From aff805d34d7880dad05ec8bd0b76fcb8a37f52e5 Mon Sep 17 00:00:00 2001 From: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> Date: Wed, 2 Jul 2025 09:16:50 +0100 Subject: [PATCH 1/4] Merge pull request #22978 from aevesdocker/ENGDOCS-2674 build: seo updates --- .../manuals/build/metadata/attestations/sbom.md | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/content/manuals/build/metadata/attestations/sbom.md b/content/manuals/build/metadata/attestations/sbom.md index ffbd5354317d..a272f724446e 100644 --- a/content/manuals/build/metadata/attestations/sbom.md +++ b/content/manuals/build/metadata/attestations/sbom.md @@ -2,15 +2,12 @@ title: SBOM attestations keywords: build, attestations, sbom, spdx, metadata, packages description: | - SBOM build attestations describe the contents of your image, - and the packages used to build it. + SBOM attestations describe what software artifacts an image contains and the artifacts used to create the image. aliases: - /build/attestations/sbom/ --- -Software Bill of Materials (SBOM) attestations describe what software artifacts -an image contains, and artifacts used to create the image. Metadata included in -an SBOM for describing software artifacts may include: +SBOM attestations help ensure [software supply chain transparency](/guides/docker-scout/s3c.md) by verifying the software artifacts an image contains and the artifacts used to create the image. Metadata included in an [SBOM](/guides/docker-scout/sbom.md) for describing software artifacts may include: - Name of the artifact - Version @@ -18,14 +15,9 @@ an SBOM for describing software artifacts may include: - Authors - Unique package identifier -There are benefits to indexing contents of an image during the build, as opposed -to scanning a final image. When scanning happens as part of the build, you're -able to detect software you use to build the image, that may not show up in the -final image. +Indexing the contents of an image during the build has benefits over scanning a final image. When scanning happens as part of the build, you can detect software you used to build the image, which may not show up in the final image. -The SBOMs generated by BuildKit follow the SPDX standard. SBOMs attach to the -final image as a JSON-encoded SPDX document, using the format defined by the -[in-toto SPDX predicate](https://github.com/in-toto/attestation/blob/main/spec/predicates/spdx.md). +Docker supports SBOM generation and attestation through an SLSA-compliant build process using BuildKit and attestations. The SBOMs generated by [BuildKit](/manuals/build/buildkit/_index.md) follow the SPDX standard and attach to the final image as a JSON-encoded SPDX document, using the format defined by the [in-toto SPDX predicate](https://github.com/in-toto/attestation/blob/main/spec/predicates/spdx.md). On this page, you’ll learn how to create, manage, and verify SBOM attestations using Docker tooling. ## Create SBOM attestations From ac3914ae010a79f4416725f756d0d532237b5ef4 Mon Sep 17 00:00:00 2001 From: Arthur Date: Wed, 2 Jul 2025 10:46:27 +0200 Subject: [PATCH 2/4] mcp: dedicated MCP hub (#22969) ## Description Update terminology and links in accordance to the new dedicated MCP Hub. Signed-off-by: Craig Co-authored-by: Craig Osterhout <103533812+craig-osterhout@users.noreply.github.com> --- content/manuals/ai/mcp-catalog-and-toolkit/catalog.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/content/manuals/ai/mcp-catalog-and-toolkit/catalog.md b/content/manuals/ai/mcp-catalog-and-toolkit/catalog.md index 7ab44e7fd15a..7526a7833fb1 100644 --- a/content/manuals/ai/mcp-catalog-and-toolkit/catalog.md +++ b/content/manuals/ai/mcp-catalog-and-toolkit/catalog.md @@ -1,10 +1,10 @@ --- title: Docker MCP Catalog description: Learn about the benefits of the MCP Catalog, how you can use it, and how you can contribute -keywords: docker hub, mcp, mcp servers, ai agents, calatog, docker +keywords: docker hub, mcp, mcp servers, ai agents, catalog, docker --- -The [Docker MCP Catalog](https://hub.docker.com/catalogs/mcp) is a centralized, trusted registry for discovering, sharing, and running MCP-compatible tools. Seamlessly integrated into Docker Hub, it offers verified, versioned, and curated MCP servers packaged as Docker images. The catalog is also available in Docker Desktop. +The [Docker MCP Catalog](https://hub.docker.com/mcp) is a centralized, trusted registry for discovering, sharing, and running MCP-compatible tools. Seamlessly integrated into Docker Hub, it offers verified, versioned, and curated MCP