Settings reference

This reference documents all Docker Desktop settings and configuration options. Use this to understand setting behavior across different configuration methods and platforms. It is organized to match the Docker Desktop GUI structure.

Each setting includes:

• Default and accepted values
• Platform compatibility
• Configuration methods (Docker Desktop GUI, Admin Console, admin-settings.json file, or CLI)
• Enterprise security recommendations where applicable

General settings

Start Docker Desktop when you sign in to your computer

• Description: Automatic startup of Docker Desktop when the user logs in to their computer.
• OS: {{< badge color=blue text="All" >}}
• Use case: Ensure Docker Desktop is always available after system boot.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Open Docker Dashboard when Docker Desktop starts

• Description: Whether the Docker Dashboard opens automatically when Docker Desktop launches.
• OS: {{< badge color=blue text="All" >}}
• Use case: Provide immediate access to containers, images, and volumes after startup.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Choose theme for Docker Desktop

• Description: Visual appearance of the Docker Desktop interface.
• OS: {{< badge color=blue text="All" >}}
• Use case: Customize interface appearance to match user preferences or system theme.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Configure shell completions

• Description: How Docker CLI auto-completion integrates with the user's shell.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control whether Docker modifies shell configuration files for auto-completion.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Choose container terminal

• Description: Default terminal used when launching Docker CLI from Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Set preferred terminal application for Docker CLI interactions.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Enable Docker terminal

• Description: Access to Docker Desktop's integrated terminal feature. If the value is set to false, users can't use the Docker terminal to interact with the host machine and execute commands directly from Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Allow or restrict developer access to the built-in terminal for host system interaction.
• Configure this setting with:
  • General setting in Docker Desktop GUI
  • Settings Management: desktopTerminalEnabled setting in the admin-settings.json file

[!NOTE]

In hardened environments, disable and lock this setting to limit host access.

Enable Docker Debug by default

• Description: Whether debug logging is turned on by default for Docker CLI commands.
• OS: {{< badge color=blue text="All" >}}
• Use case: Provide verbose output for troubleshooting and support scenarios.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Include VM in Time Machine backup

• Description: Whether the Docker Desktop virtual machine is included in macOS Time Machine backups.
• OS: {{< badge color=blue text="Mac only" >}}
• Use case: Balance backup completeness with backup size and performance.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Use containerd for pulling and storing images

• Description: Image storage backend used by Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Improve image handling performance and enable containerd-native features.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Choose Virtual Machine Manager

Docker VMM

Apple Virtualization framework

• Description: Use Apple Virtualization Framework to run Docker containers.
• OS: {{< badge color=blue text="Mac only" >}}
• Use case: Improve VM performance on Apple Silicon.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Rosetta

• Description: Use Rosetta to emulate amd64 on Apple Silicon. If value is set to true, Docker Desktop turns on Rosetta to accelerate x86_64/amd64 binary emulation on Apple Silicon.
• OS: {{< badge color=blue text="Mac only" >}} 13+
• Use case: Run Intel-based containers on Apple Silicon hosts.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management:useVirtualizationFrameworkRosetta setting in the admin-settings.json file
  • Settings Management: Use Rosetta for x86_64/amd64 emulation on Apple Silicon setting in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting so only ARM-native images are permitted.

[!NOTE]

Rosetta requires enabling Apple Virtualization framework.

QEMU

[!WARNING]

QEMU has been deprecated in Docker Desktop versions 4.44 and later. For more information, see the blog announcement

Choose file sharing implementation

VirtioFS

• Description: Use VirtioFS for fast, native file sharing between host and containers. If value is set to true, VirtioFS is set as the file sharing mechanism. If both VirtioFS and gRPC are set to true, VirtioFS takes precedence.
• OS: {{< badge color=blue text="Mac only" >}} 12.5+
• Use case: Achieve better file system performance and compatibility on modern macOS.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management: useVirtualizationFrameworkVirtioFS setting in the admin-settings.json file
  • Settings Management: Use VirtioFS for file sharing setting in the Admin Console

[!NOTE]

