Docker's New Licensing Changes
Docker Desktop changes to Paid plans for medium to large businesses! I dig into the facts and help you understand what's changed for you (if anything). Streamed on YouTube Sept 2, 2021.
Bret: You're listening to DevOps and Docker Talk, and I'm your host, Bret Fisher.
These are edited audio only versions of my YouTube
Live show that you can join every Thursday bret.live.
This podcast is sponsored by my Patreon members.
I'd like to thank all the paid supporters that make this show possible.
You can get more info and follow my updates on all the content
and open source I'm creating at patreon.com/bretfisher.
Oh, man, we got to show today.
Docker couldn't have given us a better topic to talk about this week.
Uh, Changing the game for all of us who were used to free software , Hi, I'm Bret this is my show.
I'm here on Thursday.
Sometimes I have friends sometimes I don't.
And this week I've invited you a lot of you.
You've probably seen me spamming the internet for a couple of days to talk about this topic.
There was a little bit of an announcement this week from Docker, basically
saying that Docker, desktop, thus, the licensing of it is changing and that
if you're in a larger organization, we'll get into all of what larger means.
But if you're in a large organization, you're now, now obligated,
legally to pay at least $5 a month per person who's using it.
And that's it.
But there's so much into that.
There's a lot of stuff and there's tons of questions.
So we're going to get into it.
I actually have a topic list.
Four main things we're going to get into.
What are the changes what's changed?
What's not what is still free and not bound by any sort of obligation to pay Docker.
What does Docker desktop even do over just installing
the Docker command line and like a Linux VM or something.
And then what are the alternatives, if you're going to be forced into not being
able to pay for Docker in any way and you are working on commercial stuff in
containers for a company that meets the requirements, what are your options?
And we're going to get into all that.
. . Thank you so much to you.
Patrons of the show.
The ones that encourage me every time I see the coffee payments coming
in , and the new subscriptions, I really appreciate the patrons support.
You're supporting this show as well as all my open source and
GitHub of which I actually just recently counted dozens of repos.
Cause I was updating them all for arm support on the Apple M1.
And please, those of you that, that understand the struggle of making content on the internet,
if you can rate that podcast in your podcast player, that would be super dope because.
There's a thing with podcasts, where if three people, downvote my podcast, one, one bad podcast.
They just didn't like it.
So they went in and give it a one-star suddenly you're no longer recommended
to a bunch of people that might might enjoy a lot of the episodes.
So not every episode is amazing and perfect.
I totally get that.
Thank you for those of you that are willing to, give a little
love to those of us working hard to make content for you.
So we're here to talk about Docker, desktop.
Can you tell, I'm excited to talk about it because it's caused, I'm not going to say controversy.
I don't think it's that level of drama, like really, but it's caused a discussion
online about something that we all have been taking for granted for seven years
out of the eight years of doctor's existence seven and a half years or whatever.
That is if you're on Mac and windows and you want to run Linux containers, how do you do that?
That's the core thing that Docker desktop does for you is you need to run Linux
stuff and you're on windows, and Mac, and you don't want to have to deal with.
Of the problems of developing inside of VM, which is where we all came from.
A lot of us were developing inside VMs.
If we were in large enterprises, especially there was probably a, a design standard
around having a VM built, maybe with packer and shipping around OEMs or virtual
box machines or hyper V machines or whatever, and doing development in those.
And that sucked.
Don't forget about it.
We don't want to go back there.
So I'm not going to recommend that solution to you.
If you're someone who doesn't want to give Docker a coffee every month, essentially, but
I know that there's all sorts of stuff and requirements, so let's just get into the news.
Docker extended their product offerings.
This is true.
But they buried the lead a little bit, which was for most of us, even though we know
Docker, like every SAS company is putting out new features all the time that they're
going to change the licensing in Docker, desktop, which is effective as of two days.
Where, if you're in a company with one of these two requirements, either the
organization that you're currently running your containers for is more than 250 people,
whatever that organization means, but you know what the word organization means?
Commercial enterprise of more than 250 people, not just 250 people using Docker,
but just 250 people or the company's revenue is 10 million or more annually.
I assume in us dollars, if you meet one of those
requirements, then you are now obligated by the licensed.
You now have to accept when you install Docker desktop, or if
you updated it this week, you saw this little thing will pop up.
It was basically binding you to a new licensing agreement that says, Hey, look, if you're
in a really big company and you're not given Docker any money, we don't like that anymore.
We are tired of the free lunch for you.
So pay up.
I have lots of opinions on, I absolutely agree.
Businesses should pay people that are making money and doing work
on products should at some point be obligated to pay for those.
By the way, Docker, desktop has never been fully opensource.
Parts of it are it's always been partially closed source.
At one time, Docker was actually looking at paid versions of Docker desktop that had extra features.
They actually started doing that this year.
There's now some extra features for volume management that are paid only.
So they're already starting to do some of that, but now this new license
for those of you than those larger companies, you're now in a quandary,
you're now having to figure out what do I do about my Docker desktop.
I imagine for a lot of us, we're just going to pay for it.
I've been paying for it personally for years, cause it's $5 and I think
it's worth it because it's what I use every day to get my work done.
But I also donate to open source.
And so I did, I actually paid, started paying for Docker hub years
ago just because I, I wanted, you know, you vote with your dollars.
So here's some specific questions.
What alternatives do I have in case of new licensing
model does not suit me any other options except buying.
I'm going to get into that.
I only have had 48 hours of research into this, but I'm hopefully got some advice for you.
Obviously this has been all over Twitter for the last couple of days and
in the world where we've got so many other bigger things to talk about
so many Things going on in the world, but it was nice to take a break for a little bit and
actually dive in deep with everyone on hacker news and on Twitter, just talking about sort of
reminiscing, how this particular topic that Scott uh, SJ from Docker, the CEO has announced.
It basically has created a discussion around the value of Docker, desktop.
What does it do?
Why do we need it?
Why do we care?
Why can't we just replace it with something, some simple little tool like pod.
And I think that's a great conversation to have, because I think a lot of us installed it years
ago when it first came out and then have just watched it update, watched it happen and got used
to it and totally are fine with all of the advanced functionality that it has built into it.
So here's a real , quick cliff notes on what happened.
They changed the licensing for big business that they need to pay for it.
Everyone else still gets it for free.
There's a bunch of exceptions here.
