How Docker IT Deploys Docker Desktop

Key highlights

• 24-hour deployment: Docker IT quickly deployed Docker Desktop to hundreds of macOS and Windows computers in 24 hours.
• Security compliance: Admins deployed enforcement and settings via MDM for centralized control, ensuring more secure deployments to Docker employees.
• Visibility with Insights Dashboard: The Docker Desktop Insights Dashboard provided better visibility into version data and container usage, building deeper understanding and more effective policy management.

“From setup to deployment, it took 24 hours. We started on a Monday morning, and by the next day, it was done.” — Jeffrey Strauss, Head of Docker IT.

Introduction

At Docker, we’re constantly looking for ways to improve how we develop and deploy applications. As a leading company in containerization technology, we strive to simplify complex workflows, enhance the developer experience, and accelerate innovation.

With a core team of eight admins and engineers, the Docker IT department manages everything from infrastructure and network security to ensuring all employees have the correct software installed. However, our unique circumstances require deploying Docker Desktop across various non-engineering teams for customer demonstrations, support, and detailed documentation. While our previous methods were functional, they involved considerable manual effort, making us eager to adopt a more streamlined and user-friendly approach to improve security and user management.

Recently, we improved the capabilities for managing Docker Desktop deployments and implemented them across our organization.  As soon as the combined tools were available internally, our IT team refined our deployment processes. We transitioned from `registry.json` files to registry keys and the new MSI installer for Windows, and configuration profiles with the upcoming PKG installer for macOS. With this transition, we simplified deployment and provided better control to our administrators. Alongside these tools, the Docker Desktop Insights Dashboard provided critical data and visibility, improving management across the board. 

The introduction of these features — some already available and others on the roadmap — was another step toward improving our internal workflows and living up to our core values of innovation and ease of use. “It’s about making the process, stability, and usability of the deployment easier and more efficient for everyone involved,” Jeffrey Strauss, Head of Docker IT, explains.

The opportunity

Enhancing Docker Desktop management

Currently used internally and in preview with select customers, the Insights Dashboard offers admin comprehensive telemetry and insights about how their teams are using Docker. When organizations enforce login, they unlock the full potential of Docker Desktop, gaining comprehensive visibility into its usage across their teams. With our new Insights Dashboard, this new data is surfaced in an intuitive way to empower organizations to make informed decisions.  For example, Admins now have a complete picture of which versions are installed, so they can make informed decisions regarding updates, resource allocation, and compliance. 

Previously, the Docker IT team used `registry.json` files to ensure users were logging into the Docker organization while using Docker Desktop for security and compliance purposes. Although this method was functional, it required additional effort and needed to be more user-friendly. “Deploying .json files can be more cumbersome because they might require customization prior to deployment,” Strauss explains. Recognizing this, we aimed to find a more efficient and streamlined approach to Docker Desktop management.

Our existing mobile device management (MDM) tools managed Docker Desktop through configured installation flags and managed enterprise login. This process, especially on Windows systems, required additional steps and dependencies. “There are a couple of little nuances, particularly on the Windows side, where you have to install some dependencies before deployment,” Strauss says.

With the release of Docker Desktop 4.34, the MSI Installer and new login enforcement alternatives became generally available. These enhancements and upcoming features in the Docker roadmap aim to streamline administration, improve security, and enhance the user experience for Docker Business subscribers. 

The Docker Desktop MSI Installer assists with mass deployments and customizations using standardized silent install parameters. Additionally, the updated login enforcement features help enterprises of all sizes increase user logins, simplify administration, and reduce learning curves for IT administrators.

These updates provided an opportunity to refine our Docker deployment processes further. “The goal was to reduce administrative overhead, improve usage tracking, and integrate seamlessly with our MDM tools. By proactively addressing these areas, we improved our internal workflows and positioned ourselves to better support our customers in doing the same,” explains Steven Novick, Docker Principal Product Manager.

The solution

Refining Docker Desktop deployment

We implemented a new, streamlined solution to capitalize on the opportunity to improve Docker Desktop management. We transitioned from using `registry.json` files to registry keys for Windows, configuration profiles for macOS, and MSI and PKG installers for easier deployment.

Steps taken to deploy Docker Desktop in under 24 hours:

• Packaged Docker Desktop (DD) for deployment across macOS and Windows devices.
• Set up smart groupings within MDM to detect where DD was installed.
• Packaged DD for streamlined deployment and management across macOS and Windows using InTune and Jamf, ensuring all devices had DD installed and users were logged in with the Docker organization account.

This change allowed us to give better control to administrators and simplify the deployment process. “The switch to registry keys and configuration profiles gives a little bit more control to the administrators and removes a little bit of control from the users, even when they have admin access to machines,” Strauss says.

The implementation process was straightforward and efficient. We communicated the changes early and often through Slack and email to ensure everyone was well-informed. The actual deployment was completed within 24 hours. “From setup to deployment, it took 24 hours. We started on a Monday morning, and by the next day, it was done,” Strauss says.

Key features of our new solution include:

• Docker Desktop Insights Dashboard: Combined with enforced login, this new feature offered visibility into version installations, image pushes and pulls, build stats, and more, allowing us to drive better development practices beyond version upgrades.
• Enforced login using registry keys (Windows) and configuration profiles (macOS): This provided centralized control and compliance with security policies.
  “The value of the login enforcement isn’t the focus since it’s been possible for a long time. What’s more important is how easy it is to do now,” Strauss says.
• Seamless integration with MDM tools and new installer packages: We integrated with Microsoft Intune for Windows and Jamf for Mac, simplifying the deployment process and reducing administrative effort.

Throughout the implementation, we faced and addressed several unique situations at Docker. Key considerations included ensuring seamless updates without disrupting users and managing exceptions for specific configurations, such as authenticating during testing. “Because our customer success team or engineering needed to work on multiple versions of Docker Desktop, we’ve had to do things like create opt-out scenarios where users can go and opt-out using some of our tooling,” Strauss says.

Testing the new deployment method, transitioning to MSI and PKG files, and establishing an opt-out process for users were critical milestones. “When we first tested a release candidate sent to us as a PKG file, I breathed a sigh of relief because it’s so easy to deploy,” Strauss says.

Key benefits

Implementing our refined solution for Docker Desktop management has delivered several key benefits, enhancing our internal processes and positioning us to support our customers better.

Results

Transitioning to registry keys, configuration profiles, and MSI and PKG installers facilitated faster deployment times and minimized administrative efforts with Docker Desktop. This change yielded more streamlined management, making operations more straightforward and secure.

Adopting SSO and SCIM fortified our security infrastructure. These integrations ensure stringent adherence to security protocols, enhancing overall operational security. And, our newly implemented Insights Dashboard offers comprehensive analytics on Docker utilization, significantly improving resource distribution and management decisions.

We are committed to continuous improvement and innovation in Docker Desktop management. Check out new Docker Desktop releases to gain access to these new features. By staying ahead of the curve, we aim to maintain our leading edge in technology deployment and support our customers in achieving their goals with Docker.

Learn more

• Subscribe to the Docker Newsletter.
• Get the latest release of Docker Desktop.
• Have questions? The Docker community is here to help.
• New to Docker? Get started.