In hardened environments, enable and lock this setting for macOS 12.5 and later.

gRPC FUSE

• Description: Enable gRPC FUSE for macOS file sharing. If value is set to true, gRPC Fuse is set as the file sharing mechanism.
• OS: {{< badge color=blue text="Mac only" >}}
• Use case: Alternative file sharing with improved performance over legacy osxfs.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management: useGrpcfuse setting in the admin-settings.json file
  • Settings Management: Use gRPC FUSE for file sharing setting in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting.

osxfs

• Description: Use the original osxfs file sharing driver for macOS. When set to true, Docker Desktop uses osxfs instead of VirtioFS or gRPC FUSE to mount host directories into containers.
• OS: {{< badge color=blue text="Mac only" >}}
• Use case: Compatibility with legacy tooling that requires the original file sharing implementation.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Send usage statistics

• Description: Controls whether Docker Desktop collects and sends local usage statistics and crash reports to Docker. This setting affects telemetry gathered from the Docker Desktop application itself. It does not affect server-side telemetry collected via Docker Hub or other backend services, such as sign in timestamps, pulls, or builds.
• OS: {{< badge color=blue text="All" >}}
• Use case: Help Docker improve the product based on usage patterns.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management: analyticsEnabled setting in the admin-settings.json file
  • Settings Management: Send usage statistics setting in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting. This allows you to control all your data flows and collect support logs via secure channels if needed.

[!NOTE]

Organizations using the Insights Dashboard may need this setting enabled to ensure that developer activity is fully visible. If users opt out and the setting is not locked, their activity may be excluded from analytics views.

Use Enhanced Container Isolation

• Description: Advanced container security through Linux user namespaces and additional isolation.
• OS: {{< badge color=blue text="All" >}}
• Use case: Prevent containers from modifying Docker Desktop VM configuration or accessing sensitive host areas.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management: enhancedContainerIsolation setting in the admin-settings.json file
  • Settings Management: Enable enhanced container isolation setting in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting. This allows you to control all your data flows and collect support logs via secure channels if needed.

Show CLI hints

• Description: Display of helpful CLI suggestions in the terminal when using Docker commands.
• OS: {{< badge color=blue text="All" >}}
• Use case: Help users discover Docker CLI features through contextual tips.
• Configure this setting with:
  • General settings in Docker Desktop GUI

Enable Scout image analysis

• Description: Docker Scout SBOM generation and vulnerability scanning for container images.
• OS: {{< badge color=blue text="All" >}}
• Use case: Turn on vulnerability scanning and software bill of materials analysis.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management: sbomIndexing setting in the admin-settings.json file
  • Settings Management: SBOM indexing settings in the Admin Console

[!NOTE]

In hardened environments, enable and lock this setting to ensure compliance scanning is always available.

Enable background Scout SBOM indexing

• Description: Automatic SBOM indexing for images without requiring user interaction.
• OS: {{< badge color=blue text="All" >}}
• Use case: Keep image metadata current by indexing during idle time or after image operations.
• Configure this setting with:
  • General settings in Docker Desktop GUI

[!NOTE]

In hardened environments, enable and lock this setting for continuous security analysis.

Automatically check configuration

• Description: Regular verification that Docker Desktop configuration hasn't been modified by external applications.
• OS: {{< badge color=blue text="All" >}}
• Use case: Track configuration versions for compatibility and change detection.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management: configurationFileVersion setting in the admin-settings.json file

Resources settings

CPU limit

• Description: Number of CPU cores allocated to the Docker Desktop virtual machine.
• OS: {{< badge color=blue text="All" >}}
• Use case: Balance Docker performance with host system resource availability.
• Configure this setting with:
  • Advanced Resources settings in Docker Desktop GUI

Memory limit

• Description: Amount of RAM (in MiB) allocated to the Docker Desktop virtual machine.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control memory allocation to optimize performance for both Docker and host applications.
• Configure this setting with:
  • Advanced Resources settings in Docker Desktop GUI

