Ryan Kennedy

Federated Application Management in Docker Enterprise Edition

Today at DockerCon, we demonstrated new application management capabilities for Docker Enterprise Edition that will allow organizations to federate applications across Docker Enterprise Edition environments deployed on-premises and in the cloud as well as across cloud-hosted Kubernetes. This includes Azure Kubernetes Service (AKS), AWS Elastic Container Service for Kubernetes (EKS), and Google Kubernetes Engine (GKE). A Single Control Plane for Multi-Cloud Deployments Most enterprise organizations have a hybrid or multi-cloud strategy and the rise of containers has helped to make applications more portable. However, when organizations start to adopt containers as their default application format, they start to run into the challenges of managing multiple container environments, especially when each of them has a different set of access controls, governance policies, content repositories and operational models. For common hybrid and multi-cloud use cases like bursting applications to the cloud for Continue reading…

Andrew Weiss

Automating Compliance for Highly Regulated Industries with Docker Enterprise Edition and OSCAL

Source: NIST.gov and C2 Labs  Highly-regulated industries like financial services, insurance and government have their own set of complex and challenging regulatory IT requirements that must be constantly maintained. For this reason, the introduction of new technology can sometimes be difficult. Docker Enterprise Edition provides these types of organization with both a secure platform on which containers are the foundation for building compliant applications and a workflow for operational governance at scale. The problem remains that even with the technology innovation of containers, cloud and other new tools, the area of IT compliance has remained relatively unchanged with security standards that lag far behind, creating mismatches of traditional controls to modern systems. Organizations are still dependent on the same mundane, paperwork-heavy audit and reporting processes of previous decades. The time and cost to build a PCI, FISMA or HIPAA compliant Continue reading…

Jenny Fong

A Secure Supply Chain for Kubernetes, Part 2

Two weeks ago we shared how the upcoming release of Docker Enterprise Edition (Docker EE) is able to secure the software supply chain for Kubernetes; just as it does for Docker Swarm through a combination of scanning for vulnerabilities and implementing image promotion policies. In this blog, we’ll take a closer look at another part of this solution – Docker Content Trust and image signing. When combined with granular Role Based Access Controls [RBAC] and the secure clustering features of Docker EE, organizations get a secure container platform solution that is ready for the enterprise. Restricting Unverified Kubernetes Content As discussed in Part 1 of this blog post, organizations typically have a “supply chain” for how applications progress from a developer’s laptop to production, whether that is on-premises or in the cloud. For larger organizations, the team that handles QA and testing is not always Continue reading…

Jenny Fong

A Secure Supply Chain for Kubernetes

The beta release of the Docker Enterprise Edition (Docker EE) container platform last month integrates Kubernetes orchestration, running alongside Swarm, to provide a single container platform that supports both legacy and new applications running on-premises or in the cloud. For organizations that are exploring Kubernetes or deploying it in production, Docker EE offers integrated security for the entire lifecycle of a containerized application, providing an additional layer of security before the workload is deployed by Kubernetes and continuing to secure the application while it is running. Mike Coleman previously discussed access controls for Kubernetes. This week we’ll begin discussing how Docker EE secures the Kubernetes supply chain. What is a Software Supply Chain? When you purchase something from a retail store, there is an entire supply chain that gets the product from raw materials to the manufacturer to you. Similarly, there is Continue reading…

Get the Latest Docker News by Email

Docker Weekly is a newsletter with the latest content on Docker and the agenda for the upcoming weeks.

Justin Cormack

Top 5 blogs of 2017: LinuxKit, A Toolkit for building Secure, Lean and Portable Linux Subsystems

In case you’ve missed it, this week we’re highlighting the top five most popular Docker blogs in 2017. Coming in the third place is the announcement of LinuxKit, a toolkit for building secure, lean and portable Linux Subsystems.   LinuxKit includes the tooling to allow building custom Linux subsystems that only include exactly the components the runtime platform requires. All system services are containers that can be replaced, and everything that is not required can be removed. All components can be substituted with ones that match specific needs. It is a kit, very much in the Docker philosophy of batteries included but swappable. LinuxKit is an open source project available at https://github.com/linuxkit/linuxkit. To achieve our goals of a secure, lean and portable OS,we built it from containers, for containers.  Security is a top-level objective and aligns with NIST stating, in their Continue reading…

Victor Coisne

Top 5 Docker Customer Success Stories of 2017

The holidays are a time of joy, gratitude and reflection. As we look back on the year, we’re celebrating you, our amazing customers! You are the ones that inspire us to innovate. We appreciate the business and are grateful for the opportunity! With that we’d like to put the spotlight on the top 5 Docker Enterprise Edition (Docker EE) customer stories of 2017. Docker Enterprise Edition Lights a New Spark of Innovation within MetLife MetLife, the global provider of insurance, annuities, and employee benefit programs, will be celebrating it’s 150th birthday next year. To stay ahead of the competition, MetLife realizes it must be agile to more rapidly respond to changing market requirements. During the Day 2 General Session at DockerCon 2017, MetLife shared how they’re inspiring new innovation in their organization with Docker EE. MetLife also took part in Continue reading…

Jenny Fong

Integrating Docker EE Into Société Générale’s Existing Enterprise IT Systems

Société Générale is a 153-year old French multinational bank that believes technology and innovation are key to enriching the customer experience and advancing economic development. A few years ago, the bank started a project to define their next generation application platform that would help them get 80% of their applications running in the cloud by 2020. Société Générale chose Docker Enterprise Edition (Docker EE) to be the foundation of their application platform and began working with it 15 months ago. This year at DockerCon Europe, Stephan Dechoux, DevOps architect, and Thomas Boussardon, Middleware Specialist, shared their journey over this time integrating Docker Enterprise Edition [Docker EE] into Société Générale IT systems. You can watch their breakout session here: A New Platform For Today and Tomorrow Société Générale has a diverse application portfolio that includes many different types of applications, including legacy monolithic Continue reading…

David Lawrence

What is Notary and why is it important to CNCF?

As you may have heard, the Notary project has been invited to join the Cloud Native Computing Foundation (CNCF). Much like its real world namesake, Notary is a platform for establishing trust over pieces of content. In life, certain important events such as buying a house are facilitated by a trusted third party called a “notary.” When buying a house, this person is typically employed by the lender to verify your identity and serve as a witness to your signatures on the mortgage agreement. The notary carries a special stamp and will also sign the documents as an affirmation that a notary was present and verified all the required information relating to the borrowers. In a similar manner, the Notary project, initially sponsored by Docker, is designed to provide high levels of trust  over digital content using strong cryptographic signatures. In addition Continue reading…