So one exception is if you are at all related to learning it, or if it's based on training,
you are an exception you're in your situation is an exception, which means if you're taking
my courses, if you're giving workshops, if you're at conferences, you can absolutely use
Docker, desktop that entire time for free, regardless of who you work for, as long as you're
using it for educational learning purposes and not using it to further your corporations.
Now I have specifically gotten confirmation on this from the higher ups at Docker,
because I, myself am concerned about the licensing of these products, getting
in the way of learning and education, which is what my whole, my life is about.
And it's important to me that people are able to use tools, even if
they have paid tiers or paid versions, that they have some way to
learn that before they're forced to sign a subscription agreement.
So they have assured me that these are specifically written into the language so that
even if your company isn't going to pay for it and they use containers for business.
But if you want to use Docker desktop to learn it,
to learn Docker or Kubernetes in general and your.
In the space of education and learning, you can do this.
This is already discussed on Twitter.
There's actually someone who has a great concern about going into companies and showing them
Docker, and then having to figure out how to get people to license it before that happens.
Don't worry, it's written the license.
If you need legal to sort of approve it, hopefully they'll see the legal ease in
there that will say, yes, we can install this as long as it's just for learning.
So obviously this is not this license.
Doesn't talk about like how many machines can you have it on?
What types of machines or what is an account, but I will loosely say that based on
what I've read in this FAQ, all these links by the way, are down in the description.
So in this FAQ, in the legal ease, the best that I can determine is
that you are not limited to however many machines you want to put it on.
An account is a human.
And if there are occasions where you need robot
accounts, like a lot of us have auto building things.
Those need licenses as well.
And quite frankly, I think those usually needed some sort
of subscription anyway, to get around the Docker hub limits.
If you were going to be pushing it images and pulling them on the regular.
So those limits kind of forced a lot of us to either pay for something or leave hub.
But a lot of us might've used like a different registry while still using Docker desktop, right?
So we were using Docker desktop, and maybe we shifted to GitHub QI or
AWS is free alternative or whatever, our cloud of choice for registries.
Now this is again, Docker doubling down and saying, Hey, we've
added so many new features and we're going to keep adding more.
So we think it's finally time for enterprises to start paying for Docker desktop.
And they've got a bunch of stuff playing and for the rest of this year to add extra
features like single sign on and further features inside of Docker, desktop itself, too.
Organizations deal with the licensing and distribution of this product.
So that's all going to start happening, but I think most of us are in probably one of two boats.
I'm going to guess those of you out there, and I can get the specific questions.
You're going to be either someone who does this on your own computer.
And so you're trying to figure out, Hey, if I just use this for open source
and it's not really for my company's work, do I need to pay for it again?
No, non-commercial open source projects.
If you're a volunteer using your spare hours that are not to the commitment of
your organization that employs you then you can still keep using Docker desktop.
Another big question I get also, is this going to be enforced?
No, the Docker is basically their attitude is we trust our customers and we
think that we would rather spend our time adding more value than trying to
write some enforcement software that somehow prevents you from doing things.
Unless you prove that it's.
So, uh, This is actually straight from the top.
We had a little discussion internally.
They invited the Docker captains to give feedback before they announced this
and they made changes to this before they announced it based on our feedback.
Thanks to Docker for actually allowing us to have a chance to speak on the behalf of
the community before they made a big business decision and announced it worldwide.
So if you're purely working in open source, you can totally use it, if you're using that open
source in your job to get your job done, then you're probably gonna need to pay a license.
So personal use probably falls under that as well.
This is sort of a gray area of what is personal use?
If I'm personally making money as a moonlighter, by using Docker , you
know, I'd have to pay for it, but Hey, if my kids are running.
Minecraft in a Java container on my home server, or
I can probably use Docker desktop for that for free.
So I feel like there's a lot of allowances here.
And again, Docker is not going to enforce it.
It's integrity situation.
And mostly this is about Docker appealing to those companies where
they got 3000 developers, all using Docker, desktop every day.
And none of them are paying Docker a cent, that's really what this is about is Docker trying
to make a sustainable business model around it, gigantic companies trying to use their
product to get their company's job done everyday that aren't paying Docker a dime for it.
Um, At least that's the kind of, since I get from the discussions internally and the community at
large the other thing they're doing is they're releasing a top tier new product called business.
Personally, I would say probably ignore this price.
It's probably negotiated and like you contact sales, but it's got a whole bunch of things for
enterprises, like bulk management of users and single sign-on and SAML and all that stuff.
This one right here, we don't really know what this is yet.
This image access management, but I feel like this is going to be whatever it's going to be.
I don't have any insider information, but when that happens, that's going
to be a significant, an advancement in Docker hub, allowing more granular
policies, which I do think it needs for accessing and controlling images.
That's kind of the first line, , the desktop license changes.
So what is still free?
I'm going to go to that next.
What exactly is free and not affected by this and what is actually in Docker, right?
That'll be the next step is like what isn't Docker, desktop.
And why do we care about the product itself?
What do we not get if we don't use Docker, desktop?
We all have a grace period of, to the end of the year to get our
affairs in order with our organization and start paying Docker for it.
Technically the license we all bound to is two days ago, they made an update at the same time.
It's not an accident.
They provided an update that we all applied and basically forced us.
To either accept it or quit Docker, desktop forever.
And I'm imagining almost all of us accepted it, which
means that we have now six months or not six months.
It's not even that four months to get our affairs in order and pay
Docker, or we will be outside of the legal limits of this license.
We can talk.
I don't want to get too far into the woulda shoulda coulda.
Like, why didn't they charge them the start?
There's actually a pretty good, interesting discussion that Victor Farcic is on chat.
And I were having on Twitter.
My opinion on this is that, you know, in 2017 when Docker desktop was announced
and even Docker toolbox before that in 2015 it wasn't a lot of features.
Wasn't a lot of add added value there.
So I would have said that , asking people to pay for it would probably completely failed, and
the product wouldn't even exist today, because if you had to pay for it and it didn't really
do much back in the day, other than just provide the basics of, what virtual box would do by
bind mounting in your stuff, and then buying an mounting, a port and the, and that was it.
We didn't have a GUI we didn't have all these other things.
We had Kitematic, but we go back then we put in the start uh, my
theory is, is that one it's like Monday morning quarterbacking.
We, you know, 2017 doctor thought that like everyone
else, that all the money was in servers and orchestration.
And and maybe in hub or in things like Docker cloud that they're experimenting with services, right?
