Engdocs 1912 - Freshness (#18913)

* security

* faqs

* one-off pages

* extension api

* Update content/desktop/extensions-sdk/dev/api/reference/interfaces/ExecStreamOptions.md

Co-authored-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>

---------

Co-authored-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This commit is contained in:
Allie Sadler 2023-12-14 09:15:44 +00:00 committed by GitHub
parent 9970f81c0d
commit cc62fb5887
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 125 additions and 101 deletions

View File

@ -23,6 +23,7 @@ console.log(output);
> **Warning**
>
> It will be removed in a future version.
{ .warning }
#### Parameters
@ -54,6 +55,7 @@ window.ddClient.backend
> **Warning**
>
> It will be removed in a future version. Use [get](HttpService.md#get) instead.
{ .warning }
#### Parameters
@ -82,6 +84,7 @@ window.ddClient.backend
> **Warning**
>
> It will be removed in a future version. Use [post](HttpService.md#post) instead.
{ .warning }
#### Parameters
@ -111,6 +114,7 @@ window.ddClient.backend
> **Warning**
>
> It will be removed in a future version. Use [put](HttpService.md#put) instead.
{ .warning }
#### Parameters
@ -140,6 +144,7 @@ window.ddClient.backend
> **Warning**
>
> It will be removed in a future version. Use [patch](HttpService.md#patch) instead.
{ .warning }
#### Parameters
@ -169,6 +174,7 @@ window.ddClient.backend
> **Warning**
>
> It will be removed in a future version. Use [delete](HttpService.md#delete) instead.
{ .warning }
#### Parameters
@ -197,6 +203,7 @@ window.ddClient.backend
> **Warning**
>
> It will be removed in a future version. Use [head](HttpService.md#head) instead.
{ .warning }
#### Parameters
@ -225,6 +232,7 @@ window.ddClient.backend
> **Warning**
>
> It will be removed in a future version. Use [request](HttpService.md#request) instead.
{ .warning }
#### Parameters
@ -258,6 +266,7 @@ console.log(output);
> **Warning**
>
> It will be removed in a future version. Use [exec](ExtensionCli.md#exec) instead.
{ .warning }
#### Parameters
@ -294,6 +303,7 @@ window.ddClient.spawnInVMExtension(
> **Warning**
>
> It will be removed in a future version.
{ .warning }
#### Parameters

View File

@ -18,7 +18,7 @@ Allows opening native dialog boxes.
**showOpenDialog**(`dialogProperties`): `Promise`<[`OpenDialogResult`](OpenDialogResult.md)\>
Display a native open dialog, allowing to select a file or a folder.
Display a native open dialog. Lets you select a file or a folder.
```typescript
ddClient.desktopUI.dialog.showOpenDialog({properties: ['openFile']});

View File

@ -16,7 +16,7 @@ skip_read_time: true
`Readonly` **cli**: [`DockerCommand`](DockerCommand.md)
You can also directly execute the docker binary.
You can also directly execute the Docker binary.
```typescript
const output = await ddClient.docker.cli.exec("volume", [
@ -39,7 +39,7 @@ For convenience, the command result object also has methods to easily parse it d
---
Streams the output as a result of the execution of a docker command.
Streams the output as a result of the execution of a Docker command.
It is useful when the output of the command is too long, or you need to get the output as a stream.
```typescript

View File

@ -23,6 +23,7 @@ The client is already connected to the backend.
>**Warning**
>
> It will be removed in a future version. Use [extension](DockerDesktopClient.md#extension) instead.
{ .warning }
#### Inherited from
@ -90,6 +91,7 @@ const containers = await window.ddClient.listContainers();
>**Warning**
>
> It will be removed in a future version. Use [listContainers](Docker.md#listcontainers) instead.
{ .warning }
#### Parameters
@ -122,6 +124,7 @@ const images = await window.ddClient.listImages();
> **Warning**
>
> It will be removed in a future version. Use [listImages](Docker.md#listimages) instead.
{ .warning }
#### Parameters
@ -145,7 +148,7 @@ ___
**navigateToContainers**(): `void`
Navigate to the containers window in Docker Desktop.
Navigate to the container's window in Docker Desktop.
```typescript
window.ddClient.navigateToContainers();
```
@ -153,6 +156,7 @@ window.ddClient.navigateToContainers();
> **Warning**
>
> It will be removed in a future version. Use [viewContainers](NavigationIntents.md#viewcontainers) instead.
{ .warning }
#### Returns
@ -176,6 +180,7 @@ await window.ddClient.navigateToContainer(id);
> **Warning**
>
> It will be removed in a future version.
