is built.
|
||||
cgroups: |
|
||||
cgroups is a Linux kernel feature that limits, accounts for, and isolates
|
||||
the resource usage (CPU, memory, disk I/O, network, etc.) of a collection
|
||||
of processes. Docker relies on cgroups to control and isolate resource limits.
|
||||
|
||||
*Also known as : control groups*
|
||||
*Also known as control groups*
|
||||
cluster: |
|
||||
A cluster is a group of machines that work together to run workloads and provide high availability.
|
||||
Compose: |
|
||||
|
@ -27,7 +27,7 @@ Compose: |
|
|||
application up in a single command which does everything that needs to
|
||||
be done to get it running.
|
||||
|
||||
*Also known as : docker-compose
|
||||
*Also known as Docker Compose*
|
||||
copy-on-write: |
|
||||
Docker uses a
|
||||
[copy-on-write](/storage/storagedriver/#the-copy-on-write-cow-strategy)
|
||||
|
@ -88,7 +88,7 @@ Docker Desktop for Windows: |
|
|||
Docker Desktop for Linux: |
|
||||
Docker Desktop for Linux is an an easy-to-install, lightweight Docker development environment designed specifically for Linux machines. It's the best solution if you want to build, debug, test, package, and ship Dockerized applications on a Linux machine.
|
||||
Docker Hub: |
|
||||
The [Docker Hub](https://hub.docker.com/) is a centralized resource for working with Docker and its components. It provides the following services:
|
||||
[Docker Hub](https://hub.docker.com/) is a centralized resource for working with Docker and its components. It provides the following services:
|
||||
|
||||
- A registry to host Docker images
|
||||
- User authentication
|
||||
|
@ -183,9 +183,9 @@ node: |
|
|||
A [node](/engine/swarm/how-swarm-mode-works/nodes/) is a physical or virtual
|
||||
machine running an instance of the Docker Engine in [swarm mode](#swarm-mode).
|
||||
|
||||
**Manager nodes** perform swarm management and orchestration duties. By default manager nodes are also worker nodes.
|
||||
Manager nodes perform swarm management and orchestration duties. By default manager nodes are also worker nodes.
|
||||
|
||||
**Worker nodes** execute tasks.
|
||||
Worker nodes execute tasks.
|
||||
organization: |
|
||||
An organization is a collection of teams and repositories that can be managed together. Docker users become members of an organization when they are assigned to at least one team in the organization.
|
||||
organization name: |
|
||||
|
@ -198,10 +198,10 @@ overlay storage driver: |
|
|||
[union mount](https://en.wikipedia.org/wiki/Union_mount) for other file systems.
|
||||
It is supported by the Docker daemon as a storage driver.
|
||||
parent image: |
|
||||
An image's **parent image** is the image designated in the `FROM` directive
|
||||
An image's parent image is the image designated in the `FROM` directive
|
||||
in the image's Dockerfile. All subsequent commands are based on this parent
|
||||
image. A Dockerfile with the `FROM scratch` directive uses no parent image, and creates
|
||||
a **base image**.
|
||||
a base image.
|
||||
persistent storage: |
|
||||
Persistent storage or volume storage provides a way for a user to add a
|
||||
persistent layer to the running container's file system. This persistent layer
|
||||
|
@ -265,7 +265,7 @@ virtual machine: |
|
|||
|
||||
Compared to containers, a virtual machine is heavier to run, provides more isolation, gets its own set of resources and does minimal sharing.
|
||||
|
||||
*Also known as : VM*
|
||||
*Also known as VM*
|
||||
volume: |
|
||||
A volume is a specially-designated directory within one or more containers
|
||||
that bypasses the Union File System. Volumes are designed to persist data,
|
||||
|
|
Loading…
Reference in New Issue