Here's a detailed bulleted list of features from the Docker Desktop 4.29 release:
-
Enhanced Container Isolation (ECI) with Docker Socket Mount Permissions:
- General Availability: Available to Business subscribers, enhancing security with unprivileged containers.
- Selective Permissions: Allows admin to specify which container images can access the Docker socket via a curated image list.
- Command Restrictions: Limits the Docker commands that approved containers can execute, providing an additional layer of security.
-
Advanced Error Management:
- Enhanced Error Interface: Combines error codes with explanatory text and support links for easy troubleshooting.
- Direct Diagnostic Uploads: Enables users to share diagnostics directly from the error screen, simplifying the support process.
- Reset and Exit Options: Provides quick fixes directly from the error interface.
- Self-Service Remediation: Offers actionable steps for users to independently resolve issues.
-
New Features in Docker Engine (Moby 26):
- Volume Subpath Mounts: Allows mounting a subdirectory as a named volume for enhanced data management.
- Networking Enhancements: Improves stability and lays groundwork for future IPv6 support.
- Integration of BuildKit 0.13: Includes experimental support for Windows Containers and other efficiency improvements.
- Streamlined API: Deprecated versions removed to enhance security and reliability.
- Multi-Platform Image Enhancements: Improved docker images UX for handling multi-platform images.
-
Beta Release Highlights:
- Docker Debug in Docker Desktop GUI and CLI: Offers tools for debugging both local and remote containerized applications from Docker Desktop.
- Improved Volume Backup Capabilities: Integrates Volumes Backup & Share extension into Docker Desktop, enhancing backup processes.
- Support for Host Network Mode on Docker Desktop for Mac and Windows: Provides enhanced networking capabilities, allowing containers to use the host’s network stack.
-
Air-Gapped Containers (Beta Feature):
- Restricting Network Access: Ensures containers only communicate with approved sources.
- Customizing Proxy Rules: Allows detailed control over container traffic.
- Enhancing Data Protection: Helps prevent unauthorized data transfer in or out of containers.
-
Compose Bind Mount Support with Synchronized File Shares:
- Synchronized File Shares (SFS): Enhances bind mounts with native filesystem performance, speeding up file operations significantly.
- Seamless Integration: Automatically optimizes bind mounts with no additional configuration needed in Compose.