docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16266 from dvdksn/runtime-wasm-c8d-editorial 

runtime: editorial improvements for c8d and wasm
This commit is contained in:
David Karlsson 2022-12-02 16:14:56 +01:00 committed by GitHub
parent 9f1f5c3c78 c0f5c4dfc7
commit ddafb1aefc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 191 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.github/vale/Vocab/Industry/accept.txt vendored
View File

@ -1,8 +1,9 @@
ARM
AWS
Amazon
Apple
Azure( Blob Storage)?
Artifactory
Azure( Blob Storage)?
BusyBox
CentOS
Ceph
@ -22,10 +23,10 @@ Intel
JFrog
JetBrains
Kubernetes
LTS
Lightstreamer
Linux
Logstash
LTS
Mac
Mail(chimp|gun)
Microsoft
@ -39,11 +40,11 @@ Postgres
PowerShell
Python
QEMU
Raspbian
RHEL
Raspbian
S3
SQLite
SLES
SQLite
Slack
Snyk
Solr
@ -53,6 +54,7 @@ TLS
Twilio
Ubuntu
WSL
Wasm
Windows
XWiki
Zsh

74
desktop/containerd/index.md
View File

@ -1,27 +1,34 @@
---
title: Containerd Image Store (Beta)
description: How to activate the containerd integration feature in Docker Desktop
title: containerd image store (Beta)
description:
How to activate the containerd integration feature in Docker Desktop
keywords: Docker, containerd, engine, image store, lazy-pull
toc_max: 3
---
This page provides information about the ongoing integration of `containerd` for image and file system management in the Docker Engine.
This page provides information about the ongoing integration of `containerd` for
image and file system management in the Docker Engine.
> **Beta**
>
> The Containerd Image Store feature is currently in [Beta](../../release-lifecycle.md/#beta). We recommend that you do not use this feature in production environments as this feature may change or be removed from future releases.
> The containerd image store feature is currently in
> [Beta](../../release-lifecycle.md/#beta). We recommend that you do not use
> this feature in production environments as this feature may change or be
> removed from future releases.
## Enabling the containerd image store feature
## Enabling the Containerd image store feature
The containerd image store beta feature is off by default.
The Containerd Image Store beta feature is switched off by default.
To start using the feature:
To enable this feature:
1. Navigate to **Settings**, or **Preferences** if youre a Mac user.
2. Select the **Experimental** features tab.
3. Next to **Use containerd for pulling and storing images**, select the checkbox.
3. Next to **Use containerd for pulling and storing images**, select the
checkbox.
To disable this feature, clear the **Use containerd for pulling and storing images** checkbox.
To turn off this feature, clear the **Use containerd for pulling and storing
images** checkbox.
![containerd feature](../images/containerd_feature_activation.png){:width="750px"}
@ -128,7 +135,7 @@ fd61d71c75fe: Download complete
```
Confirm the NGINX container is running:
Confirm the Nginx container is running:
```console
$ docker ps
@ -136,7 +143,7 @@ CONTAINER ID IMAGE COMMAND CREATED STATUS
93b4d60dfd08 nginx "/docker-entrypoint.…" 3 seconds ago Up 3 seconds 0.0.0.0:8080->80/tcp stoic_mccarthy
```
You can also check from the browser that NGINX is running:
You can also check from the browser that Nginx is running:
![containerd_feature_nginx](../images/containerd_feature_nginx.png){:width="750px"}
@ -178,12 +185,14 @@ FINISHED
=> => unpacking to docker.io/<username>/hello-friends:latest
```
Run multi-platform image:
```console
$ docker run <username>/hello-friends
```
Push a multi-platform image:
```console
@ -207,21 +216,42 @@ View Tags on DockerHub to see multi-platform result:
### Docker Desktop 4.13.0 release
* Listing images with `docker images` returns the error `content digest not found` on ARM machines after running or pulling an image with the `--platform` parameter.
- Listing images with `docker images` returns the error
`content digest not found` on ARM machines after running or pulling an image
with the `--platform` parameter.
### Docker Desktop 4.12.0 release
* The Containerd Image Store feature requires Buildx version 0.9.0 or newer.
+ On Docker Desktop for Linux (DD4L), validate if your locally installed version meets this requirement.
>**Note**
- The containerd image store feature requires Buildx version 0.9.0 or newer.
- On Docker Desktop for Linux (DD4L), validate if your locally installed
version meets this requirement.
> **Note**
>
> If an older version is installed, the Docker daemon reports the following error **Multiple platforms feature is currently not supported for docker driver. Please switch to a different driver**.
