We are excited to announce that the Docker Registry HTTP API V2 specification will be adopted in the Open Container Initiative (OCI), the organization under the Linux Foundation that provides the standards that fuel the containerization industry. The Docker team is proud to see another aspect of our technology stack become a de-facto standard. As we’ve done with our image format, we are happy to formally share and collaborate with the container ecosystem as part of the OCI community. Our distribution protocol is the underpinning of all container registries on the market and is so robust that it is leveraged over a billion times every two weeks as container content is distributed across the globe.
What does this protocol do?
Putting the protocol into perspective, part of the core functionality of Docker is the ability to push and pull images. From the first “Hello, World” moment, this concept is introduced to every user and is a large part of the Docker experience. While we normally sit back in our armchairs and marvel at this magical occurence, the amount of design and consideration that has gone into that simple capability can easily be overlooked.
When Docker was first released, the team quickly put together a protocol and implementation of the Image Registry and the magic truly began. An Image Registry provides a common service to store images across machines. It is what allows one to build an image on one machine, then pull down that same image and run it on others. One now had the power to pull down an entire software distribution and run it at the drop of a finger tip. This implementation powers the Docker Hub and eventually was open sourced as https://github.com/docker/docker-registry. This protocol and the implementation behind it eventually became known as the V1 protocol. Many an image was pushed and pulled and the developers rejoiced.
Pushing and pulling images continued throughout the ages but, as users began to use Docker with other registries, issues with the V1 protocol arised. The central theme of the problems was around the concept of shared identity across registries and the tight coupling with the Docker implementation. The problem was that if a single Docker Engine pulls images from two separate registries, they may disagree on which image has which identifier. Something needed to change to ensure using multiple registries wouldn’t lead to problems for users.
Towards the end of 2014, Docker began addressing these problems with the introduction of a proposal with the initial API structure. Key to this design was content addressable images, which allowed registries to have common identifiers for images, and the decoupling of internal details of the image format from the Docker Engine, allowing it to evolve on its own. The community came together and produced 140 comments on that proposal that were incorporated into the specification and implementation. The result of this effort was the release of Docker Registry 2.0 with GA support in Docker 1.6 in the spring of 2015. Since then, the Docker community has evolved to meet the growing needs of users.
As a result of the popularity of Docker, this protocol has become widely adopted across the industry. It is battle tested in a wide variety of environments. The protocol integrates well with complementary technologies such as signing and verification, as is available in Docker Enterprise Edition. By donating this specification to the OCI, we can ensure that this important part of the container experience becomes an official OCI standard. The Open Container Initiative previously introduced the runtime-spec and image-spec used by container runtimes. With the acceptance of the distribution-spec proposal, the protocol that has been a key part of using containers will flourish as part of OCI.