はてなブックマーク

Estimated reading time: 5 minutes Profiles allow adjusting the Compose application model for various usages and environments by selectively enabling services. This is achieved by assigning each service to zero or more profiles. If unassigned, the service is always started but if assigned, it is only started if the profile is activated. This allows one to define additional services in a single dock

In addition to Compose file format versions shown in the table, the Compose itself is on a release schedule, as shown in Compose releases, but file format versions do not necessarily increment with each release. For example, Compose file format 3.0 was first introduced in Compose release 1.10.0, and versioned gradually in subsequent releases. The latest Compose file format is defined by the Compos

Estimated reading time: 22 minutes Overview The Docker Compose CLI enables developers to use native Docker commands to run applications in Amazon Elastic Container Service (ECS) when building cloud-native applications. The integration between Docker and Amazon ECS allows developers to use the Docker Compose CLI to: Set up an AWS context in one Docker command, allowing you to switch from a local co

Estimated reading time: 3 minutes Docker Desktop for Mac on Apple silicon is now available as a GA release. This enables you to develop applications with your choice of local development environments, and extends development pipelines for ARM-based applications. Docker Desktop for Apple silicon also supports multi-platform images, which allows you to build and run images for both x86 and ARM archi

Did you know that you can now get 10 free scans per month? Sign in to Docker to start scanning your images for vulnerabilities. Sign in Looking to speed up your development cycles? Quickly detect and learn how to remediate CVEs in your images by running docker scan IMAGE_NAME. Check out How to scan images for details. Vulnerability scanning for Docker local images allows developers and development

Estimated reading time: 36 minutes About secrets In terms of Docker Swarm services, a secret is a blob of data, such as a password, SSH private key, SSL certificate, or another piece of data that should not be transmitted over a network or stored unencrypted in a Dockerfile or in your application’s source code. You can use Docker secrets to centrally manage this data and securely transmit it to on

Rootless mode allows running the Docker daemon and containers as a non-root user to mitigate potential vulnerabilities in the daemon and the container runtime. Rootless mode does not require root privileges even during the installation of the Docker daemon, as long as the prerequisites are met. Rootless mode was introduced in Docker Engine v19.03 as an experimental feature. Rootless mode graduated

Import the contents from a tarball to create a filesystem image Usage Refer to the options section for an overview of available OPTIONS for this command. Description You can specify a URL or - (dash) to take data directly from STDIN. The URL can point to an archive (.tar, .tar.gz, .tgz, .bzip, .tar.xz, or .txz) containing a filesystem or to an individual file on the Docker host. If you specify an

Windows Subsystem for Linux (WSL) 2 introduces a significant architectural change as it is a full Linux kernel built by Microsoft, allowing Linux distributions to run without having to manage Virtual Machines. With Docker Desktop running on WSL 2, users can leverage Linux workspaces and avoid having to maintain both Linux and Windows build scripts. In addition, WSL 2 provides improvements to file

Docker Build is one of Docker Engine’s most used features. Whenever you are creating an image you are using Docker Build. Build is a key part of your software development life cycle allowing you to package and bundle your code and ship it anywhere. The Docker Engine uses a client-server architecture and is composed of multiple components and tools. The most common method of executing a build is by

By default all files created inside a container are stored on a writable container layer. This means that: The data doesn’t persist when that container no longer exists, and it can be difficult to get the data out of the container if another process needs it. A container’s writable layer is tightly coupled to the host machine where the container is running. You can’t easily move the data somewhere

Bind mounts have been around since the early days of Docker. Bind mounts have limited functionality compared to volumes. When you use a bind mount, a file or directory on the host machine is mounted into a container. The file or directory is referenced by its absolute path on the host machine. By contrast, when you use a volume, a new directory is created within Docker’s storage directory on the h

By default, Docker captures the standard output (and standard error) of all your containers, and writes them in files using the JSON format. The JSON format annotates each line with its origin (stdout or stderr) and its timestamp. Each log file contains information about only one container. {"log":"Log line is here\n","stream":"stdout","time":"2019-01-01T11:11:11.111111111Z"} Warning The json-file

Note This page describes how to configure the Docker CLI to configure proxies via environment variables in containers. For information on configuring Docker Desktop to use HTTP/HTTPS proxies, see proxies on Mac, proxies on Windows, and proxies on Linux. If you are not running Docker Desktop, and have installed the Docker Engine in other ways, refer to the “HTTP/HTTPS proxy” section in configuring

This section includes the reference documentation for the Docker platform’s various APIs, CLIs, and file formats. File formats File format Description

Display a live stream of container(s) resource usage statistics Usage Refer to the options section for an overview of available OPTIONS for this command. Description The docker stats command returns a live data stream for running containers. To limit data to one or more specific containers, specify a list of container names or ids separated by a space. You can specify a stopped container but stopp

Docker Desktop includes a standalone Kubernetes server and client, as well as Docker CLI integration that runs on your machine. The Kubernetes server runs locally within your Docker instance, is not configurable, and is a single-node cluster. It runs within a Docker container on your local system, and is only for local testing. Enabling Kubernetes allows you to deploy your workloads in parallel, o

By default, when the Docker daemon terminates, it shuts down running containers. You can configure the daemon so that containers remain running if the daemon becomes unavailable. This functionality is called live restore. The live restore option helps reduce container downtime due to daemon crashes, planned outages, or upgrades. Note Live restore is not supported on Windows containers, but it does

Refer to the options section for an overview of available OPTIONS for this command. Description Creates a new volume that containers can consume and store data in. If a name is not specified, Docker generates a random name. For example uses of this command, refer to the examples section below. Options

Reference documentation and Swagger (OpenAPI) specification for the vv1.41 version of the API served by Docker Engine.

There are multiple parts of Compose that deal with environment variables in one sense or another. This page should help you find the information you need. Substitute environment variables in Compose files It’s possible to use environment variables in your shell to populate values inside a Compose file: If you have multiple environment variables, you can substitute them by adding them to a default

In addition to Compose file format versions shown in the table, the Compose itself is on a release schedule, as shown in Compose releases, but file format versions do not necessarily increment with each release. For example, Compose file format 3.0 was first introduced in Compose release 1.10.0, and versioned gradually in subsequent releases. The latest Compose file format is defined by the Compos

The awslogs logging driver sends container logs to Amazon CloudWatch Logs. Log entries can be retrieved through the AWS Management Console or the AWS SDKs and Command Line Tools. Usage To use the awslogs driver as the default logging driver, set the log-driver and log-opt keys to appropriate values in the daemon.json file, which is located in /etc/docker/ on Linux hosts or C:\ProgramData\docker\co