Not so much software in our desktop.
No one really was thinking that Docker software on the Docker desktop was really.
Do that I was actually part of an internal test and looking at making content for something
they call a Docker desktop enterprise edition, which like three years ago was a thing.
And it was going to be an upgraded version of Docker desktop
that was only available to Docker, enterprise customers.
None of that stuff exists anymore.
All that's been sold off from Docker to Miranda's as of almost two years ago, but there
was an attempt to do this many years ago and it didn't really get a lot of traction
before the company had to shift focus and split no longer do enterprise software.
So, uh, Docker has been thinking about this probably ongoing for at
least four years, about how do they add extra value on top of the
regular free Docker stuff, and then get paid for it in Docker desktop.
So this is the actual time they finally have doubled down and committed on it.
And this is what we're getting today,
We're getting this new Docker, desktop is a part of a subscription
and we don't necessarily have sign up for the subscription.
This is what I'm not actually sure about.
I didn't get an answer.
One question was are we going to be forced to sign into Docker desktop in order to use
it, or is it still going to be where I can sort of just install it and be anonymous and
instill, just use it without having to sign in and be a part of a free subscription?
I don't really know that yet.
I'll probably get more details and put it on Twitter or something like that.
Once I get the answers and there might be someone in chat that
actually can speak to that officially, but what is still free?
So I'm gonna just pull up some stuff real quick.
So the things that are still free are all of the binaries that we think about.
We think about Docker, engine Docker, demon, the Docker command line, the Docker Compose build.
All the kits, right?
All the libraries and open source stuff.
Anything that's open source is still completely free if you're on Linux, none of
this change applies to you because all the tools you use on your local machine don't
include Docker, desktop, because until sadly, there's still no Docker, desktop or Linux.
So if you're on Linux as your desktop, this is a non event for you.
If you're on Mac and windows and you installed Docker, desktop to simplify
the management of a Linux, VM and running of your containers and all the
things that go along with that, that's where this license change affects you.
If you're in one of these larger companies that they're targeting.
So I would say that anything open source, still open source.
They have not taken any open source and suddenly made it paid or closed source.
They haven't changed the licensing of open source to my knowledge in any way.
, The product Docker, desktop, that we're all, we've all been
installing is a mix of open source and closed source software.
That, that part that's closed source is really the
bundled product of what they're changing the license to.
If we start to get the technicals of what in Docker, desktop is free.
Well, Technically Docker desktop if it installs these tools for you.
Then they're no longer, completely free for all users in all occasions,
If but if you go and do a brew install, Docker on Mac, or if you download the Docker E binary
from Microsoft, which you can technically run directly on windows without needing Docker
desktop at all, these things are not bound by this new Docker desktop licensing agreement.
So really this licensing agreement is focused on the Docker desktop
Mega tool that combines a whole lot of other stuff in there.
So hopefully that answers that question, everything that was open source is staying open source.
So it only applies to the version that came out.
This applies to any version after coming out on two days ago, the 31st of
August, but the reality is, I mean, who's going to ride on three six, right?
The minute we get the new Mac version and the new windows
version, like these products, aren't gonna probably work.
You're not gonna build it.
Install old versions.
And they work forever.
Docker, since it's so low level in the operating system.
And it does so many things, including VPN kit and data kit and hyper
kit, all these things change usually with each major OSTP release.
If you're someone who's trying to stay on three, six,
and never signed this license agreement, that's fine.
But you can expect probably by the end of the year that it will be some sort of broken state.
But if you don't upgrade your iOS and then you don't
upgrade Docker, then sure you can keep doing that forever.
As your mileage may vary, right?
So in that case, if you're someone that's like that, you're so determined to not sign this
agreement or not be a part of this then probably you should just start shifting to an alternative.
Um, Which is going to be the rest of this conversation.
After we get through some of the licensing questions, we're gonna
talk all about alternatives and maybe even try a demo or two.
So Docker, desktop four, I just updated two days ago
and it is indeed 4.0.0.
My version of Docker desktop.
Once I got this prompt, right?
If you have seen this screen, you're on for, oh this week, it's only two days old.
But if you have not seen a screen and you have not tried to update, you will
still be on the three branch and you haven't accepted this license agreement.
Although, I suspect this is total speculation.
Even if you're trying to avoid this license somehow just by having an account on Docker hub and
using Docker hub, I somehow feel like eventually they're going to circle the loop on that and yeah.
You're still somehow going to be looped into this overall subscription license.
If you have a Docker subscription at all, including the free plan.
Cause if we go back if we go back here there's the personal free plan.
They used to just call it free, I think.
But it's now just called personal and that allows you to use Docker,
desktop, for all those occasions that you don't need to pay it.
And this isn't going to limit you to installing it on a machine, ? You can
still install on a business machine, but you may be only use it after hours
for personal opensource , you know, contributions that, because I know a couple
of people that are in consulting companies, that the company itself doesn't
support their open source work or something like being a speaker at conferences.
And so that person and speaking at conferences or purely working on open source and their off
hours, that the company isn't really supporting them working on business time, that you could argue
that's allowed and you can still use the personal plan and be perfectly legal with Docker desktop.
Does the company have to pay for my license or can I just pay for my own work either way?
It does not mean.
It doesn't matter how the license happened.
It's more that there is an, a license accounted to your, like the user
that you're logging into should be the one licensed to Docker desktop,
regardless of whether that's a personal account or a business account.
If you ended up having multiple accounts, like I know people have personal and business
accounts I would say that if you're I'm, again, I'm not a lawyer, but the intent here with
Docker is not to make this a huge legal thing where all of your accounts have to be licensed.
So I would think that if you even went and asked or looked at the fine print, that
if you had a personal license that you did license and your, but your company didn't
pay for it, that you could log in and out of various business and personal accounts.
And you might be okay.
I think that, someone that Docker might disagree with me on that and might
say if your business's using it, they should probably pay for an account.
But there's nothing that I've seen in the licensing that says like the
pro account is somehow limited in who can you like, how you can use it.
You can see the limits right there.
You're limited to 5,000 image pulls a day.
You're limited to five concurrent builds, ? Those are the limits.
Not necessarily that the pro account only works.
If you're in a business of this size or the pro account only
works if you're logged in with that account at that moment.
I'm not sure that I've not seen anything like that in the stuff.
I'm a consultant that works for many companies.