servers packaged as Docker images. The catalog is also available in Docker Desktop. The catalog solves common MCP server challenges: @@ -32,10 +32,11 @@ Each tool in the MCP Catalog is packaged as a Docker image with metadata: - Connect tools to their preferred agents with simple configuration through the [MCP Toolkit](toolkit.md). - Pull and run tools using Docker Desktop or the CLI. -Each catalog entry provides: +Each catalog entry displays: - Tool description and metadata - Version history +- List of tools provided by the MCP server - Example configuration for agent integration ## Use an MCP server from the catalog @@ -44,11 +45,11 @@ To use an MCP server from the catalog, see [MCP toolkit](toolkit.md). ## Contribute an MCP server to the catalog -The MCP server registry is available at https://github.com/docker/mcp-registry. To submit an MCP server: +The MCP server registry is available at https://github.com/docker/mcp-registry. To submit an MCP server, follow the [contributing guidelines](https://github.com/docker/mcp-registry/blob/main/CONTRIBUTING.md). When your pull request is reviewed and approved, your MCP server is available in 24 hours on: - Docker Desktop's [MCP Toolkit feature](toolkit.md) - The [Docker MCP catalog](https://hub.docker.com/mcp) -- The [Docker Hub](https://hub.docker.com/u/mcp) mcp namespace (for MCP servers built by Docker) +- The [Docker Hub](https://hub.docker.com/u/mcp) `mcp` namespace (for MCP servers built by Docker) From 75160e41de550f542dd21b83e3e46b2cc40900e3 Mon Sep 17 00:00:00 2001 From: Arthur Date: Wed, 2 Jul 2025 10:46:48 +0200 Subject: [PATCH 3/4] fix: clarify requirements (#22971) Clarify supported platforms. --------- Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> --- _vale/Docker/Forbidden.yml | 6 ++++ _vale/config/vocabularies/Docker/accept.txt | 8 +++-- content/manuals/ai/model-runner/_index.md | 35 +++++++++++++++++++++ data/summary.yaml | 2 +- hugo_stats.json | 3 ++ 5 files changed, 50 insertions(+), 4 deletions(-) create mode 100644 _vale/Docker/Forbidden.yml diff --git a/_vale/Docker/Forbidden.yml b/_vale/Docker/Forbidden.yml new file mode 100644 index 000000000000..d8b7a37ae8c9 --- /dev/null +++ b/_vale/Docker/Forbidden.yml @@ -0,0 +1,6 @@ +extends: substitution +message: "Use '%s' instead of '%s'." +level: error +ignorecase: false +swap: + Docker CE: Docker Engine diff --git a/_vale/config/vocabularies/Docker/accept.txt b/_vale/config/vocabularies/Docker/accept.txt index dc57808c91e6..dc911190c3f4 100644 --- a/_vale/config/vocabularies/Docker/accept.txt +++ b/_vale/config/vocabularies/Docker/accept.txt @@ -1,7 +1,8 @@ (?i)[A-Z]{2,}'?s +Adreno +Aleksandrov Amazon Anchore -Aleksandrov Apple Artifactory Azure @@ -114,6 +115,7 @@ Nginx npm Nutanix Nuxeo +NVIDIA OAuth Okta Ollama @@ -126,8 +128,7 @@ PKG Postgres PowerShell Python -Pyright -pyright +Qualcomm rollback rootful runc @@ -200,6 +201,7 @@ Zsh [Pp]rocfs [Pp]roxied [Pp]roxying +[pP]yright [Rr]eal-time [Rr]egex(es)? [Rr]untimes? diff --git a/content/manuals/ai/model-runner/_index.md b/content/manuals/ai/model-runner/_index.md index faa2f32d74f3..9523b47e8b5b 100644 --- a/content/manuals/ai/model-runner/_index.md +++ b/content/manuals/ai/model-runner/_index.md @@ -40,6 +40,41 @@ with AI models locally. - Run and interact with AI models directly from the command line or from the Docker Desktop GUI - Manage local models and display logs +## Requirements + +Docker Model Runner is supported on the following platforms: + +{{< tabs >}} +{{< tab name="Windows">}} + +Windows(amd64): +- NVIDIA GPUs +- NVIDIA drivers 576.57+ + +Windows(arm64): +- OpenCL for Adreno +- Qualcomm Adreno GPU (6xx series and later) + + > [!NOTE] + > Some llama.cpp features might not be fully supported on the 6xx series. + +{{< /tab >}} +{{< tab name="MacOS">}} + +- Apple Silicon + +{{< /tab >}} +{{< tab name="Linux">}} + +Docker Engine only: + +- Linux CPU & Linux NVIDIA +- NVIDIA drivers 575.57.08+ + +{{< /tab >}} +{{}} + + ## How it works Models are pulled from Docker Hub the first time they're used and stored locally. They're loaded into memory only at runtime when a request is made, and unloaded when not in use to optimize resources. Since models can be large, the initial pull may take some time — but after that, they're cached locally for faster access. You can interact with the model using [OpenAI-compatible APIs](#what-api-endpoints-are-available). diff --git a/data/summary.yaml b/data/summary.yaml index a75b022507ef..596e888c00b5 100644 --- a/data/summary.yaml +++ b/data/summary.yaml @@ -162,7 +162,7 @@ Docker Init: Docker Model Runner: availability: Beta requires: Docker Engine or Docker Desktop (Windows) 4.41+ or Docker Desktop (MacOS) 4.40+ - for: Docker Desktop for Mac with Apple Silicon or Windows with NVIDIA GPUs + for: See Requirements section below Docker Projects: availability: Beta Docker Scout exceptions: diff --git a/hugo_stats.json b/hugo_stats.json index 9748c47ca59c..8ce431cd9033 100644 --- a/hugo_stats.json +++ b/hugo_stats.json @@ -84,6 +84,7 @@ "Mac-and-Linux", "Mac-with-Apple-silicon", "Mac-with-Intel-chip", + "MacOS", "Manually-create-assets", "NetworkManager", "Networking-mode", @@ -110,7 +111,9 @@ "Run-Ollama-in-a-container", "Run-Ollama-outside-of-a-container", "Rust", + "Separate-containers", "Shell-script", + "Single-container", "Specific-version", "Svelte", "Ubuntu", From a46cdb485de49b5946d46c0e8c65a7c12cffb6c8 Mon Sep 17 00:00:00 2001 From: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> Date: Wed, 2 Jul 2025 10:45:17 +0100 Subject: [PATCH 4/4] Compose freshness: startup order, profiles, lifecycle hooks, project name (#22949) ## Description Freshness to a few how-tos pages. also fixes and closes https://github.com/docker/docs/issues/21417 ## Related issues or tickets ## Reviews - [ ] Technical review - [ ] Editorial review - [ ] Product review --- content/manuals/compose/how-tos/lifecycle.md | 4 +- content/manuals/compose/how-tos/profiles.md | 74 ++++--------------- .../manuals/compose/how-tos/project-name.md | 6 +- .../manuals/compose/how-tos/startup-order.md | 6 +- 4 files changed, 22 insertions(+), 68 deletions(-) diff --git a/content/manuals/compose/how-tos/lifecycle.md b/content/manuals/compose/how-tos/lifecycle.md index d60a942d9691..5857539c161d 100644 --- a/content/manuals/compose/how-tos/lifecycle.md +++ b/content/manuals/compose/how-tos/lifecycle.md @@ -2,8 +2,8 @@ title: Using lifecycle hooks with Compose linkTitle: Use lifecycle hooks weight: 20 -desription: How to use lifecycle hooks with Docker Compose -keywords: cli, compose, lifecycle, hooks reference +description: Learn how to use Docker Compose lifecycle hooks like post_start and pre_stop to customize container behavior. +keywords: docker compose lifecycle hooks, post_start, pre_stop, docker compose entrypoint, docker container stop hooks, compose hook commands --- {{< summary-bar feature_name="Compose lifecycle hooks" >}} diff --git a/content/manuals/compose/how-tos/profiles.md b/content/manuals/compose/how-tos/profiles.md index 5d90153606b1..13d472e5dc39 100644 --- a/content/manuals/compose/how-tos/profiles.md +++ b/content/manuals/compose/how-tos/profiles.md @@ -85,6 +85,12 @@ If you want to enable all profiles at the same time, you can run `docker compose ## Auto-starting profiles and dependency resolution +When you explicitly target a service on the command line that has one or more profiles assigned, you do not need to enable the profile manually as Compose runs that service regardless of whether its profile is activated. This is useful for running one-off services or debugging tools. + +Only the targeted service (and any of its declared dependencies via `depends_on`) is started. Other services that share the same profile will not be started unless: +- They are also explicitly targeted, or +- The profile is explicitly enabled using `--profile` or `COMPOSE_PROFILES`. + When a service with assigned `profiles` is explicitly targeted on the command line its profiles are started automatically so you don't need to start them manually. This can be used for one-off services and debugging tools. @@ -108,72 +114,19 @@ services: ``` ```sh -# Only start backend and db +# Only start backend and db (no profiles involved) $ docker compose up -d -# This runs db-migrations (and, if necessary, start db) -# by implicitly enabling the profiles "tools" +# Run the db-migrations service without manually enabling the 'tools' profile $ docker compose run db-migrations ``` -But keep in mind that `docker compose` only automatically starts the -profiles of the services on the command line and not of any dependencies. - -This means that any other services the targeted service `depends_on` should either: -- Share a common profile -- Always be started, by omitting `profiles` or having a matching profile started explicitly - -```yaml -services: - web: - image: web - - mock-backend: - image: backend - profiles: ["dev"] - depends_on: - - db - - db: - image: mysql - profiles: ["dev"] - - phpmyadmin: - image: phpmyadmin - profiles: ["debug"] - depends_on: - - db -``` - -```sh -# Only start "web" -$ docker compose up -d - -# Start mock-backend (and, if necessary, db) -# by implicitly enabling profiles "dev" -$ docker compose up -d mock-backend - -# This fails because profiles "dev" is not enabled -$ docker compose up phpmyadmin -``` - -Although targeting `phpmyadmin` automatically starts the profiles `debug`, it doesn't automatically start the profiles required by `db` which is `dev`. +In this example, `db-migrations` runs even though it is assigned to the tools profile, because it was explicitly targeted. The `db` service is also started automatically because it is listed in `depends_on`. -To fix this you either have to add the `debug` profile to the `db` service: - -```yaml -db: - image: mysql - profiles: ["debug", "dev"] -``` - -or start the `dev` profile explicitly: - -```console -# Profiles "debug" is started automatically by targeting phpmyadmin -$ docker compose --profile dev up phpmyadmin -$ COMPOSE_PROFILES=dev docker compose up phpmyadmin -``` +If the targeted service has dependencies that are also gated behind a profile, you must ensure those dependencies are either: + - In the same profile + - Started separately + - Not assigned to any profile so are always enabled ## Stop application and services with specific profiles @@ -208,6 +161,7 @@ services: ``` if you only want to stop the `phpmyadmin` service, you can run + ```console $ docker compose down phpmyadmin ``` diff --git a/content/manuals/compose/how-tos/project-name.md b/content/manuals/compose/how-tos/project-name.md index 18372aa7cc5e..37aabdcaa5bd 100644 --- a/content/manuals/compose/how-tos/project-name.md +++ b/content/manuals/compose/how-tos/project-name.md @@ -1,20 +1,20 @@ --- title: Specify a project name weight: 10 -description: Understand the different ways you can set a project name in Compose and what the precedence is. +description: Learn how to set a custom project name in Compose and understand the precedence of each method. keywords: name, compose, project, -p flag, name top-level element aliases: - /compose/project-name/ --- -In Compose, the default project name is derived from the base name of the project directory. However, you have the flexibility to set a custom project name. +By default, Compose assigns the project name based on the name of the directory that contains the Compose file. You can override this with several methods. This page offers examples of scenarios where custom project names can be helpful, outlines the various methods to set a project name, and provides the order of precedence for each approach. > [!NOTE] > > The default project directory is the base directory of the Compose file. A custom value can also be set -> for it using the [`--project-directory` command line option](/reference/cli/docker/compose.md#use--p-to-specify-a-project-name). +> for it using the [`--project-directory` command line option](/reference/cli/docker/compose.md#options). ## Example use cases diff --git a/content/manuals/compose/how-tos/startup-order.md b/content/manuals/compose/how-tos/startup-order.md index 2234fff15690..1d55fd5ee14d 100644 --- a/content/manuals/compose/how-tos/startup-order.md +++ b/content/manuals/compose/how-tos/startup-order.md @@ -1,6 +1,6 @@ --- -description: How to control service startup and shutdown order in Docker Compose -keywords: documentation, docs, docker, compose, startup, shutdown, order +description: Learn how to manage service startup and shutdown order in Docker Compose using depends_on and healthchecks. +keywords: docker compose startup order, compose shutdown order, depends_on, service healthcheck, control service dependencies title: Control startup and shutdown order in Compose linkTitle: Control startup order weight: 30 @@ -13,7 +13,7 @@ You can control the order of service startup and shutdown with the containers in dependency order, where dependencies are determined by `depends_on`, `links`, `volumes_from`, and `network_mode: "service:..."`. -A good example of when you might use this is an application which needs to access a database. If both services are started with `docker compose up`, there is a chance this will fail since the application service might start before the database service and won't find a database able to handle its SQL statements. +For example, if your application needs to access a database and both services are started with `docker compose up`, there is a chance this will fail since the application service might start before the database service and won't find a database able to handle its SQL statements. ## Control startup