New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docker desktop installs kubectl and overwrites existing even though kubernetes integrations are disabled #6328
Comments
Hi @zswanson, thanks for the report! I've created an internal ticket so we can address this. |
Issues go stale after 90 days of inactivity. Prevent issues from auto-closing with an If this issue is safe to close now please do so. Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. |
/remove-lifecycle stale |
@laurazard any update on whether this will be addressed? We deal with a lot of confusion with this on a regular basis from our developer teams. Or if #6327 was resolved it would be less of an issue. |
We are running into this as well. My |
My understanding of the current state of things:
|
Thanks for the response! My shim was actually not in |
Its been noted that my original description of 'overwrite' is inaccurate, as the homebrew installed kubectl doesn't exist in /usr/bin/local/, but rather that the Docker installed binary is jumping precedence. |
Thank you both for confirming! I'm going to mark this as working as intended. I believe most tool managers (like Happy to re-open if DD is overwriting preferences in some way that's not intended. |
@nicks could we ask for a solution that handles the existence of kubectl outside of /usr/bin/local better? something like: This would not require the Docker installation of kubectl if it is in the PATH, but outside of /usr/bin/local? |
If I may offer an adjustment. If you just place your kubectl path before |
@jayson definitely easy enough for myself or a one off individual that runs into this problem and then discovers it to reorder their PATH. I'd expect the bullet above from @nicks to be more like: This allows them to still install it in /usr/local/bin if it is required, but if it's available on the path then no need to do so. |
@draco2003 sure, I can ask about that. |
OK, had a quick chat with the team. We're making a bunch of changes to how Docker Desktop installs to require fewer root permissions, so as part of this effort, we're going to change it so that it only installs kubectl if it's not already on PATH. stay tuned! |
The team changed the logic in Docker Desktop 4.14 so that it checks for the existence of |
@nicks we just had an engineer upgrade docker desktop to 4.14.1 (91661) and the docker kubectl softlink was still created on OSX.
So in this case not only did it not detect that kubectl was on the PATH already, it also overwrote an existing softlink. I actually don't see anything in the release notes for 4.14.x for this |
Hmmm...i wonder if what's happening here is that /usr/local/bin is on the "normal" user's PATH, but not on the root user's PATH. does that sound plausible? |
That sounds likely. |
I'm experiencing the same in |
Same here on 4.15.0. Before DD start:
After:
It's easy enough to put a symlink to brew's |
Same on Docker desktop upgrade to 4.15.0.
Extremely annoying. |
Still seeing on 4.16.2. Before DD upgrade:
After DD upgrade:
|
@nicks This is still occurring in the same way on current versions. Docker Desktop taking over There doesn't seem to be any way to disable this behavior. Can you provide a workaround for this or remove the unnecessary |
@byrongrogan did you see the workaround in this comment? #6328 (comment) My understanding is that if you have kubectl on PATH, docker won't replace it. (And I haven't seen any repro steps that suggest otherwise.) So the workaround is to make sure you have it somewhere on PATH? That the DD binary can see? |
@nicks that doesn't work, probably because 1) the shell you're using may differ from whatever the docker installer is using 2) it may not be running as our user and gaining our shell envs. I'm personally of the opinion that the docker installer should ask before installing something like kubectl. |
@nicks Homebrew installs Instead of relying on the PATH, which could be different between the installer's env and the user's normal shell, perhaps check to see if the file already exists before overwriting it? |
All of these approaches have problems because the order of the PATH precedence matters and anywhere that Docker installs to might clobber or shadow the users already-existing kubectl install. The only real preventative here is to ask during the install if the user wants docker to install and manage kubectl. (and remember that choice when its performing upgrades) |
DD 4.17 will change the logic so that it will check if:
and if the answer to both is "no", then DD will not install the symlink. re: "The only real preventative here is to ask during the install if the user wants docker to install and manage kubectl." I'm sympathetic to the idea that DD should not install kubectl at all. But given that it does, there's a whole ecosystem of extensions + downstream dependencies that assumes this guarantee. Adding a dialog box during the install doesn't fix the problem, because most of those millions of users won't know if the tools they're using depend on it being installed. reminds me of this old gem: https://limi.net/checkboxes footnote 1) this is a bit nuanced, see https://docs.docker.com/desktop/mac/permission-requirements/. Over time, we've been actively shifting which parts run as root vs user. There are broader ecosystem and backwards-compatibility concerns that come up here too. |
Closing this issue because a fix has been released in Docker Desktop |
Closed issues are locked after 30 days of inactivity. If you have found a problem that seems similar to this, please open a new issue. /lifecycle locked |
Expected behavior
Installing docker desktop for mac, either through the official dmg image or
homebrew install docker
should install docker desktop, with kubernetes integrations disabled initially (which is the current default behavior) and not installkubectl
Actual behavior
The docker desktop installer installs its own
kubectl
and creates 2 soft link targets in/usr/local/bin
for kubectl and kubectl.docker. Kubernetes integrations in docker desktop are still disabled when inspected immediately after installation. Due to #6327 this version ofkubectl
doesn't work with corporate vpn and we have to manually remove the soft links. In some cases after either a) a docker desktop update; b) restarting docker desktop, I have also observed that Docker Desktop will re-create the softlinks, leading to the same problem.Information
Output of
/Applications/Docker.app/Contents/MacOS/com.docker.diagnose check
Note: I have already removed the kubectl softlinks due to the issue mentioned in #6327
Steps to reproduce the behavior
homebrew install kubernetes-cli
The text was updated successfully, but these errors were encountered: