Quickstart containers Understand the architecture

Installation on Mac OS X Installation on Windows

Installation on Ubuntu Installation on Red Hat Enterprise Linux Installation on CentOS Installation on Fedora Installation on Debian Installation on Arch Linux Installation on CRUX Linux Installation on FrugalWare Installation on Gentoo Installation on Oracle Linux Installation on openSUSE and SUSE Linux Enterprise

Choose how to install Example: Manual install on cloud provider Example: Use Docker Machine to provision cloud hosts

Installation from binaries

Introduction

Hello world in a container Run a simple application Build your own images Network containers Manage data in containers Store images on Docker Hub

Best practices for writing Dockerfiles Create a base image Image management

Understand images, containers, and storage drivers Select a storage driver AUFS storage driver in practice Btrfs storage in practice Device mapper storage in practice OverlayFS storage in practice ZFS storage in practice

Docker container networking Work with network commands Get started with multi-host networking Configure container DNS in user-defined networks Default bridge network

Apply custom metadata

Automatically start containers Control and configure Docker with systemd PowerShell DSC Usage Process management with CFEngine Using Chef Using Puppet Using Supervisor with Docker Configuring and running Docker Runtime metrics Link via an ambassador container

Configuring Logging Drivers Amazon CloudWatch Logs logging driver Log tags for logging driver Fluentd logging driver Splunk logging driver journald logging driver

Run a local registry mirror

Docker security Protect the Docker daemon socket Using certificates for repository client verification

Content trust in Docker Automation with content trust Deploying Notary Manage keys for content trust Play in a content trust sandbox

AppArmor security profiles for Docker Seccomp security profiles for Docker

Access authorization plugin Extending Engine with plugins Docker network driver plugins Volume plugins Plugins API

Dockerizing MongoDB Dockerizing PostgreSQL Dockerizing a CouchDB service Dockerizing a Couchbase service Dockerizing a Node.js web app Dockerizing a Redis service Dockerizing a Riak service Dockerizing an SSH service Dockerizing an apt-cacher-ng service

Dockerfile reference Docker run reference

Use the Docker command line daemon attach build commit cp create diff events exec export history images import info inspect kill load login logout logs network connect network create network disconnect network inspect network ls network rm pause port ps pull push rename restart rm rmi run save search start stats stop tag top unpause update version volume create volume inspect volume ls volume rm wait

Remote API Remote API v1.22 Remote API v1.21 Remote API v1.20 Remote API v1.19 Remote API v1.18 Remote API v1.17 Remote API v1.16 Remote API v1.15 Remote API v1.14 Remote API client libraries docker.io accounts API

Migrate to Engine 1.10 Breaking changes Deprecated Engine Features FAQ

Swarm Overview How to get Swarm Evaluate Swarm in a sandbox Plan for Swarm in production Build a Swarm cluster for production

Learn the application architecture Deploy network infrastructure Setup cluster resources Deploy the application Troubleshoot the application

High availability in Swarm Swarm and container networks Discovery Provision with Machine

Filters Strategies

Overview Docker Swarm with TLS Configure Docker Swarm for TLS

create help join list manage swarm

Docker Swarm API

Overview of Docker Compose Install Compose Getting Started Using Compose with Swarm Quickstart: Compose and Django Quickstart: Compose and Rails Quickstart: Compose and WordPress Extending Services in Compose Networking in Compose Using Compose in Production Compose File Reference

Overview of docker-compose CLI CLI Environment Variables build config create down events help kill logs pause port ps pull restart rm run scale start stop unpause up

Command-line Completion Link Environment Variables Controlling startup order Frequently Asked Questions

Introducing Docker Hub Your Docker Hub account Teams & Organizations Repositories on Docker Hub Automated Builds Webhooks for automated builds Automated Builds with Bitbucket Automated Builds from GitHub Official Repositories on Docker Hub

Overview Trusted Registry

Install Docker Subscription for AWS (BYOL)) Install Docker Engine for AWS AMI (BDS) Install Trusted Registry for AWS AMI (BDS) Install on Microsoft Azure Install the Trusted Registry offline Manually Install the CS Docker Engine Manually install Trusted Registry Upgrade Trusted Registry and the CS Engine

Configuration overview Configure general settings Security configuration Storage configuration Auth configuration

Quick-start: Basic Workflow User guide Admin tasks Account and repository management Remove an image and garbage collection Trusted Registry License Support

Overview v1.3.3 API v1.4.0 API

Trusted Registry release notes Prior Trusted Registry release notes CS Engine release notes Prior CS Engine release notes