Swap

• Description: Amount of swap space (in MiB) available to the Docker virtual machine.
• OS: {{< badge color=blue text="All" >}}
• Use case: Extend available memory for container workloads when physical RAM is limited.
• Configure this setting with:
  • Advanced Resources settings in Docker Desktop GUI

Disk usage limit

• Description: Maximum disk space (in MiB) allocated for Docker Desktop data.
• OS: {{< badge color=blue text="All" >}}
• Use case: Prevent Docker from consuming excessive disk space on the host system.
• Configure this setting with:
  • Advanced Resources settings in Docker Desktop GUI

Disk image location

• Description: File system path where Docker Desktop stores virtual machine data.
• OS: {{< badge color=blue text="All" >}}
• Use case: Move Docker data to custom storage locations for performance or space management.
• Configure this setting with:
  • Advanced Resources settings in Docker Desktop GUI

Enable Resource Saver

• Description: Automatic pausing of Docker Desktop when idle to conserve system resources.
• OS: {{< badge color=blue text="All" >}}
• Use case: Reduce CPU and memory usage when Docker Desktop isn't actively being used.
• Configure this setting with:
  • Advanced Resources settings in Docker Desktop GUI

File sharing directories

• Description: Host directories that can be mounted into containers as volumes.
• OS: {{< badge color=blue text="All" >}}
• Use case: Define which host directories containers can access for development workflows.
• Configure this setting with:
  • File sharing Resources settings in Docker Desktop GUI
  • Settings Management: filesharingAllowedDirectories setting in the admin-settings.json file
  • Settings Management: Allowed file sharing directories setting in the Admin Console

[!NOTE]

In hardened environments, lock to an explicit allowlist and disable end-user edits.

Proxy exclude

• Description: Network addresses that containers should bypass when using proxy settings.
• OS: {{< badge color=blue text="All" >}}
• Use case: Define proxy exceptions for internal services or specific domains.
• Configure this setting with:
  • Proxies Resources settings in Docker Desktop GUI
  • Settings Management: proxy setting with manual and exclude modes in the admin-settings.json file
  • Settings Management: Proxy section in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting to maintain strict proxy control.

Docker subnet

• Description: Overrides the network range used for vpnkit DHCP/DNS for *.docker.internal.
• OS: {{< badge color=blue text="Mac only" >}}
• Use case: Customize the subnet used for Docker container networking.
• Configure this setting with:
  • Settings Management: vpnkitCIDR setting in the admin-settings.json file
  • Settings Management: VPN Kit CIDR setting in the Admin Console

Use kernel networking for UDP

• Description: Use the host’s kernel network stack for UDP traffic instead of Docker’s virtual network driver. This enables faster and more direct UDP communication, but may bypass some container isolation features.
• OS: {{< badge color=blue text="All" >}}
• Use case: Improve performance for UDP-intensive applications like real-time media, DNS, or gaming.
• Configure this setting with:
  • Network Resources settings in Docker Desktop GUI

Enable host networking

• Description: Experimental support for containers to use the host network stack directly.
• OS: {{< badge color=blue text="All" >}}
• Use case: Allow containers to bypass Docker's network isolation for specific scenarios.
• Configure this setting with:
  • Network Resources settings in Docker Desktop GUI

Networking mode

• Description: Default IP protocol used when Docker creates new networks.
• OS: {{< badge color=blue text="Windows and Mac" >}}
• Use case: Align with network infrastructure that supports only IPv4 or IPv6.
• Configure this setting with:
  • Network Resources settings in Docker Desktop GUI
  • Settings Management: defaultNetworkingMode setting in the admin-settings.json file
  • Settings Management: Default network IP mode in the Admin Console

For more information, see Networking.

Inhibit DNS resolution for IPv4/IPv6

• Description: Filters unsupported DNS record types. Requires Docker Desktop version 4.43 and up.
• OS: {{< badge color=blue text="Windows and Mac" >}}
• Use case: Control how Docker filters DNS records returned to containers, improving reliability in environments where only IPv4 or IPv6 is supported.
• Configure this setting with:
  • Network Resources settings in Docker Desktop GUI
  • Settings Management: dnsInhibition setting in the admin-settings.json file
  • Settings Management: DNS filtering behavior in the Admin Console

For more information, see Networking.

