Suzanne Panoplos

If you’re not one of the thousands of expected attendees at DockerCon 2019 in San Francisco, don’t worry! There are still many ways you can stay connected to the announcements, awesome demos and all of the amazing content coming out of this year’s event. Although we will miss you this year, we’ve put together a few suggestions to stay current on all things DockerCon. If you’re not one of the thousands of expected attendees at DockerCon 2019 in San Francisco, don’t worry! There are still many ways you can stay connected to the announcements, cool demos and all of the…

Continue reading...
Banjot Chanana

On Monday, February 11, Docker released an update to fix a privilege escalation vulnerability (CVE-2019-5736) in runC, the Open Container Initiative (OCI) runtime specification used in Docker Engine and containerd. This vulnerability makes it possible for a malicious actor that has created a specially-crafted container image to gain administrative privileges on the host. Docker engineering worked with runC maintainers on the OCI to issue a patch for this vulnerability. Docker recommends immediately applying the update to avoid any potential security threats. For Docker Engine-Community, this means updating to 18.09.2 or 18.06.3. For Docker Engine- Enterprise, this means updating to 18.09.2, 18.03.1-ee-6,…

Continue reading...
Jenny Fong

Last week, the Docker team had a chance to interact with the attendees of VMworld to talk about containers and container platforms. We spoke to companies in all stages of their containerization journey – some were just getting started and figuring out where containers may be used, others had started early containerization projects, some had mature container environments. Here are some of the most common questions we were asked. Q: We have developers that are using Docker containers now, but what is the relevancy of containers to me (as an IT or virtualization admin)? A: While developers were the first to…

Continue reading...
Andrew Weiss

Source: NIST.gov and C2 Labs  Highly-regulated industries like financial services, insurance and government have their own set of complex and challenging regulatory IT requirements that must be constantly maintained. For this reason, the introduction of new technology can sometimes be difficult. Docker Enterprise Edition provides these types of organization with both a secure platform on which containers are the foundation for building compliant applications and a workflow for operational governance at scale. The problem remains that even with the technology innovation of containers, cloud and other new tools, the area of IT compliance has remained relatively unchanged with security standards…

Continue reading...
Betty Junod

This year’s summit reflected what is top of mind for government organizations, namely IT modernization and what that means for infrastructure, applications, data and the workforce. As mentioned in the keynote address, the line between government IT and private sector IT is blurring now more than ever. From the priorities outlined in the White House IT Modernization Report to the discussions at the recent IT modernization summit, the themes focus on results of better customer service and better stewardship of tax dollars. Better customer service translates into improving existing services, delivering new services and increasing transparency. To that end, government organizations are taking…

Continue reading...
Jenny Fong

Two weeks ago we shared how the upcoming release of Docker Enterprise Edition (Docker EE) is able to secure the software supply chain for Kubernetes; just as it does for Docker Swarm through a combination of scanning for vulnerabilities and implementing image promotion policies. In this blog, we’ll take a closer look at another part of this solution – Docker Content Trust and image signing. When combined with granular Role Based Access Controls [RBAC] and the secure clustering features of Docker EE, organizations get a secure container platform solution that is ready for the enterprise. Restricting Unverified Kubernetes Content As discussed in Part 1 of…

Continue reading...
Jenny Fong

ASSA ABLOY is the world’s largest lock manufacturer with 47,000 employees worldwide and well-known brands like Yale, Sargent and Assa in their portfolio. The vision for ASSA ABLOY is to become the most innovative provider of door opening solutions through growth of electro-mechanical and digital entry solutions. With increasingly global operations to deal with as well, ASSA ABLOY recognized the opportunity to leverage public cloud, microservices and containers to fuel this digital transformation. Jan Hedstrom, Cloud Infrastructure Architect in the Shared Technologies department at ASSA ABLOY, and Patrick Van Der Bleek, Solutions Engineer at Docker, presented at DockerCon Europe how…

Continue reading...
Diogo Mónica

The Docker platform and the container has become the standard for packaging, deploying, and managing applications. In order to coordinate running containers across multiple nodes in a cluster, a key capability is required: a container orchestrator. Orchestrators are responsible for critical clustering and scheduling tasks, such as: Managing container scheduling and resource allocation. Support service discovery and hitless application deploys. Distribute the necessary resources that applications need to run. Unfortunately, the distributed nature of orchestrators and the ephemeral nature of resources in this environment makes securing orchestrators a challenging task. In this post, we will describe in detail the less-considered—yet vital—aspect…

Continue reading...