{ .warning }
#### Parameters
@ -207,6 +212,7 @@ await window.ddClient.navigateToContainerLogs(id);
> **Warning**
>
> It will be removed in a future version.
{ .warning }
#### Parameters
@ -238,6 +244,7 @@ await window.ddClient.navigateToContainerInspect(id);
> **Warning**
>
> It will be removed in a future version.
{ .warning }
#### Parameters
@ -270,6 +277,7 @@ await window.ddClient.navigateToContainerStats(id);
> **Warning**
>
> It will be removed in a future version.
{ .warning }
#### Parameters
@ -301,6 +309,7 @@ await window.ddClient.navigateToImages(id);
> **Warning**
>
> It will be removed in a future version. Use [viewImages](NavigationIntents.md#viewimages) instead.
{ .warning }
#### Returns
@ -326,6 +335,7 @@ await window.ddClient.navigateToImage(id, tag);
> **Warning**
>
> It will be removed in a future version. Use [viewImage](NavigationIntents.md#viewimage) instead.
{ .warning }
#### Parameters
@ -359,6 +369,7 @@ await window.ddClient.navigateToVolumes();
> **Warning**
>
> It will be removed in a future version. Use [viewVolumes](NavigationIntents.md#viewvolumes) instead.
{ .warning }
#### Returns
@ -383,6 +394,7 @@ window.ddClient.navigateToVolume(volume);
> **Warning**
>
> It will be removed in a future version. Use [viewVolume](NavigationIntents.md#viewvolume) instead.
{ .warning }
#### Parameters
@ -413,6 +425,7 @@ window.ddClient.navigateToDevEnvironments();
> **Warning**
>
> It will be removed in a future version. Use [viewDevEnvironments](NavigationIntents.md#viewdevenvironments) instead.
{ .warning }
#### Returns
@ -441,6 +454,7 @@ window.ddClient.execHostCmd(`cliShippedOnHost xxx`).then((cmdResult: any) => {
> **Warning**
>
> It will be removed in a future version. Use [exec](ExtensionCli.md#exec) instead.
{ .warning }
#### Parameters
@ -462,7 +476,7 @@ ___
**spawnHostCmd**(`cmd`, `args`, `callback`): `void`
Invoke an extension binary on your host and getting the output stream.
Invoke an extension binary on your host and get the output stream.
```typescript
window.ddClient.spawnHostCmd(
@ -481,6 +495,7 @@ window.ddClient.spawnHostCmd(
> **Warning**
>
> It will be removed in a future version. Use [exec](ExtensionCli.md#exec) instead.
{ .warning }
#### Parameters
@ -504,7 +519,7 @@ ___
**execDockerCmd**(`cmd`, `...args`): `Promise`<[`ExecResultV0`](ExecResultV0.md)\>
You can also directly execute the docker binary.
You can also directly execute the Docker binary.
```typescript
const output = await window.ddClient.execDockerCmd("info");
@ -513,6 +528,7 @@ const output = await window.ddClient.execDockerCmd("info");
> **Warning**
>
> It will be removed in a future version. Use [exec](DockerCommand.md#exec) instead.
{ .warning }
#### Parameters
@ -535,8 +551,8 @@ The result will contain both the standard output and the standard error of the e
For convenience, the command result object also has methods to easily parse it depending on the output format:
- `output.lines(): string[]` splits output lines.
- `output.parseJsonObject(): any` parses a well-formed json output.
- `output.parseJsonLines(): any[]` parses each output line as a json object.
- `output.parseJsonObject(): any` parses a well-formed JSON output.
- `output.parseJsonLines(): any[]` parses each output line as a JSON object.
If the output of the command is too long, or you need to get the output as a stream you can use the
* spawnDockerCmd function:
@ -560,6 +576,7 @@ ___
> **Warning**
>
> It will be removed in a future version. Use [exec](DockerCommand.md#exec) instead.
{ .warning }
#### Parameters
@ -592,12 +609,13 @@ window.ddClient.openExternal("https://docker.com");
**Warning**
>
> It will be removed in a future version. Use [openExternal](Host.md#openexternal) instead.
{ .warning }
#### Parameters
| Name | Type | Description |
| :------ | :------ | :------ |
| `url` | `string` | The URL the browser will open (must have the protocol `http` or `https`). |
| `url` | `string` | The URL the browser opens (must have the protocol `http` or `https`). |
#### Returns
@ -624,6 +642,7 @@ window.ddClient.toastSuccess("message");
>**Warning`**
>
> It will be removed in a future version. Use [success](Toast.md#success) instead.
