Home Explore Blog CI



docker
5th chunk of `content/manuals/desktop/setup/install/windows-install.md`
7d18c4c569a50291e696fed74512acf8bbf4092ba5326ec100000001000009da
- `--always-run-service`: After installation completes, starts `com.docker.service` and sets the service startup type to Automatic. This circumvents the need for administrator privileges, which are otherwise necessary to start `com.docker.service`. `com.docker.service` is required by Windows containers and Hyper-V backend.

##### Security and access control

- `--allowed-org=<org name>`: Requires the user to sign in and be part of the specified Docker Hub organization when running the application
- `--admin-settings`: Automatically creates an `admin-settings.json` file which is used by admins to control certain Docker Desktop settings on client machines within their organization. For more information, see [Settings Management](/manuals/security/for-admins/hardened-desktop/settings-management/_index.md).
  - It must be used together with the `--allowed-org=<org name>` flag. 
  - For example:`--allowed-org=<org name> --admin-settings="{'configurationFileVersion': 2, 'enhancedContainerIsolation': {'value': true, 'locked': false}}"`
- `--no-windows-containers`: Disables the Windows containers integration. This can improve security. For more information, see [Windows containers](/manuals/desktop/setup/install/windows-permission-requirements.md#windows-containers).

##### Proxy configuration

- `--proxy-http-mode=<mode>`: Sets the HTTP Proxy mode, `system` (default) or `manual`
- `--override-proxy-http=<URL>`: Sets the URL of the HTTP proxy that must be used for outgoing HTTP requests, requires `--proxy-http-mode` to be `manual`
- `--override-proxy-https=<URL>`: Sets the URL of the HTTP proxy that must be used for outgoing HTTPS requests, requires `--proxy-http-mode` to be `manual`
- `--override-proxy-exclude=<hosts/domains>`: Bypasses proxy settings for the hosts and domains. Uses a comma-separated list.
- `--proxy-enable-kerberosntlm`: Enables Kerberos and NTLM proxy authentication. If you are enabling this, ensure your proxy server is properly configured for Kerberos/NTLM authentication. Available with Docker Desktop 4.32 and later.

##### Data root and disk location

- `--hyper-v-default-data-root=<path>`: Specifies the default location for the Hyper-V VM disk. 
- `--windows-containers-default-data-root=<path>`: Specifies the default location for the Windows containers.
- `--wsl-default-data-root=<path>`: Specifies the default location for the WSL distribution disk.

## Start Docker Desktop

Docker Desktop does not start automatically after installation. To start Docker Desktop:
Title: Docker Desktop Installation Flags: Security, Proxy, and Data Root Configuration
Summary
This section details various flags available during Docker Desktop installation, focusing on security, proxy configuration, and data root/disk location settings. Security flags include '--allowed-org' to restrict usage to specific Docker Hub organizations and '--no-windows-containers' to disable Windows containers integration for enhanced security. Proxy configuration flags allow setting HTTP/HTTPS proxies, excluding hosts/domains, and enabling Kerberos/NTLM authentication. Additionally, flags such as '--hyper-v-default-data-root', '--windows-containers-default-data-root', and '--wsl-default-data-root' enable specifying custom locations for Hyper-V VM disks, Windows containers, and WSL distribution disks, respectively. The section concludes by noting that Docker Desktop doesn't start automatically post-installation.