Install a newer version of Buildx following the instructions on [Docker Buildx Manual download](../../build/buildx/install/#manual-download).
* Containerd Image Store feature and Kubernetes cluster support in Docker Desktop 4.12.0 are incompatible at the moment. Turn off the Containerd Image Store feature if you are using the Kubernetes from Docker Desktop.
* Local registry mirror configuration isn't implemented yet with the Containerd Image Store. The `registry-mirrors` and `insecure-registries` aren't taken into account by the Docker daemon.
* The `reference` filter isn't implemented yet and will return the error `invalid filter 'reference'` when listing images.
* Pulling an image may fail with the error `pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed`, in the situation where the image does not contain a manifest list. To workaround this issue run the `docker login` command and pull the image again.
> If you're using an older version, the Docker daemon reports the following
> error:
> `Multiple platforms feature is currently not supported for docker driver. Please switch to a different driver`.
>
> Install a newer version of Buildx following the instructions on
> [Docker Buildx Manual download](../../build/buildx/install/#manual-download).
- In Docker Desktop 4.12.0, the containerd image store feature is incompatible
with the Kubernetes cluster support. Turn off the containerd image store
feature if you are using the Kubernetes from Docker Desktop.
- Local registry mirror configuration isn't implemented yet with the containerd
image store. The `registry-mirrors` and `insecure-registries` aren't taken
into account by the Docker daemon.
- The `reference` filter isn't implemented yet and will return the error
`invalid filter 'reference'` when listing images.
- Pulling an image may fail with the error
`pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed`,
in the situation where the image does not contain a manifest list. To
workaround this issue run the `docker login` command and pull the image again.
## Feedback
Thanks for trying the new features available with `containerd`. Give feedback or report any bugs you may find through the issues tracker on the [feedback form](https://dockr.ly/3PODIhD){: target="_blank" rel="noopener" class="_"}.
Thanks for trying the new features available with `containerd`. Give feedback or
report any bugs you may find through the issues tracker on the
[feedback form](https://dockr.ly/3PODIhD){: target="_blank" rel="noopener"
class="_"}.

214
desktop/wasm/index.md
View File

@ -5,28 +5,40 @@ keywords: Docker, WebAssembly, wasm, containerd, engine
toc_max: 3
---
Wasm (short for WebAssembly) is a faster, lighter alternative to the Linux & Windows containers youre using in Docker today (with [some tradeoffs](https://www.docker.com/blog/docker-wasm-technical-preview/){:target="_blank" rel="noopener" class="_"}).
Wasm (short for WebAssembly) is a fast, light alternative to the Linux and
Windows containers youre using in Docker today (with
[some tradeoffs](https://www.docker.com/blog/docker-wasm-technical-preview/){:target="_blank"
rel="noopener" class="_"}).
This page provides information about the new ability to run Wasm applications alongside your Linux containers in Docker.
This page provides information about the new ability to run Wasm applications
alongside your Linux containers in Docker.
> **Beta**
>
> The Docker+Wasm feature is currently in [Beta](../../release-lifecycle.md/#beta). We recommend that you do not use this feature in production environments as this feature may change or be removed from future releases.
> The Docker+Wasm feature is currently in
> [Beta](../../release-lifecycle.md/#beta). We recommend that you do not use
> this feature in production environments as this feature may change or be
> removed from future releases.
## Turn on the Docker+Wasm integration
## Enable the Docker+Wasm integration
To use the Docker+Wasm integration, developers must turn on the
[containerd image store](../containerd/index.md) feature.
To use the Docker+Wasm integration, developers must enable the [Containerd Image Store](../containerd/index.md) feature.
>**Important**
> **Important**
>
> The Docker+Wasm integration requires the [Containerd Image Store](../containerd/index.md) feature. If youre not currently using the Containerd Image Store, then pre-existing images and containers will be inaccessible.
> The Docker+Wasm integration requires the
> [containerd image store](../containerd/index.md) feature. If youre not
> already using the containerd image store, then pre-existing images and
> containers will be inaccessible.
{: .important}
## Usage examples
### Running a Wasm application with `docker run`
The following `docker run` command starts a Wasm container on your system:
```console
$ docker run -dp 8080:8080 \
--name=wasm-example \
@ -35,10 +47,18 @@ $ docker run -dp 8080:8080 \
michaelirwin244/wasm-example
```
Note the two additional flags to the run command:
> Got an error message? Head to the [troubleshooting section](#troubleshooting)
> for help.