{ .warning }
#### Parameters
@ -654,6 +673,7 @@ window.ddClient.toastWarning("message");
> **Warning**
>
> It will be removed in a future version. Use [warning](Toast.md#warning) instead.
{ .warning }
#### Parameters
@ -684,6 +704,7 @@ window.ddClient.toastError("message");
>**Warning**
>
> It will be removed in a future version. Use [error](Toast.md#error) instead.
{ .warning }
#### Parameters

View File

@ -33,7 +33,7 @@ to true. The callback is then invoked once for each line.
| Name | Type | Description |
| :------ | :------ | :------ |
| `data` | { `stdout`: `string` ; `stderr?`: `undefined` } \| { `stdout?`: `undefined` ; `stderr`: `string` } | output content. Can include either stdout string, or stderr string, one at a time. |
| `data` | `{ stdout: string; stderr?: undefined } \| { stdout?: undefined; stderr: string }` | Output content. Can include either stdout string, or stderr string, one at a time. |
##### Returns
@ -55,7 +55,7 @@ Invoked to report error if the executed command errors.
| Name | Type | Description |
| :------ | :------ | :------ |
| `error` | `any` | the error happening in the executed command |
| `error` | `any` | The error happening in the executed command |
##### Returns
@ -77,7 +77,7 @@ Invoked when process exits.
| Name | Type | Description |
| :------ | :------ | :------ |
| `exitCode` | `number` | the process exit code |
| `exitCode` | `number` | The process exit code |
##### Returns

View File

@ -18,7 +18,7 @@ skip_read_time: true
Executes a command in the host.
For example, execute the shipped binary `kubectl -h` command in the **host**:
For example, execute the shipped binary `kubectl -h` command in the host:
```typescript
await ddClient.extension.host.cli.exec("kubectl", ["-h"]);
@ -28,7 +28,7 @@ await ddClient.extension.host.cli.exec("kubectl", ["-h"]);
Streams the output of the command executed in the backend container or in the host.
Provided the `kubectl` binary is shipped as part of your extension, you can spawn the `kubectl -h` command in the **host**:
Provided the `kubectl` binary is shipped as part of your extension, you can spawn the `kubectl -h` command in the host:
```typescript
await ddClient.extension.host.cli.exec("kubectl", ["-h"], {

View File

@ -18,7 +18,7 @@ skip_read_time: true
Executes a command in the backend container.
Example: Execute the command `ls -l` inside the **backend container**:
Example: Execute the command `ls -l` inside the backend container:
```typescript
await ddClient.extension.vm.cli.exec(
@ -29,12 +29,12 @@ await ddClient.extension.vm.cli.exec(
Streams the output of the command executed in the backend container.
When the extension defines its own `docker-compose.yaml` file
When the extension defines its own `compose.yaml` file
with multiple containers, the command is executed on the first container defined.
Change the order in which containers are defined to execute commands on another
container.
Example: Spawn the command `ls -l` inside the **backend container**:
Example: Spawn the command `ls -l` inside the backend container:
```typescript
await ddClient.extension.vm.cli.exec("ls", ["-l"], {

View File

@ -16,7 +16,7 @@ skip_read_time: true
**viewContainers**(): `Promise`<`void`\>
Navigate to the containers window in Docker Desktop.
Navigate to the **Containers** tab in Docker Desktop.
```typescript
ddClient.desktopUI.navigate.viewContainers()
@ -32,7 +32,7 @@ ___
**viewContainer**(`id`): `Promise`<`void`\>
Navigate to the container window in Docker Desktop.
Navigate to the **Container** tab in Docker Desktop.
```typescript
await ddClient.desktopUI.navigate.viewContainer(id)
@ -56,7 +56,7 @@ ___
**viewContainerLogs**(`id`): `Promise`<`void`\>
Navigate to the container logs window in Docker Desktop.
Navigate to the **Container logs** tab in Docker Desktop.
```typescript
await ddClient.desktopUI.navigate.viewContainerLogs(id)
@ -80,7 +80,7 @@ ___
**viewContainerInspect**(`id`): `Promise`<`void`\>
Navigate to the container inspect window in Docker Desktop.
Navigate to the **Inspect container** view in Docker Desktop.
```typescript
await ddClient.desktopUI.navigate.viewContainerInspect(id)
@ -158,7 +158,7 @@ ___
**viewImages**(): `Promise`<`void`\>
Navigate to the images window in Docker Desktop.
Navigate to the **Images** tab in Docker Desktop.
```typescript
await ddClient.desktopUI.navigate.viewImages()
@ -220,7 +220,7 @@ ___
**viewVolumes**(): `Promise`<`void`\>
Navigate to the volumes window in Docker Desktop.
Navigate to the **Volumes** tab in Docker Desktop.