Enable WSL engine

• Description: If the value is set to true, Docker Desktop uses the WSL2 based engine. This overrides anything that may have been set at installation using the --backend=<backend name> flag.
• OS: {{< badge color=blue text="Windows only" >}} + WSL
• Use case: Run Linux containers on Windows using the WSL 2 backend for better performance.
• Configure this setting with:
  • WSL Integration Resources settings in Docker Desktop GUI
  • Settings Management: wslEngineEnabled setting in the admin-settings.json file
  • Settings Management: Windows Subsystem for Linux (WSL) Engine setting in the Admin Console

[!NOTE]

In hardened environments, enable and lock this setting for improved security and performance.

Docker Engine settings

The Docker Engine settings let you configure low-level daemon settings through a raw JSON object. These settings are passed directly to the dockerd process that powers container management in Docker Desktop.

• Description: Customize the behavior of the Docker daemon using a structured JSON config passed directly to dockerd.
• OS: {{< badge color=blue text="All" >}}
• Use case: Configure registry access, enable debug logging, or turn on experimental features.
• Configure this setting with:
  • Docker Engine settings in Docker Desktop GUI

[!NOTE]

In hardened environments, provide a vetted configuration and lock it to prevent unauthorized daemon modifications.

[!IMPORTANT]

Values for this setting are passed as-is to the Docker daemon. Invalid or unsupported fields may prevent Docker Desktop from starting.

Builders settings

Builders settings lets you manage Buildx builder instances for advanced image-building scenarios, including multi-platform builds and custom backends.

• Description: Buildx builder instances for advanced image building scenarios.
• OS: {{< badge color=blue text="All" >}}
• Use case: Set up cross-platform builds, remote builders, or custom build environments.
• Configure this setting with:
  • Builders settings in Docker Desktop GUI

[!NOTE]

Builder definitions are structured as an array of objects, each describing a builder instance. Conflicting or unsupported configurations may cause build errors.

AI settings

Enable Docker Model Runner

• Description: Docker Model Runner functionality for running AI models in containers.
• OS: {{< badge color=blue text="All" >}}
• Use case: Run and manage AI/ML models using Docker infrastructure.
• Configure this setting with:
  • AI settings in Docker Desktop GUI
  • Settings Management: enableInference setting in the admin-settings.json file
  • Settings Management: Enable Docker Model Runner setting in the Admin Console

Enable host-side TCP support

• Description: TCP connectivity for Docker Model Runner services.
• OS: {{< badge color=blue text="All" >}}
• Use case: Allow external applications to connect to Model Runner via TCP.
• Configure this setting with:
  • AI settings in Docker Desktop GUI
  • Settings Management: enableInferenceTCP setting in the admin-settings.json file
  • Settings Management: Host-side TCP support setting in the Admin Console

[!NOTE]

This setting requires Docker Model Runner setting to be enabled first.

Port

• Description: Specific port used for Model Runner TCP connections.
• OS: {{< badge color=blue text="All" >}}
• Use case: Customize the port for Model Runner TCP connectivity.
• Configure this setting with:
  • AI settings in Docker Desktop GUI
  • Settings Management: enableInferenceTCPPort setting in the admin-settings.json file
  • Settings Management: Host-side TCP port setting in the Admin Console

[!NOTE]

This setting requires Docker Model Runner and host-side TCP support settings to be enabled first.

CORS Allowed Origins

• Description: Cross-origin resource sharing settings for Model Runner web integration.
• OS: {{< badge color=blue text="All" >}}
• Use case: Allow web applications to connect to Model Runner services.
• Configure this setting with:
  • AI settings in Docker Desktop GUI
  • Settings Management: enableInferenceCORS setting in the admin-settings.json file
  • Settings Management: CORS Allowed Origins setting in the Admin Console

[!NOTE]

This setting requires Docker Model Runner and host-side TCP support settings to be enabled first.