Release Notes

Introducing Docker Cloud Link to a Cloud Service Provider Link your Amazon Web Services account Link your DigitalOcean account Link your Microsoft Azure account Link your Packet account Link your SoftLayer account Set up self-hosted nodes Deploy your first node Deploy your first service

Learn about Dockerfiles and Docker Cloud Back up data volumes Create a proxy or load balancer Install the Deploy to Docker Cloud button Integrate with Slack Push images to Docker Cloud SSHing into a Docker Cloud-managed node Upgrade Docker Engine on a node Use the Docker Cloud Agent Using the Docker Cloud CLI

Introduction to deploying a Golang app Set up Prepare the app Push a Docker image to Docker Cloud's Registry Deploy the app as a Docker Cloud service Define environment variables Scale the service View logs Load-balance the service Provision a data backend for your service

Deploy a Python app Set up Python application Prepare the Python application Push an image to Docker Cloud's Registry Deploy the app as a Docker Cloud service Define environment variables Scale the service View logs Load-balance a Python service Provision a data backend for a Python service Data management with Volumes Python service stacks

Autodestroy Automated build Automated repository tests Automatic Container Restart Autoredeploy Deployment tags Manage service stacks Publish and expose service or container ports Redeploy running services Schedule a deployment Service API Roles Service discovery Spawn new containers Stack YAML reference Use triggers Work with data volumes

Known Issues in Docker Cloud Using Docker Cloud and Packet.net Using Docker Cloud on AWS

API reference

Machine Overview Install Machine Get started with a local VM Provision hosts in the cloud

Provision Digital Ocean Droplets Provision AWS EC2 Instances

Machine concepts and help Migrate from Boot2Docker to Machine

active config create env help inspect ip kill ls provision regenerate-certs restart rm scp ssh start status stop upgrade url

Driver options and operating system defaults Amazon Web Services Digital Ocean Generic Google Compute Engine IBM Softlayer Microsoft Azure Microsoft Hyper-V OpenStack Oracle VirtualBox Rackspace VMware Fusion VMware vCloud Air VMware vSphere exoscale

Command-line Completion

Docker Universal Control Plane Evaluation installation Plan a production installation Install UCP for production Upgrade UCP Deploy an application Integrate with Trusted Registry Set up container networking Set up high availability UCP Key/Value Store Backends

Monitor and troubleshoot UCP Manage and authorize users

dump-certs engine-discovery fingerprint help images install join uninstall upgrade

Get support Release Notes

Toolbox Overview

Kitematic User Guide: Intro & Overview Set up an Nginx web server Set up a Minecraft Server Creating a Local RethinkDB Database for Development Frequently Asked Questions Known Issues

Registry Overview Understanding the Registry Deploying a registry server Configuring a registry Working with notifications Recipes

HTTP API V2 Storage Drivers Token Authentication Implementation Token Authentication Specification

Getting help

Getting started with Notary Use the Notary client Understand the service architecture Running a Notary service

Server Configuration Signer Configuration Client Configuration Common Server and Signer Configurations

Notary Changelog

Quickstart contribution

README first Get the required software Set up for development on Windows Configure Git for contributing Work with a development container Run tests and test documentation

Understand how to contribute Find and claim an issue Work on your issue Create a pull request (PR) Participate in the PR review Advanced contributing Coding style checklist

Organize a Docker Meetup Organize our issues Support the community Testing contributions

Get started Find an issue Set up for Kitematic development Develop in Kitematic (work on an issue) Create a pull request (PR) Where to learn more

Docker Governance Advisory Board Board member profiles Code of conduct

FAQ for contributors Where to chat or get help Style guide for Docker documentation

Docker Release Notes Docker Glossary

Version 1.9 Version 1.8 Version 1.7 Version 1.6 Version 1.5 Version 1.4

Account and repository management introduction

Administrators assign permissions to control users level of access to the Trusted Registry. To access repositories, these users are grouped into teams and organizations. Users can use the Trusted Registry UI to view their teams, organizations, and the repositories they belong to.

This document describes:

How account management is organized, and
Provides examples of using the UI to organize and view users, teams, organizations, and repositories.

Note: You can manage accounts and repositories from a Trusted Registry API. Refer to the API documentation located under the user drop down menu in the Trusted Registry UI to learn about it.

Account types

Docker defines two types of accounts: users and organizations.

User accounts correspond to individuals able to authenticate to the Trusted Registry.
Organization accounts consists of subsets of users grouped into teams. Organizations can correspond to separate divisions, business units, or product teams within in your corporation.

Both user and organization accounts are uniquely identified by an account name. These names also serve to organize repositories in the Trusted Registry into namespaces corresponding to each account using the format <account-name>/<repository-name>.