```typescript
ddClient.desktopUI.navigate.viewVolumes()

View File

@ -32,4 +32,4 @@ ___
`Optional` `Readonly` **bookmarks**: `string`[]
macOS only- An array matching the filePaths array of base64 encoded strings which contains security scoped bookmark data. securityScopedBookmarks must be enabled for this to be populated
macOS only. An array matching the `filePaths` array of `base64` encoded strings which contains security scoped bookmark data. `securityScopedBookmarks` must be enabled for this to be populated.

View File

@ -1,5 +1,5 @@
---
description: Frequently asked questions for all platforms
description: Frequently asked Docker Desktop questions for all platforms
keywords: desktop, mac, windows, faqs
title: General FAQs for Desktop
aliases:
@ -43,30 +43,27 @@ No, there is no constraint on how each extension should be licensed, this is up
Yes, you can use Docker Desktop offline. However, you
cannot access features that require an active internet
connection. Additionally, any functionality that requires you to sign won't work while using Docker Desktop offline or in air-gapped environments.
connection. Additionally, any functionality that requires you to sign in won't work while using Docker Desktop offline or in air-gapped environments.
This includes:
- The resources in the [Learning Center](../use-desktop/index.md)
- Pulling or pushing an image to Docker Hub
- [Image Access Management](../../security/for-developers/access-tokens.md)
- [Vulnerability scanning](../../docker-hub/vulnerability-scanning.md)
- [Static vulnerability scanning](../../docker-hub/vulnerability-scanning.md)
- Viewing remote images in the Docker Dashboard
- Setting up [Dev Environments](../dev-environments/index.md)
- Docker build when using [BuildKit](../../build/buildkit/index.md#getting-started).
- Docker Build when using [BuildKit](../../build/buildkit/index.md#getting-started).
You can work around this by disabling BuildKit. Run `DOCKER_BUILDKIT=0 docker build .` to disable BuildKit.
- Deploying an app to the cloud through the Docker Compose
[ACI and ECS](https://github.com/docker/compose-cli/tree/main/docs) integrations
- [Kubernetes](../kubernetes.md) (Images are download when you enable Kubernetes for the first time)
- Check for updates
- Checking for updates
- [In-app diagnostics](../troubleshoot/overview.md#diagnose-from-the-app) (including the [Self-diagnose tool](../troubleshoot/overview.md#diagnose-from-the-app))
- Tip of the week
- Sending usage statistics
### Where can I find information about diagnosing and troubleshooting Docker Desktop issues?
You can find information about diagnosing and troubleshooting common issues in the [Troubleshooting topic](../troubleshoot/overview.md).
If you do not find a solution in troubleshooting, browse the Github repositories or create a new issue:
If you do not find a solution in troubleshooting, browse the GitHub repositories or create a new issue:
- [docker/for-mac](https://github.com/docker/for-mac/issues)
- [docker/for-win](https://github.com/docker/for-win/issues)
@ -103,7 +100,7 @@ For more information and examples, see [how to connect from a container to a ser
### Can I pass through a USB device to a container?
Unfortunately, it is not possible to pass through a USB device (or a
It is not possible to pass through a USB device (or a
serial port) to a container as it requires support at the hypervisor level.
### Can I run Docker Desktop in nested virtualization scenarios?
@ -118,8 +115,9 @@ or have some visual artifacts.
To work around this issue, disable hardware acceleration by creating a `"disableHardwareAcceleration": true` entry in Docker Desktop's `settings.json` file. You can find this file at:
- **Mac**: `~/Library/Group Containers/group.com.docker/settings.json`
- **Windows**: `C:\Users\[USERNAME]\AppData\Roaming\Docker\settings.json`
- Mac: `~/Library/Group Containers/group.com.docker/settings.json`
- Windows: `C:\Users\[USERNAME]\AppData\Roaming\Docker\settings.json`
- Linux: `~/.docker/desktop/settings.json.`
After updating the `settings.json` file, close and restart Docker Desktop to apply the changes.

View File

@ -1,7 +1,7 @@
---
description: Frequently asked questions
description: Frequently asked questions for Docker Desktop for Linux
keywords: desktop, linux, faqs
title: FAQs for Linux
title: FAQs for Docker Desktop for Linux
aliases:
- /desktop/linux/space/
---
@ -92,32 +92,32 @@ Refer to the [Docker Context documentation](../../engine/context/working-with-co
Docker Desktop for Linux runs a Virtual Machine (VM) for the following reasons:
1. **To ensure that Docker Desktop provides a consistent experience across platforms**.