And so part of the discussion I had with them internally, I'm licensed by unlicensed,
but for me if I'm the only one using Docker desktop, and I'm using it in various
companies, I don't, they don't have to also pay for it and not another license for me.
I'm licensed, right?
It covers me as a user across all the machines I might have.
Regardless of who owns those machines.
Because the thing about this subscription and you'll put you'll
notice is that this is not called a Docker desktop subscription.
This is a Docker subscription.
This is a subscription to their entire platform,
including benefits in hub, as well as Docker desktop.
I think the intent there that is, if everyone in a company is
working with Docker, that the company itself would pay for them.
But again, you have a four month grace period to work all this out, but if the company
doesn't want to pay for it, then all the employees have a decision to make either
the company is going to lay down the rule and say, you can't install Docker desk.
Or developers might just have a corporate credit card and just pay for
it individually or just pay for it out of their own personal pocket.
I mean, that's what I do.
I, I can, I am lucky enough to be able to afford $5
a month for a very important developer tool for me.
And I pay for it once per year.
If I pay for it monthly, the licensing does change right.
$7 a month.
If I pay monthly, I choose to pay annually.
So I pay for the pro account and I work with dozens of companies and it's legal.
All right, ASO is asking this is what we're going to be talking about next.
This is what a large portion of the rest of the show is going to be about is um, any
thoughts on installing the CLI only, not sure if there's any good links on how to do that.
Can't easily see a, how to configure, share a driver Mount into the container.
So yeah, you can install the CLI, but where's your demon
gonna run, ? Your demon is going to have to run in Linux.
So you're gonna have to have a VM somewhere, whether
it's on your machine or at a remote machine or something.
That you then connect to that through sockets or likely TCP ports, which are then
a security concern, because if you want to authenticate the TCP port, there's a
lot of subtle complexity that Docker desktop does for you that we don't realize.
And I think a lot of us, because we haven't had to do this manually,
we don't realize so many of the things that Docker desktop does for us.
We're going to get into that.
I'm going to assume I'm going to assume that you're trying to be rhetorical, but yes, absolutely.
There is definitely a lot of work and I don't know if you've noticed, but over
the last year and a half Docker, desktop has rapidly been much faster in their
rapid release cycle of updating and fixing bugs and adding new features way
more than in the previous few years on the team has worked really hard to.
Optimize their workflow, automate all the things and be able to deploy more software.
And I know they've got tons of new ideas are working on for adding new functionality.
So we'll see which of those, with the latest one being dev environments, right?
Dev environments was the thing we talked about it recently this year, a dev environments
allows you to share your containers as well as compose files throughout your team.
And there's more coming on that.
I think they're going to announce some new stuff, hopefully later this year on that.
So we'll have to see how does this change?
The plan Linux there's no Docker, desktop, only the engine and CLI can you please clarify?
I did say that state that earlier, if you're on Linux, none of this matters to you.
This is only going to affect people on Docker, desktop.
None of the open-source products have changed their license.
So Docker desktop engine, the CLI Docker, Compose Docker, Compose V2, build kit, all those things
are all still open source and distributed through your normal Linux distribution processes.
This has nothing to do with servers or installing stuff on servers.
This is about developer tooling.
Again, Docker, the company is focused on developer tooling.
They now have this subscription to focus on developer solving developer
problems, mostly on their local machine, but also in the cloud with SAS features.
Now we get the security stuff planning, but get the image storage, the image pull
limits, the, it builds the multiple automated simultaneous builds in Docker hub.
All those things are a part of the subscription that you
get when you pay for Docker, desktop, as well as Docker.
That's why it's not called a Docker desktop because subscription, because it's way more than that.
Chris was talking about Docker CE, so yeah.
I don't think it's actually technically called Docker CE anymore.
But it might still be in some package managers.
There is, it's just basically the Docker engine.
Like they don't like the Docker E or something there's this whole there
was a change with Docker split around the licensing of the Docker itself.
And so basically the Docker engine on Linux, there's only one of them.
And so we don't have a, that I'm aware of.
There's no E anymore for Linux.
Like it's just a single engine.
It's the same one everywhere.
They don't even have a an edge release anymore.
But I could be wrong.
So WSL2, most of us are going to be using Docker desktop, because that's the easy way to set it up.
I'm going to talk to talks about that a little bit.
We've got some blog articles we're going to look through, crazy.
Max is pointing out that there is a Mac Homebrew install, but it's just a
CLI, because again, you need the engine and the engine has to run on Linux.
Docker engine can not run on Mac, there's no Darwin BSD based engine that runs on a Mac
natively, which is why we have to have Docker desktop in the first place to run that Linux VM.
One of the questions I asked myself was, well in 2021, how hard is it?
To install a Docker Linux, VM, a very minimal that I never have to update it.
Just kind of auto updates and there's nothing installed in it.
Other than that.
Docker it's tiny.
It's a super minimal thing, like Linux kit, which is what Docker desktop gives us.
So this is a good point at which I'm going to pause and I'm
going to talk to you about , everything that is in Docker.
So we're going to get to this, which Joe beta, one of the co-founders of the Kubernetes project,
anyone planning on open mobi, great discussion, we all kind of predicted it was going to happen.
I'm glad he wasn't the one that started it, but I'm glad that we're getting
some people that I think about this stuff in the ecosystem and understand the
history and where this all came from and built these tools that we're using.
I'm glad those people allow them weighing in on Twitter
and other social media, but I'm kind of focused on Twitter.
We're going to get into that before we get there.
I started to share a tweet out of all the things that I
could think off the top of my head are in Docker, desktop.
What does it do for you?
You besides just run a VM and connect a CLI to the Docker, ? It's gotta be more than that.
It turns out it's way more than that.
And without even doing any research, this is what I could remember off the top of my head.
And it's a long list.
So I'm going to give you the list and chat and you can go and look at this list
yourself, but just off the top of my head, I'm just going to go rapidly through this
list, it installs and updates many tools all at the same time, it sets up a Linux kit,
many VM, very small, very lightweight using hyper kit on Mac and then WSL2 on windows.
They both basically do the exact same thing.
They act the same way, but the technologies that implement them are totally different.
The kernels are totally different.
And so they integrate those.
It's not a full Linux VM that you have to patch again.
Docker makes it very minimal so that they auto patch it during their updates when they release them.
It installed CLI tools, including Docker, Compose hub
tool, Docker scan, Docker, Compose V2, Docker, buildX.
