Andrew Weiss

An Update on the Docker FIPS 140-2 Compliance Initiative

Last year, we announced our pursuit of FIPS 140-2 validation of the Docker Enterprise container platform. This meant starting with the included cryptography components at the Docker Engine foundation to better address the rigorous security requirements of government agencies and others in regulated industries. Over the last year, we’ve progressed through the NIST Cryptographic Module Validation Program (CMVP), from “Implementation Under Test” to “Module In Process” and are nearing full completion of validation. Track our progress online at NIST’s CMVP website and as of this post, we are “Module In Process, Coordination”. We are anticipating full validation of Docker Engine – Enterprise in the coming months. Recently Docker Engine – Enterprise version 18.03 was released, our first to include the FIPS 140-2 compliant modules currently undergoing validation by the NIST CMVP. These modules cover the cryptography elements in Docker Engine – Enterprise and are used when Continue reading…

John Harris

Proactive Ops for Container Orchestration Environments: Monitoring and Logging Strategies with Docker Enterprise

Over the last decade, the popularity of microservices and highly-scalable systems has increased, leading to an overall increase in the complexity of applications that are now distributed heavily across the network with many moving pieces and potential failure modes. This architectural evolution has changed the monitoring requirements and led to a need for scalable and insightful tooling and practices to enable us to better identify, debug and resolve issues in our systems before they impact the business and our end users (internal and/or external). I recently gave a talk at DockerCon SF 18 discussing functionality in Docker Enterprise that enables operators to more easily monitor their container platform environment, along with some key metrics and best practices to triage and remediate issues before they cause downtime. You can watch the full talk here:   Monitoring Methodologies One of the most Continue reading…

Nicola Kabar

The Enterprise IT checklist for Docker Operations

At Docker, we believe the best insights come from the developers and IT pros using the Docker platform every day. Since the launch of Docker Enterprise Edition, we learned three things from our customers. First, a top goal in enterprise IT is to deliver value to customers (internal business units or external clients)…and to do so fast. Second, most enterprises believe that Docker is at the center of their IT platform. Finally, most enterprises’ biggest challenge is moving their containerized applications to production in time to prove value. My DockerCon talk focused on addressing the third item, which seems to be a critical one for many of our customers. In our recent customer engagements, we’ve seen a pattern of common challenges when designing and deploying Docker in an enterprise environment. Particularly, customers are struggling to find best practices to speed Continue reading…