1. To ensure that Docker Desktop provides a consistent experience across platforms.
During research, the most frequently cited reason for users wanting Docker Desktop for Linux (DD4L) was to ensure a consistent Docker Desktop
During research, the most frequently cited reason for users wanting Docker Desktop for Linux was to ensure a consistent Docker Desktop
experience with feature parity across all major operating systems. Utilizing
a VM ensures that the Docker Desktop experience for Linux users will closely
match that of Windows and macOS.
2. **To make use of new kernel features**
2. To make use of new kernel features.
Sometimes we want to make use of new operating system features. Because we control the kernel and the OS inside the VM, we can roll these out to all users immediately, even to users who are intentionally sticking on an LTS version of their machine OS.
3. **To enhance security**
3. To enhance security.
Container image vulnerabilities pose a security risk for the host environment. There is a large number of unofficial images that are not guaranteed to be verified for known vulnerabilities. Malicious users can push images to public registries and use different methods to trick users into pulling and running them. The VM approach mitigates this threat as any malware that gains root privileges is restricted to the VM environment without access to the host.
Why not run rootless Docker? Although this has the benefit of superficially limiting access to the root user so everything looks safer in "top", it allows unprivileged users to gain `CAP_SYS_ADMIN` in their own user namespace and access kernel APIs which are not expecting to be used by unprivileged users, resulting in [vulnerabilities](https://www.openwall.com/lists/oss-security/2022/01/18/7).
4. **To provide the benefits of feature parity and enhanced security, with minimal impact on performance**
4. To provide the benefits of feature parity and enhanced security, with minimal impact on performance.
The VM utilized by DD4L uses [`virtiofs`](https://virtio-fs.gitlab.io), a shared file system that allows virtual machines to access a directory tree located on the host. Our internal benchmarking shows that with the right resource allocation to the VM, near native file system performance can be achieved with virtiofs.
The VM utilized by Docker Desktop for Linux uses [`VirtioFS`](https://virtio-fs.gitlab.io), a shared file system that allows virtual machines to access a directory tree located on the host. Our internal benchmarking shows that with the right resource allocation to the VM, near native file system performance can be achieved with VirtioFS.
As such, we have adjusted the default memory available to the VM in DD4L. You can tweak this setting to your specific needs by using the **Memory** slider within the **Settings** > **Resources** tab of Docker Desktop.
As such, we have adjusted the default memory available to the VM in Docker Desktop for Linux. You can tweak this setting to your specific needs by using the **Memory** slider within the **Settings** > **Resources** tab of Docker Desktop.
### How do I enable file sharing?
Docker Desktop for Linux uses [virtiofs](https://virtio-fs.gitlab.io/) as the
Docker Desktop for Linux uses [VirtioFS](https://virtio-fs.gitlab.io/) as the
default (and currently only) mechanism to enable file sharing between the host
and Docker Desktop VM. In order not to require elevated privileges, without
unnecessarily restricting operations on the shared files, Docker Desktop runs
@ -210,7 +210,7 @@ Alternatively, to list images, run:
$ docker image ls
```
and then, to list containers, run:
To list containers, run:
```console
$ docker container ls -a
@ -256,4 +256,4 @@ To reduce the maximum size of the disk image file:
3. Select **Apply & Restart**.
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images will be lost.
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images are lost.

View File

@ -1,7 +1,7 @@
---
description: Frequently asked questions
description: Frequently asked questions for Docker Desktop for Mac
keywords: desktop, mac, faqs
title: FAQs for Mac
title: FAQs for Docker Desktop for Mac
aliases:
- /desktop/mac/space/
- /docker-for-mac/space/
@ -26,7 +26,7 @@ HyperKit is thinner than VirtualBox and VMWare fusion, and the version included
The privileged helper process `com.docker.vmnetd` is started by `launchd` and
runs in the background. The process does not consume any resources unless
Docker.app connects to it, so it's safe to ignore.
`Docker.app` connects to it, so it's safe to ignore.
### Where does Docker Desktop store Linux containers and images?
Docker Desktop stores Linux containers and images in a single, large "disk image" file in the Mac filesystem. This is different from Docker on Linux, which usually stores containers and images in the `/var/lib/docker` directory.
@ -55,7 +55,10 @@ To move the disk image file to a different location:
3. Select **Apply & Restart** for the changes to take effect.
Do not move the file directly in Finder as this can cause Docker Desktop to lose track of the file.
>**Important**
>
> Do not move the file directly in Finder as this can cause Docker Desktop to lose track of the file.
{ .important }
##### How do I delete unnecessary containers and images?
@ -71,7 +74,7 @@ Alternatively, to list images, run:
$ docker image ls
```
and then, to list containers, run:
To list containers, run:
```console
$ docker container ls -a
@ -85,10 +88,10 @@ $ docker system prune
This command removes all stopped containers, unused networks, dangling images, and build cache.