It auto enables Docker build kit engine, which is you use with Docker build X.
It auto enables that, which is enabled by default, if you just well, Docker
engine it does a local ho ho TCP and UDP port mapping from the VM to the host.
We all know about the little menu bar for settings and
service management and managing resources and all that stuff.
It now gives you a desktop GUI for managing objects, including
volume cleanup and pruning starting and stopping compose files.
It has this new thing called dev environments, which is like it's whole separate topic of
features that don't exist outside of Docker, desktop PN kit, which has a surprising complexity.
If you've ever tried to do this without it if you try to use a VM with your corporate VPNs,
they don't always work or they have to have weird work arounds or certain startup orders.
And so VPN kit makes that just work 99.9% of the time out of the
box, regardless of your VPN or what started first, or it just.
Bind mounting your files and allowing you different driver options for ensuring good
performance on that, or trying to improve performance for bind mounts, adding Kubernetes on
top of it and allowing you to have a one bit one button disabling or enabling of Kubernetes.
And again, that the key here is that Kubernetes is running on top of the Docker engine.
So it's not adding yet another container runtime on your system.
It's optimized by using the same Docker image cache, the same Docker engine.
So it's more of a, an optimization if you're someone who uses Docker
usually, but sometimes Kubernetes it's really kind of the best way to do it.
It also has a Kubernetes load balancer built in, which makes it
really easy to publish your services in Kubernetes for using locally.
I could just go on and on, it stores your registry off in your machine.
Host OOS encrypted security store.
So if a windows, it uses the windows creds.
If it's on a Mac, it uses key chain.
If what's on Linux, but it was on Linux that would use the link system.
It doesn't store them as plain text inside of the Docker config, Jason,
which is what the Docker Daemon does when you install it in Linux by default.
It now runs on apple M one, which it turns out that there's
lots of other tools out there that don't yet work on M one.
It has outbound proxy support in case you're in corporate proxies.
It has a route from the containers to go all the way back to the
host using the common DNS name, post dot Docker dot internal.
So in case you ever need.
Run something in a container that needs to access a service on your host machine on TCP that works.
It now has windows 11 container GUI support, as well as Mac OS X, 11, and Waylon.
Can we support in case you want to run GUI containers?
It integrates with VS Code as well as other ideas for automatic management
of containers and compose as well as Kubernete communities inside of IDs.
It does SSH agent forwarding so that when you do Docker builds with
built kit, you can bring in your keys that are in SSS agent really easily
and automatically without having to customize a bunch of other hacks.
And it also sets up QE EMU, which is a processor platform emulator so
that you can build or run other platforms on your current platform.
So now you can run arm, stuff on your Intel Mac or windows machine.
You can build.
, X 86 stuff on an apple, M one, which, it's the reverse of that
you could do that all out of the box, so that's a huge list.
I'm sure there's more tell me when I, what I missed in chat, but
I just want to remind us that's what Docker desktop is, right?
Not just Docker Daemon.
I sound like I'm trying to be a salesman there, but I'm not really, I'm just someone
who uses Docker desktop every day and appreciate the simplicity of what it does for me.
So thanks to the Docker team for providing me four free years of access to it.
And I look forward to all the new features on that.
Let's go to the last topic that before we get to the local alts and me showing you some
examples and demos let me make sure that we've got all the Twitter credit questions handled.
There's a lot of chat today.
So if I miss your question, please don't hesitate to repeat it.
If I missed it, I will get back to it.
Nacho Libris uh, I'm worried that this is going to be , for stuff like licensing stuff.
I can't speak for Docker.
I'm not an , official representative in any way.
But , I have not seen any signs that Docker has ever desired
the change, the licensing on their open source components.
Again, Docker didn't change any open source.
All they did was take their private source tool that
you were always bound to a licensing agreement, desktop.
You there just changing that existing licensing that you were already
agreeing to for Docker desktop to now include this new addendums to it.
So they didn't, I didn't go and change the Apache licenses on any of the open source.
I don't see that they will ever do that.
Usually what they've done is.
Embrace an extend right?
So they will take the open source that they've built.
They wrap that up with other closed source and then
they add value and then make that a paid offering.
That's essentially what Docker hub is.
? Docker hub is a paid alternative to the free Docker distribution or Docker registry.
So for years, Docker hub has offered a paid feature that is embracing and
extending their open source that they're not going to change the open source.
So I can't speak a hundred percent to any of these things, because
again, who knows the future of Docker, but , know, that entire company
is full of people, focused on open source and loving open source.
They're just trying to figure out a business model that will work in
the current state of things, when people are not used to paying for
command line tools and , they sold off their enterprise business.
They got to come up with something.
I think this is probably the best idea that I've heard so far.
I'm sure they can always add more features and add more features to hub, but
they've got this existing product that lots and lots of people are already using.
So I don't have, a huge issue with it.
Has the virtualization got any better on apple?
One M one I can assume.
I haven't done performance comparisons, but when the next Mac books come out, when we get the M
one X or M two or whatever, that's going to be called, I'm going to double down on more in ones.
I've only got one of them today.
I'm going to get more of them and I will do more comparisons to let you know.
But as far as I can tell what you may be Conrad are talking about is running x86 stuff in emulation
on , which that's probably going to be more related to QE EMU performance than it is apple.
Let me know in chat, if you're talking more about native arm on arm performance, or if you're
talking about just running regular x86 containers x86 64 Intel containers onsite on M one.
Cause as far as I know, the native performance is great
So there was a call internally that the captain's had with
Docker now that was probably covered under our NDA somehow.
But I don't think, I don't recall a captain there thinking this was a bad plan.
All of the captains love Docker, the tooling.
They also love working with the dog.
Employees, the people that are making Docker, they're a great group of people.
And they're just trying to, make a viable company.
That's going to be here for another 20, 30 years until we come
up with the thing that replaces Docker and makes it irrelevant.
And so we all went Docker Inc to survive because we don't want to live in a
world where the Docker products all die and there's no one to work on them.
And they become, they get bought out by another big
enterprise and become a paid feature of some other platform.
Like none of us want that, Docker started with the original idea of open source.
It was a passion project for the team that started it.
And they want as much of it to stay open source as
possible while also having a viable revenue stream,
to be fair.
They have been trying lots of things.
