The Docker Trusted Registry is a commercial registry service that you can run on-premise or in your virtual private cloud (VPC) to store and manage your Docker images.
Trusted Registry is available in conjunction with a commercially supported Docker Engine to provide you with the peace of mind and support needed for your application environment.
We are excited to release version 1.4 which boasts a set of new features that improve the user experience and expand the systems capabilities for storage flexibility and security. Included in this release is also an update to our commercial support cadence for the open source Engine.
Starting with Engine 1.9, we are introducing a new commercial support cadence. Every release will be supported for a 6 month period giving you the flexibility to upgrade at the pace that’s right for you. During this time any issues filed are addressed by our dedicated support engineers and backported to all supported Engine versions.
So What’s New in Docker Trusted Registry 1.4?
New user interfaces
– Image and repository search and browse
– Accounts and repository permissioning
Search index & API
– A new search index in DTR allows you to utilize an API to find and operate on images in your registry.
Interactive API documentation
– The APIs that come with Docker are a powerful way to automate your workflows. With the interactive documentation, you can learn and understand the APIs quickly.
Image deletion from index
– Soft delete an image manifest from the search index so it can no longer be found
Image garbage collection
– Clear orphaned layers from storage to reclaim disk space
Integration with Docker Content Trust for image signatures (experimental)
– Secure your images and know its provenance. With DCT, you won’t be exposed to man-in-the-middle attacks, malicious updates or Trusted Registry compromises.
Watch the recorded demo of Docker Trusted Registry 1.4 below:
Trusted Registry currently supports 300 concurrent pulls per instance but what instance size though?
The instance size used in the demo was an AWS instance that was m3.xlarge. The image we tested with was the Ubuntu image, which had 4 layers and a total size of roughly 70 Mbs.
Does the per-repo settings include webhook configuration?
No, webhooks are not a feature in Docker Trusted Registry but something we are considering for the future.
What feature will be contributed to open source?
Docker Trusted Registry is a commercial registry solution that you can deploy on-premise or in your VPC. Some of the components of Trusted Registry come from Docker’s open source projects but are integrated together with other services and packaged as commercial software. The experimental Docker Notary integration into the Trusted Registry UI leverages the open source Notary project.
Any plans on scaling Docker Trusted Registry to more instances to increase concurrent pull / push transfers?
In the future yes. We are working on a clustered version of Trusted Registry which will allow this to work in the future.
Is the user interface exclusive to Docker Trusted Registry?
Yes. The graphical user interface is available for Docker Trusted Registry and our hosted cloud registry, Docker Hub but not included in the Docker open source registry.
What tagging options are there? is there something to address categorizing images? like dev/prod/etc
There are a number of ways to categorize your images in Docker Trusted Registry. You can partition by team, repo, or tag all have been used effectively.
What’s the backend database used in Docker Trusted Registry? Can it run separately from the server itself?
The backend database is a SQL database that currently cannot run separately from the server itself.
What is the process of upgrading Trusted Registry from version 1.3.3 to 1.4?
To upgrade your Trusted Registry, please follow these steps:
Navigate to Settings > Updates in DTR
Click the “Update to version x.x.x” button that will be available if an update is available
Refresh your screen. The dashboard will display a message that you need to upgrade to the latest CS Engine.
Stop the Trusted Registry.
Upgrade CS Engine 1.6 to CS Engine 1.9 (using the package manager on the OS).
Can you explain a bit more on garbage collection feature?
Images are currently stored as an image manifest file with pointers to either other manifests or layers in blob storage. When an image is deleted from the index, the manifest is deleted, but the layers are still on disk and orphaned. When the garbage collection job is run, a mark and sweep is done to determined orphaned layers and they are purged from disk.
Interested in learning more?
• Try Docker Trusted Registry with Engine free for 30 days
• Learn how to deploy Docker Trusted Registry with Jenkins for Continuous Integration (CI)
• Register for the support webinar to learn more about Docker’s commercial solutions
Learn More about Docker
• New to Docker? Try our 10 min online tutorial
• Sign up for a free 30 day trial of Docker
• Share images, automate builds, and more with a free Docker Hub account
• Read the Docker 1.9 Release Notes
• Subscribe to Docker Weekly
• Register for upcoming Docker Online Meetups
• Attend upcoming Docker Meetups
• Register for DockerCon Europe 2015
• Start contributing to Docker