It might take a few minutes to reclaim space on the host depending on the format of the disk image file:
It might take a few minutes to reclaim space on the host depending on the format of the disk image file. If the file is name:
- If the file is named `Docker.raw`: space on the host should be reclaimed within a few seconds.
- If the file is named `Docker.qcow2`: space will be freed by a background process after a few minutes.
- `Docker.raw`, space on the host is reclaimed within a few seconds.
- `Docker.qcow2`, space is freed by a background process after a few minutes.
Space is only freed when images are deleted. Space is not freed automatically when files are deleted inside running containers. To trigger a space reclamation at any point, run the command:
@ -117,7 +120,7 @@ To reduce the maximum size of the disk image file:
3. Select **Apply & Restart**.
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images will be lost.
When you reduce the maximum size, the current disk image file is deleted, and therefore, all containers and images are lost.
### How do I add TLS certificates?
@ -221,7 +224,7 @@ in the Docker Engine topics.
### How do I install shell completion?
Docker Desktop comes with scripts to enable completion for the `docker` and `docker-compose` commands. The completion scripts may be
Docker Desktop comes with scripts to enable completion for the `docker` and `docker compose` commands. The completion scripts may be
found inside `Docker.app`, in the `Contents/Resources/etc/` directory and can be
installed both in Bash and Zsh.

View File

@ -1,5 +1,5 @@
---
description: Frequently asked questions for all platforms
description: Frequently asked Docker Desktop questions for all platforms
keywords: desktop, mac, windows, faqs
title: FAQs on Docker Desktop releases
---
@ -14,7 +14,7 @@ Each Docker Desktop release is also delivered as a full installer for new users.
### How frequent will new releases be?
New releases are available roughly monthly, unless there are critical fixes that need to be released sooner.
New releases are available roughly every month, unless there are critical fixes that need to be released sooner.
### How do I ensure that all users on my team are using the same version?

View File

@ -1,7 +1,7 @@
---
description: Frequently asked questions
description: Frequently asked questions for Docker Desktop for Windows
keywords: desktop, windows, faqs
title: FAQs for Windows
title: FAQs for Docker Desktop for Windows
---
### Can I use VirtualBox alongside Docker Desktop?
@ -58,7 +58,7 @@ See the [Stack Overflow post](https://stackoverflow.com/questions/67746843/clear
### How do I add custom CA certificates?
You can add trusted **Certificate Authorities (CAs)** to your Docker daemon to verify registry server certificates, and **client certificates**, to authenticate to registries.
You can add trusted Certificate Authorities (CAs) to your Docker daemon to verify registry server certificates, and client certificates, to authenticate to registries.
Docker Desktop supports all trusted Certificate Authorities (CAs) (root or
intermediate). Docker recognizes certs stored under Trust Root
@ -84,7 +84,7 @@ directory on Moby (the Docker Desktop virtual machine running on Hyper-V).
You need to restart Docker Desktop after making any changes to the keychain
or to the `~/.docker/certs.d` directory in order for the changes to take effect.
The registry cannot be listed as an _insecure registry_ (see
The registry cannot be listed as an insecure registry (see
[Docker Daemon](../settings/windows.md#docker-engine)). Docker Desktop ignores
certificates listed under insecure registries, and does not send client
certificates. Commands like `docker run` that attempt to pull from the registry
@ -116,9 +116,9 @@ For more information on Windows containers, refer to the following documentation
- To understand how to connect to Windows containers from the local host, see
[I want to connect to a container from Windows](../networking.md#i-want-to-connect-to-a-container-from-the-host)
> Settings dialog changes with Windows containers
> **Note**
>
> When you switch to Windows containers, the Settings dialog only shows those tabs that are active and apply to your Windows containers:
> When you switch to Windows containers, **Settings** only shows those tabs that are active and apply to your Windows containers. These are:
>
> * [General](../settings/windows.md#general)
> * [Proxies](../settings/windows.md#proxies)

View File

@ -1,6 +1,6 @@
---
title: Product release lifecycle
description: describes to users the various stages of feature lifecycle from beta
title: Docker's product release lifecycle
description: Describes the various stages of feature lifecycle from beta
to GA.
keywords: beta, GA, Early Access,
---
@ -26,7 +26,7 @@ Experimental offerings are features that Docker is currently experimenting with.
**Customer availability:** Availability of experimental features is limited. A portion of users may have access to none, one or many experimental features.
