Banjot Chanana

On Monday, February 11, Docker released an update to fix a privilege escalation vulnerability (CVE-2019-5736) in runC, the Open Container Initiative (OCI) runtime specification used in Docker Engine and containerd. This vulnerability makes it possible for a malicious actor that has created a specially-crafted container image to gain administrative privileges on the host. Docker engineering worked with runC maintainers on the OCI to issue a patch for this vulnerability. Docker recommends immediately applying the update to avoid any potential security threats. For Docker Engine-Community, this means updating to 18.09.2 or 18.06.3. For Docker Engine- Enterprise, this means updating to 18.09.2, 18.03.1-ee-6,…

Continue reading...
Manik Taneja

Last week, we launched Docker Enterprise 2.1 – advancing our leadership in the enterprise container platform market. That platform is built on Docker Engine 18.09 which was also released last week for both Community and Enterprise users. Docker Engine 18.09 represents a significant advancement of the world’s leading container engine, introducing new architectures and features that improve container performance and accelerate adoption for every type of Docker user –  whether you’re a developer, an IT admin, working at a startup or at a large, established company. Built on containerd Docker Engine – Community and Docker Engine – Enterprise both ship with containerd…

Continue reading...
Jim Armstrong

Today on the Edge release channels, we released a new beta version of Docker Desktop, the product formerly known as Docker for Windows and Docker for Mac. You can download this new Edge release for both Windows and macOS. Docker Desktop enables you to start coding and containerizing in minutes and is the easiest way to run Docker Engine, Docker Swarm and Kubernetes on Mac and Windows. In addition to simple setup, Docker Desktop also includes other great features and capabilities such as: Fast edit-test cycles with volume mounting for code and data, including file change notifications. If you want to switch from Swarm to…

Continue reading...
Jenny Fong

Last week, the Docker team had a chance to interact with the attendees of VMworld to talk about containers and container platforms. We spoke to companies in all stages of their containerization journey – some were just getting started and figuring out where containers may be used, others had started early containerization projects, some had mature container environments. Here are some of the most common questions we were asked. Q: We have developers that are using Docker containers now, but what is the relevancy of containers to me (as an IT or virtualization admin)? A: While developers were the first to…

Continue reading...
Andrew Weiss

Last year, we announced our pursuit of FIPS 140-2 validation of the Docker Enterprise container platform. This meant starting with the included cryptography components at the Docker Engine foundation to better address the rigorous security requirements of government agencies and others in regulated industries. Over the last year, we’ve progressed through the NIST Cryptographic Module Validation Program (CMVP), from “Implementation Under Test” to “Module In Process” and are nearing full completion of validation. Track our progress online at NIST’s CMVP website and as of this post, we are “Module In Process, Coordination”. We are anticipating full validation of Docker Engine – Enterprise in…

Continue reading...
Patrick Chanezon

Two weeks ago was our eighth DockerCon in just four years. Our community of contributors, developers, IT users, enterprises and ecosystem partners has grown exponentially into the millions,  anchored on our founder Solomon Hykes’ simple premise of democratizing the use of the software container. Today as was from the beginning, Docker creates simple tooling and a universal packaging approach that bundles up all application dependencies inside the container.  Docker Engine enables applications to run anywhere consistently on any infrastructure, solving “dependency hell” for developers and operations teams, and eliminating the “it works on my laptop!” problem. In the past 2…

Continue reading...
Dee Kumar

This week at DockerCon, we announced the Modernize Traditional Applications (MTA) Program to help enterprises make their existing legacy apps more secure, more efficient and portable to hybrid cloud infrastructure. This webinar covers the importance of “WHY NOW and HOW” to start modernizing traditional applications with Docker Enterprise Edition. Legacy applications often serve critical business needs and have to be maintained for a long time. The maintenance of these applications can become expensive and very time consuming. Some applications may have been written decades ago, grown to millions of lines of code  and the team that built and deployed the app may no…

Continue reading...
Kelly Hackenburg

The containerization movement fueled by Docker has extended across all geographic boundaries since the very beginning. Some of Docker’s earliest success stories were from Chinese based, web-scale companies running Docker in production before Docker had released its 1.0 version. Additionally, through the grass roots efforts of the development community, we have thriving Docker Meetups in 20 of China’s largest cities. This is a testament to the innovative spirit within the Chinese developer community because the ability to deliver great community content from Docker Hub has been highly constrained. That is why a partnership with China’s largest public cloud provider is…

Continue reading...