Enable GPU-backed inference

• Description: GPU-backed inference.
• OS: {{< badge color=blue text="Windows only" >}}
• Use case: Enable GPU-backed inference. Additional components will be downloaded to ~/.docker/bin/inference.
• Configure this setting with:
  • AI settings in Docker Desktop GUI
  • Settings Management: enableInferenceGPUVariant setting in the admin-settings.json file
  • Settings Management: Enable GPU-backed inference setting in the Admin Console

Kubernetes settings

Enable Kubernetes

• Description: Local Kubernetes cluster integration with Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Provide local Kubernetes development environment for testing and development.
• Configure this setting with:
  • Kubernetes settings in Docker Desktop GUI
  • Settings Management: kubernetes setting in the admin-settings.json file
  • Settings Management: Allow Kubernetes setting in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting unless Kubernetes development is specifically required.

[!IMPORTANT]

When Kubernetes is enabled through Settings Management policies, only the kubeadm cluster provisioning method is supported. The kind provisioning method is not yet supported by Settings Management.

Choose cluster provisioning method

• Description: Kubernetes cluster topology and node configuration.
• OS: {{< badge color=blue text="All" >}}
• Use case: Choose between single-node (kubeadm) or multi-node (kind)` cluster configurations for different development needs.
• Configure this setting with:
  • Kubernetes settings in Docker Desktop GUI

Kubernetes node count (kind provisioning)

• Description: Number of nodes in multi-node Kubernetes clusters.
• OS: {{< badge color=blue text="All" >}}
• Use case: Scale cluster size for testing distributed applications or cluster features.
• Configure this setting with:
  • Kubernetes settings in Docker Desktop GUI

Kubernetes node version (kind provisioning)

• Description: Kubernetes version used for cluster nodes.
• OS: {{< badge color=blue text="All" >}}
• Use case: Pin specific Kubernetes versions for consistency or compatibility requirements.
• Configure this setting with:
  • Kubernetes settings in Docker Desktop GUI

Show system containers

• Description: Visibility of Kubernetes system containers in Docker Desktop Dashboard.
• OS: {{< badge color=blue text="All" >}}
• Use case: Allow developers to view and debug kube-system containers.
• Configure this setting with:
  • Kubernetes settings in Docker Desktop GUI

[!NOTE]

In hardened environments, disable and lock this setting to reduce interface complexity.

Software updates settings

Automatically check for updates

• Description: Whether Docker Desktop checks for and notifies about available updates. If the value is set to true, checking for updates and notifications about Docker Desktop updates are disabled.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control update notifications and automatic version checking.
• Configure this setting with:
  • Settings Management: disableUpdate setting in the admin-settings.json file
  • Settings Management: Disable update setting in the Admin Console

[!NOTE]

In hardened environments, enable this setting and lock. This guarantees that only internally vetted versions are installed.

Always download updates

• Description: Automatic downloading of Docker Desktop updates when they become available.
• OS: {{< badge color=blue text="All" >}}
• Use case: Manage bandwidth usage and control when updates are downloaded.
• Configure this setting with:
  • Software updates settings in Docker Desktop GUI
  • Settings Management: Disable updates setting in the Admin Console

Automatically update components

• Description: Allow Docker Desktop to automatically update components that don't require a restart.
• OS: {{< badge color=blue text="All" >}}
• Use case: Automatically updates key Docker Desktop components such as Docker Compose, Docker Scout, the Docker CLI.
• Configure this setting with:
  • General settings in Docker Desktop GUI
  • Settings Management: silentModulesUpdate setting in the admin-settings.json file
  • Settings Management: Automatically update components setting in the Admin Console

Extensions settings

Enable Docker extensions

• Description: Access to Docker Extensions marketplace and installed extensions.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control whether users can install and run Docker Extensions.
• Configure this setting with:
  • Extensions settings in Docker Desktop GUI
  • Settings Management: extensionsEnabled setting in the admin-settings.json file
  • Settings Management: Allow Extensions setting in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting. This prevents third-party or unvetted plugins from being installed.