**Support:** Support for Experimental features is best effort via Community support channels and forums.
**Support:** Support for experimental features is best effort via Community support channels and forums.
**Limitations:** Experimental features may have potentially significant limitations such as functional limitations, performance limitations, and API limitations. Features and programmatic interfaces may change at any time without notice.
@ -38,7 +38,7 @@ Beta offerings are initial releases of potential future products or features. Cu
**Customer availability:** Participation in beta releases is by invitation or via use of clearly identified beta features in product. Beta invitations may be public or private.
**Support:** Support for Beta features is best effort via Community support channels and forums.
**Support:** Support for beta features is best effort via Community support channels and forums.
**Limitations:** Beta releases may have potentially significant limitations such as functional limitations, performance limitations, and API limitations. Features and programmatic interfaces may change at any time without notice.
@ -60,11 +60,11 @@ Early Access offerings are products or features that may have potential feature
General Availability offerings are fully functional products or features that are openly accessible to all Docker customers.
**Customer availability:** All Docker users have access to General Availability offerings according to their subscription levels.
**Customer availability:** All Docker users have access to GA offerings according to their subscription levels.
**Limitations:** General Availability features and products will have few or no limitations for supported use cases.
**Support:** All General Availability offerings are fully supported, as described in our [support page](https://www.docker.com/support/).
**Support:** All GA offerings are fully supported, as described in our [support page](https://www.docker.com/support/).
**Retirement:** General Availability offerings follow the [retirement process](#retirement-process) outlined below.

View File

@ -1,7 +1,7 @@
---
description: Release notes for Docker
keywords: docker, documentation, about, technology, understanding, release
title: Docker release notes
keywords: docker, documentation, about, technology, understanding, release, scout, desktop, hub, compose, build, engine
title: Release notes for Docker
grid:
- title: Docker Desktop
icon: web_asset

View File

@ -1,5 +1,5 @@
---
description: Enabling two-factor authentication on Docker Hub
description: Learn how to enable two-factor authentication on Docker Hub
keywords: Docker, docker, registry, security, Docker Hub, authentication, two-factor
authentication
title: Enable two-factor authentication for Docker Hub
@ -25,7 +25,7 @@ Authenticator with a registered YubiKey.
## Enable two-factor authentication
1. Sign to your Docker Hub account.
1. Sign in to your Docker Hub account.
2. Select your avatar and then from the drop-down menu, select **My Account**.
3. Select the **Security** tab and then select **Enable Two-Factor Authentication**.
The next page reminds you to download an authenticator app.
@ -36,7 +36,7 @@ Authenticator with a registered YubiKey.
6. Select **Next** and then open your authenticator app.
You can choose between scanning the QR code or entering a text code into your authenticator app.
7. Once you have linked your authenticator app, enter the six-digit code to in text field and then select **Next**.
7. Once you have linked your authenticator app, enter the six-digit code in text field and then select **Next**.
Two-factor authentication is now enabled. The next time you sign
in to your Docker Hub account, you will be asked for a security code.
in to your Docker Hub account, you are asked for a security code.

View File

@ -13,7 +13,6 @@ aliases:
> Docker Hub account.
{ .warning }
## Disable two-factor authentication
1. Sign in to your Docker Hub account.
2. Select your avatar and then from the dropdown menu, select **My Account**.
3. Navigate to the **Security** tab and select **Disable 2FA**.

View File

@ -10,8 +10,6 @@ aliases:
If you have lost your two-factor authentication recovery code and still have
access to your Docker Hub account, you can generate a new recovery code.
## Generate a new recovery code
1. Sign in to your Docker Hub account.
2. Select your avatar and then from the drop-down menu, select **My Account**.
3. Navigate to the **Security** tab and select **Click here to generate a new code**.

View File

@ -12,4 +12,4 @@ If you have lost access to both your two-factor authentication application and y
1. Navigate to [Docker Hub](https://hub.docker.com) and enter your username and password.
2. Select **I've lost my authentication device** and **I've lost my recovery code**.
3. Complete the [Contact Support form](https://hub.docker.com/support/contact/?category=2fa-lockout).
You must enter the primary email address associated with your Docker ID in the Contact Support form for recovery instructions.
You must enter the primary email address associated with your Docker ID in the **Contact Support** form for recovery instructions.

View File

@ -7,20 +7,15 @@ aliases:
- /docker-hub/access-tokens/
---
You can create personal access tokens (PAT) to use as alternatives to your password for Docker CLI authentication.
You can create a personal access token (PAT) to use as an alternative to your password for Docker CLI authentication.
Compared to passwords, personal access tokens provide the following advantages:
Compared to passwords, PATs provide the following advantages:
- You can investigate when the PAT was last used and then disable or delete it if you find any suspicious activity.
