Ben Firshman

Announcing Docker 1.8: Content Trust, Toolbox, and Updates to Registry and Orchestration

Ben Firshman

We’re thrilled to announce Docker 1.8 with support for image signing, a new installer, as well as incremental improvements to Engine, Compose, Swarm, Machine and Registry.

You’ve been telling us that you want Docker to be more extensible and composed of smaller, standalone components. We hear you loud and clear. In June, we announced our intention to release runC as a separate piece of plumbing. With this release we’re taking another step towards that goal. The system powering image signing has been implemented as a separate piece of plumbing called Notary, and volume plugins, an experimental feature in 1.7, has now been promoted to the stable release.
Across the board we’ve been making the usual quality improvements – something we know is important to all of you running Docker in production.


Docker Content Trust and The Update Framework (TUF)

Docker Content Trust is a new feature in Docker Engine 1.8 that makes it possible to verify the publisher of Docker images. When a publisher pushes an image to a remote registry, Docker signs the image with a private key. When you later pull this image, Docker uses the publisher’s public key to verify that the image you are about to run is exactly what the publisher created, has not been tampered with, and is up to date. 

Read more about Docker Content Trust and its use of TUF in this blog post.


Docker Toolbox

Along with this release of Docker, we are also releasing a new installer for Mac OS X and Windows called Docker Toolbox.

Toolbox is the fastest way to get up and running with a Docker development environment. It installs the Docker client, Machine, Compose (Mac only for now) and VirtualBox – everything you need to get started.

Get started and download the Docker Toolbox or read more in the Toolbox blog post here.


Docker Engine 1.8

In the last release we included experimental support for volume plugins, allowing you to back Docker volumes by any third-party storage system. Volume plugins are now in the stable build of Docker Engine, and the community has been hard at work integrating storage systems into Docker. There are plugins available from ecosystem partners like Blockbridge, Ceph, ClusterHQ, EMC and Portworx.

In Engine 1.6 we added logging drivers so you could ship logs from containers directly to logging systems like syslogd. In this version we’re adding some more systems: GELF, Fluentd and a driver which will rotate your on-disk logs. 

As well as these features, we’ve also got a few smaller things we think you’ll like:

Copy files from host to container: docker cp used to only copy files from a container out to the host, but it now works the other way round: docker cp foo.txt mycontainer:/foo.txt

Daemon command: Running the daemon is now done with a new docker daemon command instead of passing the -d flag, making it really clear which command-line options are for client (docker --help) and daemon (docker daemon --help).

Customisable ps format: docker ps now takes a --format option which you can use to customise the output of the command.

Configurable client config directory: The Docker client stores some config files in ~/.docker. In case you need to run multiple clients on a single machine, this is now configurable with --config and the DOCKER_CONFIG environment variable.

Check out the full release notes for more details. Head over to the installation instructions for Engine to get started or upgrade. If you’re on Ubuntu, Debian, Fedora, CentOS or Oracle Linux, you might also be interested in our new apt and yum repositories we added since the last release.


Docker Registry 2.1

Back in April, we released Registry 2.0 which debuted a new image format and architecture for better performance and faster image pulls. Today we’re releasing Registry 2.1, which is even faster, more secure and has a handful of new features:

Listing repositories: You can now list the contents of your registry through the API.

New storage drivers: In addition to Amazon S3 and Azure, images can now be stored in OpenStack Swift, Ceph Rados, and Aliyun OSS.

Soft deletes: You can now use the API to remove the references to images and layers from your registry.

Check out the release notes for full details, or head over to the documentation to get started.


Orchestration Updates

Docker continues to get better at orchestrating distributed apps with updates to Compose, Swarm and Machine. This is what’s new in Compose 1.4:

Dramatically faster: You should find that your apps start and stop much, much faster. Compose will now only recreate containers where needed, and will perform operations in parallel where possible.
Custom container names: You can now pass the container_name option in your Compose file to give a service’s container a specific name.
Read config from stdin: Compose can now read configs from stdin so you can automatically generate them:

$ echo 'redis: {"image": "redis"}' | docker-compose --file - up


See the release notes for everything that’s new. If you’re on Mac OS X, you can of course now download Toolbox to try out Compose. If you’re on another platform, check out the usual installation instructions.

Machine 0.4 is now included in Toolbox as the default, recommended way to set up a Docker development environment. In this version there is support for configuring the Engine for HTTP proxies, as well as a heap of other little things. Check out the full release notes, and download Toolbox to try out Machine.

Swarm 0.4 is all about stability and quality. It has a bunch of improvements to the built-in scheduler as well as improvements to the Mesos driver so you can use Docker tools to control a Mesos cluster. Check out the release notes for full details, and the getting started instructions to get up and running with Swarm.



Learn More about the Docker 1.8 Release

Join our upcoming Docker online meetups featuring Docker engineers discussing the latest features of Docker 1.8 including plugins, Docker Content Trust and Toolbox – click here to register!



 Learn More about Docker



5 thoughts on “Announcing Docker 1.8: Content Trust, Toolbox, and Updates to Registry and Orchestration

  1. Sebastian Herrmann

    Awesome, so many enhancements! Thanks a lot for the great work, looking forward to the updates.

Leave a Reply