User accounts

Users may be members of multiple teams and multiple organizations. As such, they may have differing permissions that are particular to that team. For example, team A can have admin permissions to manage teams while Team B can have only read permissions.

Users, through their own namespace, can manage and share their own repositories.
Users can be granted permission to repositories through team membership in an organization.
Users can be an “owner” member of an organization. This grants them permission to manage all teams and repositories in that organization.

The following table depicts user permissions and roles:

Permissions/Roles	sys admin	org admin	org member	team member	user
orgs: create, edit, delete	x
orgs: view public repos, teams, members	x	x	x
orgs: view public repos only	x	x	x	x	x
teams: create, edit, delete	x	x
teams: view public repos, members	x	x	x	x
teams: set repo permissions	x	x

Organization accounts

Organizations are defined by its own namespace of repositories. They can consist of one or more teams with each team having its own set of permissions. It can also be managed by anyone in an initial “owners” team, which is created by default.

Organization owners have the highest level of permissions within the organization. They can manage all teams and repositories and create, modify, or delete teams.
Organization members must be a member of one or more teams within the organization.

All organization members can see teams and their members. However, they are not visible to users outside that organization.

Teams in an organization

Teams are a convenient grouping of users. Organization owners can create a team and control team membership using the following authentication methods:

Importing a managed list of users.
Setting up LDAP integration and configuring team membership sync with an LDAP group.

Organization owners, other than the system administrator, are the only people who can create, modify, or delete those teams that belong to that organization.

The following table depicts teams permissions to their repositories:

Repository access	read	read-write	admin
view/ browse	x	x	x
pull	x	x	x
push		x	x
edit/delete tags		x	x
edit the description			x
make public or private			x
manage user access			x

Team permissions are additive. This means that the highest level of permissions is always granted and can’t be reduced. For example, a user belongs to two teams. Team A grants its members “read-write” access to a repository and Team B grants “read-only” access to the same repository. That user will have “read-write” access to the repository because it is the higher permission level of the two.

Repository behavior

Repositories are identified by a namespace value. A namespace has the format account-name/repository-name. The account-name can be either a user or organization account. Upon creation, you can determine whether the repository has either public or private visibility.

Public repositories are visible to all accounts. But it can only be written to by accounts granted explicit write access. However private repositories can’t be discovered by any account type unless it has explicit read access to it.

You must first create a repository before pushing an image to it. Otherwise you will see the following error message:

% docker push my.dtr.host/user1/myimage
The push refers to a repository [my.dtr.host/user1/myimage] (len: 1) 1d073211c498: Image push failed
unauthorized: access to the requested resource is not authorized

Manage repositories, organizations, and teams

This section provides workflows for you to manage your users using the Trusted Registry’s repositories.

Create an organization

From the Trusted Registry dashboard, click the Organizations submenu.
Click New organization. The Organization details screen displays.
Enter a unique name for your organization and save.

Add teams to your organization

From the Trusted Registry dashboard, click the Organizations submenu.
Find your organization and select it. The Organization details screen displays.
Select the submenu Teams.
By default, the owners team box displays where you can add members who will have full admin access to that repository.
Click New team and enter the required fields.
Click Add members to select members to the team. Save your work.

At this point, you have created an organization and populated it with at least one team. Next, you will either create or associate a repository to that organization.

Create a new repository for the team or organization

From the Organization details screen, click the desired organization.
If you click New repository, follow the steps to create a new repository that is associated to the organization.
To associate that repo to a team, click the Teams subtab, then click the targeted team.
Click Add repository and select a permission set from the drop down menu.
You can either create a new repository or find an existing repository to associate to the team.

Create a new repository

From the Trusted Registry dashboard, click the Repositories submenu.
Click New repository. The Repositories details screen displays.
Select an account type and enter a repository name.
Determine visibility. By default, the repository is public.
(Optional) Enter a description.
Save your work.

From the Repository submenu, you can:

View, search, and filter the list of your repositories.
Create either public or private repositories.
Select a repository and edit it.
Drill down to see details and teams that are associated with it.

View repository details

From the Trusted Registry dashboard, navigate to the Repositories menu.
Find a repository that contains images in it.
Click the submenu to see either details, tags, or settings.

The Details screen contains a brief description, a longer README, and the permissions associated with it.

The Tag screen contains the list of image tags. If you wanted to delete an image for garbage collection, click the garbage can icon beside it.

Repositories page</repositories>

The Settings screen is where you edit the details screen.

Nov	MAR	Apr
	05
2015	2016	2017