- When using an access token, you can't perform any admin activity on the account, including changing the password. It protects your account if your computer is compromised.
Access tokens are also valuable for building integrations, as you can issue multiple tokens, one for each integration, and revoke them at
any time.
> **Note**
>
> If you have [two-factor authentication (2FA)](2fa/index.md) enabled on
> your account, you must create at least one personal access token. Otherwise,
> you won't be able to sign in to your account from the Docker CLI.
## Create an access token
@ -48,9 +43,9 @@ any time.
## Use an access token
You can use an access token in place of your password when you log in using Docker CLI.
You can use an access token in place of your password when you sign in using Docker CLI.
Log in from your Docker CLI client with the following command, replacing `YOUR_USERNAME` with your Docker ID:
Sign in from your Docker CLI client with the following command, replacing `YOUR_USERNAME` with your Docker ID:
```console
$ docker login --username <YOUR_USERNAME>

View File

@ -5,19 +5,19 @@ arm64: |
ARM64 is the 64-bit extension of the ARM CPU architecture. arm64 architecture
is used in Apple silicon machines.
base image: |
A **base image** has no parent image specified in its Dockerfile. It is created using a Dockerfile with the `FROM scratch` directive.
A base image has no parent image specified in its Dockerfile. It is created using a Dockerfile with the `FROM scratch` directive.
btrfs: |
btrfs (B-tree file system) is a Linux [filesystem](#filesystem) that Docker
supports as a storage backend. It is a [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write) filesystem.
build: |
build is the process of building Docker images using a [Dockerfile](#dockerfile).
Build is the process of building Docker images using a [Dockerfile](#dockerfile).
The build uses a Dockerfile and a "context". The context is the set of files in the directory in which the image is built.
cgroups: |
cgroups is a Linux kernel feature that limits, accounts for, and isolates
the resource usage (CPU, memory, disk I/O, network, etc.) of a collection
of processes. Docker relies on cgroups to control and isolate resource limits.
*Also known as : control groups*
*Also known as control groups*
cluster: |
A cluster is a group of machines that work together to run workloads and provide high availability.
Compose: |
@ -27,7 +27,7 @@ Compose: |
application up in a single command which does everything that needs to
be done to get it running.
*Also known as : docker-compose
*Also known as Docker Compose*
copy-on-write: |
Docker uses a
[copy-on-write](/storage/storagedriver/#the-copy-on-write-cow-strategy)
@ -88,7 +88,7 @@ Docker Desktop for Windows: |
Docker Desktop for Linux: |
Docker Desktop for Linux is an an easy-to-install, lightweight Docker development environment designed specifically for Linux machines. It's the best solution if you want to build, debug, test, package, and ship Dockerized applications on a Linux machine.
Docker Hub: |
The [Docker Hub](https://hub.docker.com/) is a centralized resource for working with Docker and its components. It provides the following services:
[Docker Hub](https://hub.docker.com/) is a centralized resource for working with Docker and its components. It provides the following services:
- A registry to host Docker images
- User authentication
@ -183,9 +183,9 @@ node: |
A [node](/engine/swarm/how-swarm-mode-works/nodes/) is a physical or virtual
machine running an instance of the Docker Engine in [swarm mode](#swarm-mode).
**Manager nodes** perform swarm management and orchestration duties. By default manager nodes are also worker nodes.
Manager nodes perform swarm management and orchestration duties. By default manager nodes are also worker nodes.
**Worker nodes** execute tasks.
Worker nodes execute tasks.
organization: |
An organization is a collection of teams and repositories that can be managed together. Docker users become members of an organization when they are assigned to at least one team in the organization.
organization name: |
@ -198,10 +198,10 @@ overlay storage driver: |
[union mount](https://en.wikipedia.org/wiki/Union_mount) for other file systems.
It is supported by the Docker daemon as a storage driver.
parent image: |
An image's **parent image** is the image designated in the `FROM` directive
An image's parent image is the image designated in the `FROM` directive
in the image's Dockerfile. All subsequent commands are based on this parent
image. A Dockerfile with the `FROM scratch` directive uses no parent image, and creates
a **base image**.
a base image.
persistent storage: |
Persistent storage or volume storage provides a way for a user to add a
persistent layer to the running container's file system. This persistent layer
@ -265,7 +265,7 @@ virtual machine: |
Compared to containers, a virtual machine is heavier to run, provides more isolation, gets its own set of resources and does minimal sharing.
*Also known as : VM*
*Also known as VM*
volume: |
A volume is a specially-designated directory within one or more containers
that bypasses the Union File System. Volumes are designed to persist data,