- `--runtime=io.containerd.wasmedge.v1`. This informs the Docker engine that you want to use the Wasm containerd shim instead of the standard Linux container runtime
- `--platform=wasi/wasm32`. This specifies the architecture of the image you want to use. By leveraging a Wasm architecture, you dont need to build separate images for the different machine architectures. The Wasm runtime does the final step of converting the Wasm binary to machine instructions.
Note the `--runtime` and `--platform` flags used in this command:
- `--runtime=io.containerd.wasmedge.v1`: informs the Docker engine that you want
to use the Wasm containerd shim instead of the standard Linux container
runtime
- `--platform=wasi/wasm32`: specifies the architecture of the image you want to
use. By leveraging a Wasm architecture, you dont need to build separate
images for the different machine architectures. The Wasm runtime takes care of
the final step of converting the Wasm binary to machine instructions.
### Running a Wasm application with Docker Compose
@ -62,103 +82,135 @@ $ docker compose up
### Running a multi-service application with Wasm
Networking works the same as you expect with Linux containers, giving you the flexibility to combine Wasm applications with other containerized workloads, such as a database, in a single application stack.
Networking works the same as you expect with Linux containers, giving you the
flexibility to combine Wasm applications with other containerized workloads,
such as a database, in a single application stack.
In the following example, the Wasm application leverages a MariaDB database running in a container.
In the following example, the Wasm application leverages a MariaDB database
running in a container.
1. Clone the repository.
```console
$ git clone https://github.com/second-state/microservice-rust-mysql.git
Cloning into 'microservice-rust-mysql'...
remote: Enumerating objects: 75, done.
remote: Counting objects: 100% (75/75), done.
remote: Compressing objects: 100% (42/42), done.
remote: Total 75 (delta 29), reused 48 (delta 14), pack-reused 0
Receiving objects: 100% (75/75), 19.09 KiB | 1.74 MiB/s, done.
Resolving deltas: 100% (29/29), done.
```
```console
$ git clone https://github.com/second-state/microservice-rust-mysql.git
Cloning into 'microservice-rust-mysql'...
remote: Enumerating objects: 75, done.
remote: Counting objects: 100% (75/75), done.
remote: Compressing objects: 100% (42/42), done.
remote: Total 75 (delta 29), reused 48 (delta 14), pack-reused 0
Receiving objects: 100% (75/75), 19.09 KiB | 1.74 MiB/s, done.
Resolving deltas: 100% (29/29), done.
```
2. Navigate into the cloned project and start the project using Docker Compose.
```console
$ cd microservice-rust-mysql
$ docker compose up
[+] Running 0/1
⠿ server Warning 0.4s
[+] Building 4.8s (13/15)
...
microservice-rust-mysql-db-1 | 2022-10-19 19:54:45 0 [Note] mariadbd: ready for connections.
microservice-rust-mysql-db-1 | Version: '10.9.3-MariaDB-1:10.9.3+maria~ubu2204' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
```
```console
$ cd microservice-rust-mysql
$ docker compose up
[+] Running 0/1
⠿ server Warning 0.4s
[+] Building 4.8s (13/15)
...
microservice-rust-mysql-db-1 | 2022-10-19 19:54:45 0 [Note] mariadbd: ready for connections.
microservice-rust-mysql-db-1 | Version: '10.9.3-MariaDB-1:10.9.3+maria~ubu2204' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
```
In another terminal, we can see the Wasm image that was created.
If you run `docker image ls` from another terminal window, you can see the
Wasm image in your image store.
```console
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
server latest 2c798ddecfa1 2 minutes ago 3MB
```
```console
$ docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
server latest 2c798ddecfa1 2 minutes ago 3MB
```
Inspecting the image shows the image has a `wasi/wasm32` platform. A combination of Os and Architecture.
Inspecting the image shows the image has a `wasi/wasm32` platform, a
combination of OS and architecture:
```console
$ docker image inspect server | grep -A 3 "Architecture"
"Architecture": "wasm32",
"Os": "wasi",
"Size": 3001146,
"VirtualSize": 3001146,
```
```console
$ docker image inspect server | grep -A 3 "Architecture"
"Architecture": "wasm32",
"Os": "wasi",
"Size": 3001146,
"VirtualSize": 3001146,
```
3. Open the website at http://localhost:8090 and create a few sample orders. All of these are interacting with the Wasm server.