I think one of the things that we're growing tired of in the community is we're tired of the
page changes because really what we're all just saying is we want them to find a way a paid
model that, that supports your employees are more cause they only have, they have less than a
hundred employees to support that ecosystem organization to keep making great software for us.
That's really what we're all saying.
So the people that are complaining out there about the licensing changes and
why didn't they just do this as a bait and switch and all that kind of drama
to me that really just speaks to the fact that they keep wanting this tooling.
They want to use it.
They like it.
They just don't like the terms of their agreement with this tooling to change.
And we all, I think that Docker feels the same way.
I'm just going to speak for them, even though I don't know for sure.
They probably feel the same way that they would love to have a model.
They know that works.
That grows the rev.
That is sustainable and can pay for all their previous investments
and make them a true profitable company for many years to come.
So let's hope this is the last major change like that.
And we can all get used to it and, we just sort of deal with it.
And then we can all put us to bed and sort of move on because Docker has been looking
for good revenue streams for, since, since they started taking money long, long
time ago, they were looking for ways to make money and they've tried lots of things.
They have not lacked and trying.
And so we all want them to win because I think you're all here
because you like these tools and you want them to continue to exist.
They obviously can't exist for free forever.
Someone's going to have to pay for them, whether that's paid developers
that work on open source or it's a company that manages it directly.
Let's get into the alternatives.
Thank you all for the great questions.
Where does it take to go back to VMs?
A lot of people are asking that, and it's a legitimate question.
I want to have that discussion.
I think that we should understand not just what Docker
desktop does, but what are the alternatives and how bad is it?
The Docker repo still have stable and edge branch.
, far as I know, the edge doesn't exist anymore, but I'll check
that out and make sure that I'm correct on my assumptions.
The creators, right?
Because Docker wasn't created out of pure open source with,
people just banding together and creating a thing, right.
That never, that never happened.
Um, Technically the, you know, Docker, the container world already
existed, containers were a thing, but Docker made it super easy.
It was a company-based backing thing and the whole ecosystem would have to completely
change for us to have these similar tools or same tools without any major corporate sponsor
Let's get into the alternative.
You've waited enough.
It's been an hour that's way too long to wait for this.
And I'm sorry, we've had so many questions that haven't gotten into this.
When I want to go through is we're going to basically
talk through Joe's tweet, anyone planning, an open mobi.
So there, to my knowledge, there is no version of a
comparable, single product that provides all of this stuff.
We're close to what Docker desktop does.
I just don't know that it exists.
There are people making comparisons.
There's a popular thread on a Y Combinator hacker news that talks about minikube and that
you can use something in Minikube called
So you can technically get mini minikube to spit out a Docker environment settings.
And this command, if you were using minikube and let's
just back up a second, minikube is a Kubernetes VM.
It creates virtual machines on Mac and windows and Linux as well.
But Mac and windows is what we're really focused on here today.
And it will create a Kubernetes VM and it can run using many different
back ends, which means it can run on hyper V virtual box hyper kit.
Other thing I don't, I don't know all of them, maybe QMU I'm not sure.
I'm not sure if about QMU, but it technically can run Kubernetes on top of
Docker and then you can have it spit out the Docker settings that you would
then give a local Docker CLI to talk into that mini queue, VM Docker engine.
However, there's tons of caveats here, so I'm not going to talk about it.
There's lots of features missing that you'd get with Docker desktop, that
it does and include, but most importantly, it's for running Kubernetes.
Your, there is no way that I know of.
I tried to look this up.
Could not find a way to run minikube for Docker only.
Now that could just be a feature.
Someone adds to minikubeand then cool.
You've got now a very small, tiny fraction of the features, but it does provide you basic
Docker command line support for running, a managed , I'm going to talk about managed VS.
Manage VM, but a VM that's managed for you and, updated for you if you want to.
And then in a local client, on your host machine built as a binary on your host OSTP.
Because again, that's the difference here too, right?
These things are running built for Linux.
And then on your host, the Docker command line is built for your host machine.
And so you could do that.
That technically is a way to get Docker.
I don't like the fact that it would still be running
Kubernetes all the time , even if I don't need it.
But that is one way to do it.
Go check out.
There's a thread in hacker news.
I didn't actually pull it up, but blog article from someone who has intimate knowledge in a
minikube, but they essentially just talk about, doing that and that way you can get the settings
to give to your Docker command line tool to tell it how to get into the Docker of Minikube.
So that's one thing.
Next up, what we're really, when we talk about open Moby's is what we're talking
about is a lot of these open source components that are built in a Docker desktop,
including Moby, which is the underpinnings of the Docker engine, the Docker command
line build kit, VPN kit, hyper kit, and a bunch of other stuff that's not in here
which is the closed source part, all that stuff wrapped up in Docker desktop.
If you were to try to combine all this together into a completely open toolkit
with an easy installer, easy update, Using Linux kit for the VM to make micro VMs.
You can technically do some of that stuff to get today.
I haven't found an up to date, detailed thread with the probably half a
dozen to a dozen steps to make all that work, but that may be possible.
So it's early days.
We might see someone pick up that torch and run with it and make an
open-source project that would use some of the basics of Docker desktop.
Again, it wouldn't probably have a GUI, it wouldn't have all these other things,
but it would have at least a command line tool to create a VM, have Docker
installed, not have a full size, VM with a full fledge ubuntu to in there.
Cause I don't want that.
I don't want to have to patch my VMs or anything.
So we went all that.
, uh, KIRO uh, Suda, one of the big Docker maintainer.
Yesterday released as great article on container D, Lima, and nerd control.
So I want to get into this for a minute, cause this has a lot of potential for those of you
that are simply looking for a similar, what I would say is this is not a similar experience
with Docker desktop, but if you're someone who's basically going to be forced into not being
able to use Docker, desktop, maybe by corporate policy, that doesn't allow you to install
it, or you're someone who wants, you don't want all the full featured Docker desktop stuff.
And you really just want a doc, a Docker engine or a container D engine, which is
what Docker desktop relies on is container D he put out a great article on the details
of installing Lima, which is which what it does is it creates micro VMs of Linux.
And then it installs container D which is your container runtime.
And then it adds nerd control, which they recently created.
I think he was a large part of that.
Nerd control or nerd CTL.
What do you want to call it?
The nerd cuddle, maybe we call it nerd cuddle uh, is command line for container D.
That makes it act like Docker.
It doesn't mean you can just replace it with the Docker online, but it does mean
that you can do similar commands and just replacing the word Docker with nerd CTL.