Allow only extensions distributed through the Docker Marketplace

• Description: Restriction of Docker Extensions to only those available through the official marketplace.
• OS: {{< badge color=blue text="All" >}}
• Use case: Prevent installation of third-party or locally developed extensions.
• Configure this setting with:
  • Extensions settings in Docker Desktop GUI
  • Settings Management: onlyMarketplaceExtensions setting in the admin-settings.json file
  • Settings Management: Only marketplace extensions setting in the Admin Console

Enable a private marketplace

• Description: Activates the private marketplace.
• OS: {{< badge color=blue text="All" >}}
• Use case: Ensures Docker Desktop connects to content defined and controlled by the administrator instead of the public Docker marketplace.
• Configure this setting with:
  • Settings Management: extensionsPrivateMarketplace setting in the admin-settings.json file
  • Settings Management: Extensions private marketplace setting in the Admin Console

Show Docker Extensions system containers

• Description: Visibility of system containers used by Docker Extensions in the container list.
• OS: {{< badge color=blue text="All" >}}
• Use case: Help developers troubleshoot extension issues by viewing underlying containers.
• Configure this setting with:
  • Extensions settings in Docker Desktop GUI

Beta features settings

[!IMPORTANT]

For Docker Desktop versions 4.41 and earlier, these settings were under the Experimental features tab on the Features in development page.

Enable Gordon

• Description: Enable the Gordon AI agent
• OS: {{< badge color=blue text="All" >}}
• Use case: Turn on AI-powered assistance and recommendations within Docker Desktop.
• Configure this setting with:
  • Beta settings in Docker Desktop GUI
  • Settings Management: enableDockerAI setting in the admin-settings.json file
  • Settings Management: Enable Gordon setting in the Admin Console

[!IMPORTANT]

Docker Business customers must set this to "Enabled" or "Always Enabled" in the Admin Console. Setting to "User Defined" alone will not activate Gordon features. This secure-by-default approach prevents unintended deployment of AI features in security-conscious organizations.

Enable Docker MCP Toolkit

• Description: Enable Docker MCP Toolkit in Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Turn on MCP toolkit features for AI model development workflows.
• Configure this setting with:
  • Beta settings in Docker Desktop GUI
  • Settings Management: enableDockerMCPToolkit setting in the admin-settings.json file

Enable Docker Offload

• Description: Enable Docker Offload integration features and functionality. When enabled, users see the Docker Offload toggle in the Docker Desktop header.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control Docker Offload availability and whether users can change the setting.
• Configure this setting with:
  • Docker Offload settings in Docker Desktop GUI
  • Settings Management: enableCloud setting in the admin-settings.json file
  • Settings Management: Enable Docker Offload setting in the Admin Console

[!NOTE]

This setting is only available when Docker Offload capability is enabled for the organization.

Enable Wasm

• Description: Enable Wasm to run Wasm workloads.
• OS: {{< badge color=blue text="All" >}}
• Use case: Run WebAssembly applications and modules within Docker containers.
• Configure this setting with:
  • Beta settings in Docker Desktop GUI

Notifications settings

Status updates on tasks and processes

• Description: General informational messages displayed within Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control visibility of operational status messages and process updates.
• Configure this setting with:
  • Notifications settings in Docker Desktop GUI

Recommendations from Docker

• Description: Promotional content and feature recommendations displayed in Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Manage exposure to Docker marketing content and feature promotions.
• Configure this setting with:
  • Notifications settings in Docker Desktop GUI

Docker announcements

• Description: General announcements and news displayed within Docker Desktop.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control visibility of Docker-wide announcements and important updates.
• Configure this setting with:
  • Notifications settings in Docker Desktop GUI

Docker surveys

• Description: Survey invitations and feedback requests displayed to users.
• OS: {{< badge color=blue text="All" >}}
• Use case: Manage user participation in Docker product feedback and research.
• Configure this setting with:
  • Notifications settings in Docker Desktop GUI