4. When you're all done, tear everything down by hitting `Ctrl+C` in the terminal you launched the application.
3. Open the URL `http://localhost:8090` in a browser and create a few sample
orders. All of these are interacting with the Wasm server.
4. When you're all done, tear everything down by hitting `Ctrl+C` in the
terminal you launched the application.
### Building and pushing a Wasm module
1. Create a Dockerfile that builds your Wasm application. This varies depending on the language you are using.
1. Create a Dockerfile that builds your Wasm application.
2. In a separate stage in your `Dockerfile`, extract the module and set it as the `ENTRYPOINT`.
Exactly how to do this varies depending on the programming language you use.
```dockerfile
FROM scratch
COPY --from=build /build/hello_world.wasm /hello_world.wasm
ENTRYPOINT [ "hello_world.wasm" ]
```
2. In a separate stage in your `Dockerfile`, extract the module and set it as
the `ENTRYPOINT`.
3. Build and push the image specifying the `wasi/wasm32` architecture. Buildx makes this easy to do in a single command.
```dockerfile
FROM scratch
COPY --from=build /build/hello_world.wasm /hello_world.wasm
ENTRYPOINT [ "hello_world.wasm" ]
```
```console
$ docker buildx build --platform wasi/wasm32 -t username/hello-world .
...
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => exporting manifest sha256:2ca02b5be86607511da8dc688234a5a00ab4d58294ab9f6beaba48ab3ba8de56 0.0s
=> => exporting config sha256:a45b465c3b6760a1a9fd2eda9112bc7e3169c9722bf9e77cf8c20b37295f954b 0.0s
=> => naming to docker.io/username/hello-world:latest 0.0s
=> => unpacking to docker.io/username/hello-world:latest 0.0s
$ docker push username/hello-world
```
3. Build and push the image specifying the `wasi/wasm32` architecture. Buildx
makes this easy to do in a single command.
```console
$ docker buildx build --platform wasi/wasm32 -t username/hello-world .
...
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => exporting manifest sha256:2ca02b5be86607511da8dc688234a5a00ab4d58294ab9f6beaba48ab3ba8de56 0.0s
=> => exporting config sha256:a45b465c3b6760a1a9fd2eda9112bc7e3169c9722bf9e77cf8c20b37295f954b 0.0s
=> => naming to docker.io/username/hello-world:latest 0.0s
=> => unpacking to docker.io/username/hello-world:latest 0.0s
$ docker push username/hello-world
```
## Docker+Wasm Release Notes
## Troubleshooting
2022-12-01
Beta release included in Docker Desktop 4.15
This section contains instructions on how to resolve common issues.
2022-10-24
Initial release
### Unknown runtime specified
### New
- Initial implementation of Wasm integration
If you try to run a Wasm container before you have opted in to use the
containerd image store, an error similar to the following displays:
```
docker: Error response from daemon: Unknown runtime specified io.containerd.wasmedge.v1.
```
[Turn on the containerd feature](../containerd/index.md#enabling-the-containerd-image-store-feature)
in Docker Desktop settings and try again.
### Failed to start shim: failed to resolve runtime path
If you use an older version of Docker Desktop that doesn't support running Wasm
containers, you will see an error message similar to the following:
```
docker: Error response from daemon: failed to start shim: failed to resolve runtime path: runtime "io.containerd.wasmedge.v1" binary not installed "containerd-shim-wasmedge-v1": file does not exist: unknown.
```
Update your Docker Desktop to the latest version and try again.
## Known issues
### Known issues
- Docker Compose may not exit cleanly when interrupted
- Workaround: Clean up `docker-compose` processes by sending them a SIGKILL (`killall -9 docker-compose`).
- Pushes to Hub might give an error stating `server message: insufficient_scope: authorization failed`, even after logging in using Docker Desktop
- Workaround: Run `docker login` in the CLI
- Workaround: Clean up `docker-compose` processes by sending them a SIGKILL
(`killall -9 docker-compose`).
- Pushes to Hub might give an error stating
`server message: insufficient_scope: authorization failed`, even after logging
in using Docker Desktop
- Workaround: Run `docker login` in the CLI
## Feedback
Thanks for trying the new Docker+Wasm integration. Give feedback or report any bugs you may find through the issues tracker on the [public roadmap item](https://github.com/docker/roadmap/issues/426){: target="_blank" rel="noopener" class="_"}.
Thanks for trying the new Docker+Wasm integration. Give feedback or report any
bugs you may find through the issues tracker on the
[public roadmap item](https://github.com/docker/roadmap/issues/426){:
target="_blank" rel="noopener" class="_"}.