. So that exists separately.
You can use this on Linux, so you could have container D and nerd CTL on Linux all day long.
Right now, container D if you didn't know, is the thing that Docker and Docker
engine and Docker, desktop, and all things Docker, they use that to start and
manage your container and build your container that's actually used underneath.
That is also the, now what I would say is probably becoming the most popular Kubernetes runtime.
Now that Docker.
No longer being used as much as the container runtime Kubernetes, this this
runs container D, which is also built by the Docker team and open source
container runtime built by the Docker team and the rest of the community.
So this new tool came out this year.
I believe at least I only heard about it this year.
I'm not sure it's origin.
But anyway, it has , same UI UX is Docker supports, Docker, Compose supports, rootless mode,
all these cool things, including some extra features that Docker doesn't support like lazy
poles, things and encrypted images in case you want to check out encrypted images on servers.
But anyway, so this di this tutorial goes through the step-by-step of getting
that set up running Lima to create your own little virtual machine locally on.
And this is Mac only, sorry, I should have led with it.
This is only Mac because right now Macs and windows with WSL2 are so.
that it would, it's going to be a lot of work for someone to make one
tool that works on both nevermind arm, just including arm in that is
a, again, another added complexity that Docker desktop removes for us.
So you got Lima as the virtual machine manager.
And I'll just show you real quick.
If you just do Lima,
Lima control is the command line.
Once you get it installed on Mac, this is the command line that manages the VM itself.
And then if I started my Lima machine and then I just typed Lima, it would
actually give me a shell right in there so I can type Lima space, nerd control.
Run some container and that's basically the replacement for a Docker command.
It also works with, I suppose he would uh, TCP mounts file mounts, all those things.
So give that a shot.
I have had maybe one hour with this tool.
I have had very little experience, but it's a pretty interesting experiment in
basically avoiding the Docker Daemon altogether, as well as the Docker command line.
Notice that you don't have to do that.
? This, This change isn't about avoiding Docker altogether.
It's just this is an alternative, ? So definitely it's a lot of steps.
Getting it installed, getting it started running it, running an image.
This is what it would look like to build an image with that command line.
This is what it would look like to run that image in a container.
It can't run on low ports.
It has some limitations.
It can't run on port 80.
That's why, by the way, Docker desktop requires local administrative
rights because it uses protected ports that are lower than 10 24.
It use it.
You can publish things at port 80, which requires root access.
That's one of the reasons I think that Docker needs the services that it does.
By the way, I didn't know this, but he mentions that there's rancher desktop right now.
Rancher desktop is just for Kubernete.
It doesn't really provide a Docker replacement.
It's not for Docker and Docker Compose.
It's just for running Kubernetes.
So it's a different use case altogether.
I'm not going to go into that, but you've heard me mention it recently.
Docker desktop , you know, does this ranch or desktop now it's pretty neat.
Allows you to switch versions of Kubernetes.
It runs as a little GUI and your menu bar, so you can start and stop it.
It allows you to change your context.
So if you just need Kubernetes and you don't care about Docker at all, rancher, desktop is a
pretty neat alternative, and it's really new early days, but it runs an electron based GUI.
You can actually see it down here.
So he talks about that and that's a great point.
He's saying that I don't know if it's Lima that's yeah, I think
it's Lima that they use inside of ranch or desktop to do this.
So anyway, go check that out.
If you're on Mac now, what about windows people?
Let's go over to this great dev two articles.
From someone named Jonathan Bowman, who I pinged in Twitter about this.
So hopefully we'll get some traction.
. Let's talk about windows.
So I put the link in chat.
Jonathan made this great article of the experiment, which I was loosely aware of.
There are ways to run the Docker engine on windows.
So let's talk about two scenarios for windows because windows is a special case.
Windows has two different Docker runtimes.
They have the Docker runtime that runs natively on windows that runs windows containers.
Now there's other articles out there that we're not going to talk about too much today because
th that's obviously a much smaller audience than people who want to run Linux containers.
But if you're just, I want to run windows containers, you can technically
get away with that by creating a service, a window service that runs the
Docker de dot exe demon, as well as the other binary is that it needs.
And then the Docker dot exe CLI and only supporting windows containers as process based containers.
I've seen, ways to do that.
I did not prepare that article for today cause we're
really focused on Linux containers on windows and Mac.
But if you're interested in that, you can completely remove everything
else, an equation you don't even need the WSL2 or linux or anything.
If you only want to run windows containers, however, most of us also need windows containers.
So this article is specifically around what if you don't or can't use.
Docker, desktop, the full MSI install with all the features and you have WSL2, and you can yeah.
Stall Docker in WSL2, cause again, WSL2 is a full Linux kernel.
So we can technically install Linux in there with apt or yum or whatever your WSL of
choices, but what are the steps to get things like bind mounting of code, getting ports
to work with local hosts making sure that it works in all your WSL to virtual machines
and across all the tools like Visual Studio Code and well, it turns out it's a lot.
So if you want it, and an example of maybe some of the value that Docker desktop
provides, you just walk through this article of which I couldn't even finished reading
and kudos to Jonathan for detailing this in such robust verbosity, if that's even a word.
, So you don't want to use Docker death.
He talks about pod, man, obviously you can use pod
man getting in WSL2, but that's not the same thing.
Pod man is not a replacement for everything.
It's an alternative with a subset of features and maybe, yeah, it has some unique features as well.
It does some pretty neat things that Docker does not do, but it's not the same thing.
It's not a true Docker replacement for a lot of people.
But talks about WSL2.
He says you got to run WSL2, not one.
Cause two is where you get the full Linux kernel.
And then you're going to have to pick your install, your
Linux distro, a Docker, desktop picks one for you if you want.
But here you have to pick one and go manually, install it on a windows.
Then you have to configure a non root user.
Then you have to go through making sure that user can have pseudo access so we can get to
access in route, go through all these different settings, setting the default user up then.
If you have, it talks about networking issues.
If you have them in case you need to try it, sorry, I've got a jet
running overhead, and then you've got to do the Docker install.
So you have to do, you basically have to follow the Docker
installed stuff in the Docker docs for installing Docker on Linux.
So you've got to remove anything that's incompatible.
You've got to install the pre-recs and you keep going down.
And eventually you're installing Docker.
You're creating the Docker group.
You're creating a common ID.
This is a problem.