Docker Scout notification pop-ups

• Description: In-application notifications from Docker Scout vulnerability scanning.
• OS: {{< badge color=blue text="All" >}}
• Use case: Control visibility of vulnerability scan results and security recommendations.
• Configure this setting with:
  • Notifications settings in Docker Desktop GUI

Docker Scout OS notifications

• Description: Operating system-level notifications from Docker Scout.
• OS: {{< badge color=blue text="All" >}}
• Use case: Receive Scout security alerts through the system notification center.
• Configure this setting with:
  • Notifications settings in Docker Desktop GUI

Advanced settings

Configure installation of Docker CLI

• Description: File system location where Docker CLI binaries are installed.
• OS: {{< badge color=blue text="All" >}}
• Use case: Customize CLI installation location for compliance or tooling integration requirements.
• Configure this setting with:
  • Advanced settings in Docker Desktop GUI

Allow the default Docker socket to be used

• Description: By default, enhanced container isolation blocks bind-mounting the Docker Engine socket into containers (e.g., docker run -v /var/run/docker.sock:/var/run/docker.sock ...). This lets you relax this in a controlled way. See ECI Configuration for more info.
• OS: {{< badge color=blue text="All" >}}
• Use case: Support Docker-in-Docker scenarios, CI agents, or tools like Testcontainers while maintaining Enhanced Container Isolation.
• Configure this setting with:
  • Advanced settings in Docker Desktop GUI
  • Settings Management: dockerSocketMount setting in the admin-settings.json file

Allow privileged port mapping

• Description: Permission to bind container ports to privileged ports (1-1024) on the host.
• OS: {{< badge color=blue text="Mac only" >}}
• Use case: Allow containers to use standard service ports like HTTP (80) or HTTPS (443).
• Configure this setting with:
  • Advanced settings in Docker Desktop GUI

Settings only available with Settings Management

The following settings aren’t shown in the Docker Desktop GUI. You can only configure them using Settings Management with the Admin Console or the admin-settings.json file.

Block docker load

• Description: Prevent users from loading local Docker images using the docker load command.
• OS: {{< badge color=blue text="All" >}}
• Use case: Enforce image provenance by requiring all images to come from registries.
• Configure this setting with:
  • Settings Management: blockDockerLoad setting in the admin-settings.json file
  • Settings Management: Block Docker Load setting in the Admin Console

[!NOTE]

In hardened environments, enable and lock this setting. This forces all images to come from your secure, scanned registry.

Hide onboarding survey

• Description: Prevent the onboarding survey from being shown to new users.
• OS: {{< badge color=blue text="All" >}}
• Configure this setting with:
  • Settings Management: displayedOnboarding setting in the admin-settings.json file
  • Settings Management: Hide onboarding survey setting in the Admin Console

Expose Docker API on TCP 2375

• Description: Exposes the Docker API over an unauthenticated TCP socket on port 2375. Only recommended for isolated and protected environments.
• OS: {{< badge color=blue text="Windows only" >}}
• Use case: Support legacy integrations that require TCP API access.
• Configure this setting with:
  • Settings Management: exposeDockerAPIOnTCP2375 in the admin-settings.json file
  • Settings Management: Expose Docker API setting in the Admin Console

[!NOTE]

In hardened environments, disable and lock this setting. This ensures the Docker API is only reachable via the secure internal socket.

Air-gapped container proxy

• Description: HTTP/HTTPS proxy configuration for containers in air-gapped environments.
• OS: {{< badge color=blue text="All" >}}
• Use case: Provide controlled network access for containers in offline or restricted network environments.
• Configure this setting with:
  • Settings Management: containersProxy setting in the admin-settings.json file
  • Settings Management: Containers proxy section in the Admin Console

Example

"containersProxy": {
  "locked": true,
  "mode": "manual",
  "http": "",
  "https": "",
  "exclude": [],
  "pac": "",
  "transparentPorts": ""
}

Docker socket access control (ECI exceptions)

• Description: Specific images and commands allowed to use the Docker socket when Enhanced Container Isolation is active.
• OS: {{< badge color=blue text="All" >}}
• Use case: Support tools like Testcontainers, LocalStack, or CI systems that need Docker socket access while maintaining security.
• Configure this setting with:
  • Settings Management: enhancedContainerIsolation > dockerSocketMount in the admin-settings.json file
  • Settings Management: Command list in the Admin Console

Example

"enhancedContainerIsolation": {
  "locked": true,
  "value": true,
  "dockerSocketMount": {
    "imageList": {
      "images": [
        "docker.io/localstack/localstack:*",
        "docker.io/testcontainers/ryuk:*"
      ]
    },
    "commandList": {
      "type": "deny",
      "commands": ["push"]
    }
  }
}

Allow beta features

• Description: Access to Docker Desktop features in public beta.
• OS: {{< badge color=blue text="All" >}}
• Use case: Provide early access to features in development for testing and feedback.
• Configure this setting with:
  • Settings Management: allowBetaFeatures setting in the admin-settings.json file
  • Settings Management: Access beta features

[!NOTE]

In hardened environments, disable and lock this setting.

Docker daemon options (Linux or Windows)

• Description: Override the Docker daemon configuration used in Linux or Windows containers.
• OS: {{< badge color=blue text="All" >}}
• Use case: Configure advanced daemon options without modifying local configuration files.
• Configure this setting with:
  • Settings Management: linuxVM.dockerDaemonOptions or windowsContainers.dockerDaemonOptions in the admin-settings.json file

[!NOTE]

In hardened environments, provide a vetted JSON config and lock it so no overrides are possible.

VPNKit CIDR

• Description: Network subnet used for Docker Desktop's internal VPNKit DHCP/DNS services.
• OS: {{< badge color=blue text="Mac only" >}}
• Use case: Prevent IP address conflicts in environments with overlapping network subnets.
• Configure this setting with:
  • Settings Management: vpnkitCIDR setting in the admin-settings.json file
  • Settings Management: VPN Kit CIDR setting in the Admin Console

[!NOTE]

In hardened environments, lock to an approved, non-conflicting CIDR.

Enable Kerberos and NTLM authentication

• Description: Enterprise proxy authentication support for Kerberos and NTLM protocols.
• OS: {{< badge color=blue text="All" >}}
• Use case: Support enterprise proxy servers that require Kerberos or NTLM authentication.
• Configure this setting with:
  • Settings Management: proxy.enableKerberosNtlm in the admin-settings.json file
  • Settings Management: Kerberos NTLM setting in the Admin Console

PAC file URL

• Description: Specifies a PAC file URL. For example, "pac": "http://proxy/proxy.pac".
• OS: {{< badge color=blue text="All" >}}
• Configure this setting with:
  • Settings Management: pac in the admin-settings.json file
  • Settings Management: PAC file setting in the Admin Console

Embedded PAC script

• Description: Specifies an embedded PAC (Proxy Auto-Config) script. For example, "embeddedPac": "function FindProxyForURL(url, host) { return \"DIRECT\"; }".
• OS: {{< badge color=blue text="All" >}}
• Configure this setting with:
  • Settings Management: embeddedPac in the admin-settings.json file
  • Settings Management: Embedded PAC script setting in the Admin Console

Custom Kubernetes image repository

• Description: Registry used for Kubernetes control plane images instead of Docker Hub. This allows Docker Desktop to pull Kubernetes system images from a private registry or mirror instead of Docker Hub. This setting overrides the [registry[:port]/][namespace] portion of image names.
• OS: {{< badge color=blue text="All" >}}
• Use case: Support air-gapped environments or when Docker Hub access is restricted.
• Configure this setting with:
  • Settings Management: KubernetesImagesRepository settings in the admin-settings.json file
  • Settings Management: Kubernetes Images Repository setting in the Admin Console

[!NOTE]

Images must be mirrored from Docker Hub with matching tags. Required images depend on the cluster provisioning method.

[!IMPORTANT]

When using custom image repositories with Enhanced Container Isolation, add these images to the ECI allowlist: [imagesRepository]/desktop-cloud-provider-kind:* and [imagesRepository]/desktop-containerd-registry-mirror:*.