If you're going to have a lot of different Linux distros that you want to use you want
to have all of them using like the same ID, so they all match with file permissions.
You've got to work out that problem, because one of the things Docker does for you is it
sort of, encapsulates the permissions a little bit so that you don't have to worry about
so many of the permission conflicts between files when you're doing development and.
Then you have to configure the Docker Daemon to work with those shared permissions and the socket.
Then you have to manual launch the demon.
You need to change the log, the script that launches the demon.
You need to also have passwordless launch of the demons.
You've got to make that change.
Someone could probably script a lot of this stuff, by the way.
Like I could see someone making an automated script to do a lot of this on windows.
Then you have to worry about how do you get the socket connected so that
you can use the Docker command line to talk to the Docker engine, and
then you have to run it from windows, which is across that OSTP boundary.
And how do you make that work?
It talks about file performance a little bit like buying mounting
files from the windows file system into the Linux file system.
It's a lot.
So there's some example scripts at the bottom of which
maybe some of those will maybe automate part of that.
you know, I only spent a few hours searching, but what I
did was I went out specifically searching for alternatives.
I didn't like really search for Docker desktop alternatives.
What I was looking for was ways to run Docker on Linux and Mac.
And I feel like between that, those two options, ? The Lima option,
this Docker manual, WSL to install, option the minikube option.
I get, yeah, I guess we'll just consider that an option,
even though it's not the way I'd like it it's an option.
And then I feel like those are the three real viable solutions that meet some basic requirements.
Obviously you can use Vagrant and create V you can use multipass right.
I've been a big fan of multipass for windows and Mac to create full Linux VMs.
But one of the things I'm trying to get you away from here is feeling the need that
you have to go manage a VM now and patch it and replace it and update it all the time.
We left that with Vagrant, ? Vagrant was the days of a full fledged VM.
It's got a gig plus a file storage needs, a bunch of services running.
Then you got to install Docker manually and keep that up to date manually.
I don't want to go back to that world.
And so if I was to be forced to replace Docker, desktop, I don't look at multipass or
Vagrant is really a viable option at this time, because that's be basically managing
a VM again, and then having to figure out its own inconsistencies really with
how it manages file by and mounts and the performance of those and how it mounts,
ports, how it publishes ports and how do I get to those from my host machine?
All those concerns, ? There's a lot of those other tools that we talk about a lot on this channel
that I'm not mentioning today because they're really just running a VM and installing Docker.
And then doing work in the VM and we all know we can do that.
We've been able to do that for many years, decades.
And I'm not looking at those.
I'm looking at these very minimal slim VM automatically replaced or updated VMs that
I don't have to manage the Docker install or the versions everything's up to date.
That's kind of what we're looking for.
I think I've got most of that worked out that's what I wanted to cover today.
So if you have any other questions feel free to ask them in chat.
I'll hang around for a little bit to see if we can shore up any of the last remaining questions.
If I didn't get to your question please, re-ask it.
Cause I may have missed it through some of the chat for fraud.
No, you don't pay for performance with Docker they're there.
And again Docker, except for one or two very small features in the GUI
Docker desktop, the personal plan, which is free and Docker desktop, a
part of the Docker subscription paid plans operates exactly the same way.
There are a few things on limits, like limits of hub and the SAS limits that come into play.
And then there's a couple of features in Docker, desktop,
like volume management that are only for paid plans.
And if you haven't seen it while we're sitting here, I'll just show you
so this is the Docker desktop GUI.
one of the things that now has is you can do cleanup.
So it provides like unused used stuff like that.
It has, it allows me to see the size, my big images and my big
volumes volume management, where it's finding my local volumes.
And I can sort by size of how big they are in the images, I
can actually see my remote repositories and I can pull them.
So based on my login, I can now see those images and pull them.
So these are all relatively new features in the GUI that integrate with Docker hub.
And a few of them are paid features.
I don't actually know because I pay for it.
If I logged out.
So see, I, if I'm logged out, I can't see anything about the remote repositories.
See if I don't see anything over here under volumes.
So I still see the volume support.
I still see the clean up.
So I guess it's really just remote repository.
Is that right?
Don't get, unless I, well then again, it says, it just, it says login.
So I don't, I'm not actually sure.
I thought that there was some features in here that you had to pay four, but
it at least is showing me all that same stuff anyway any other questions?
Is there any work around a work around to run containers, Dionne O S X?
Because you can't run.
There is no container demon that we're.
On the O S L 11 now of the Mac OS kernel.
So the the Darwin kernel does not support well, it may support, but there is that no one
has built a container engine that runs on the Mac Colonel and that will build Mac images.
That would really be a cool thing, but it would probably require , the Docker team worked with
the Linux kernel team to make the Linux kernel, Docker, Daemon, the Microsoft or the, the, yeah.
The Microsoft team at windows worked with the Docker team to
make the Docker Daemon run windows containers on windows server.
So those teams had to work together.
They had to change things in the kernel and adapt to make this all work.
So my, my assumption is if we were to ever have a container D run.
On Mac natively without any QE, EMU, Linux, VM, or anything like that, we would require
someone, some team to work with apple and their kernel team to make that whole thing work.
The other thing , that, that is, is that's totally different than a Linux container, right?
So that container D as an engine on any OOS, the only way that it would
ever support a Linux container or outside of a Linux kernel is if you're
doing some sort of kernel emulation or something like that, which is a VM.
I think that's one of the things, things here is like, there's so much complexity going on.
There's so many tools and different layers of absurd action
here, but some of us, I, you know, I get confused about it.
What's running where, and what are the limitations of that?
Or why is it running like that?
And, most of us were just trying to run Linux stuff, but
we're not running on a Linux machine and that's the company.
Uh, Is clean up the same as the prune command.
As far as I know, it's this it's just a GUI for those that don't want to, because some people don't
know about Docker system prune Docker, image, prune, they don't know about those prune commands.
So I think it was an attempt at Docker trying to bring more to new people that maybe aren't
in the command line as much as well as giving us a nice GUI for those that like GUI stuff.
So I'm going to wrap that up for this week.
The way you get notified about all this stuff, by the way, is to jump in.
To my Patreon channel.
I send out a patron announcement every week when we have guests letting people know who's
going to be on the show and when the show is scheduled so that you can plan appropriately.
Thanks again to all my patrons for sponsoring the show
and the podcast and everything else I do in open source.
Thanks so much for listening and I'll see you in the next episode.