Victor Coisne

Moby Summit LA alongside Open Source Summit North America

Since the Moby Project introduction at DockerCon 2017 in Austin last April, the Moby Community has been hard at work to further define the Moby project, improve its components (runC, containerd, LinuxKit, InfraKit, SwarmKit, Libnetwork and Notary) and fine processes and clear communication channels. All project maintainers are developing these aspects in the open with the support of the community. Contributors are getting involved on GitHub, giving feedback on the Moby Project Discourse forum and asking questions on Slack. Special Interest Groups (SIGs) for the Moby Project components have been formed based on the Kubernetes model for Open Source collaboration. These SIGs ensure a high level of transparency and synchronization between project maintainers and a community of heterogeneous contributors. In addition to these online channels and meetings, the Moby community hosts regular meetups and summits. Check out the videos and slides from the last Continue reading…

Docker Security Team

Notary 0.2 – Delegations and more!

The Notary ™ project has been continuing to forge towards 1.0 and we’re pleased to announce our 0.2 release. In addition to various minor improvements and bugfixes we have added some significant features. Read on to find out more!

Chris Hines

Docker Webinar Q&A: Intro To Docker Security

Today, security is one the biggest topics within the enterprise world and tops the list of enterprise IT initiatives.  As companies have begun to adopt containers within their environments, they have realized the security benefits that come with them as well. Enterprises can now use containers as a means of actually reducing risk within their organization. Containers are isolated from one another, using the same kernel, but are completely unaware that each other exists. This isolation acts a natural security mechanism, making it difficult for hackers to break into environments and gain control of enterprise applications.

Diogo Mónica

Introducing Docker Content Trust

Image Signing and Verification using The Update Framework (TUF) A common request that we’ve heard from the Docker community is the need to have strong cryptographic guarantees over what code and what versions of software are being run in your infrastructure. This is an absolute necessity for secure and auditable production deployments. To answer these needs, we are excited to announce a new feature in 1.8 called Docker Content Trust which integrates The Update Framework (TUF) into Docker using Notary, an open source tool that provides trust over any content.

Get the Latest Docker News by Email

Docker Weekly is a newsletter with the latest content on Docker and the agenda for the upcoming weeks.

Announcing Docker 1.8: Content Trust, Toolbox, and Updates to Registry and Orchestration

We’re thrilled to announce Docker 1.8 with support for image signing, a new installer, as well as incremental improvements to Engine, Compose, Swarm, Machine and Registry. You’ve been telling us that you want Docker to be more extensible and composed of smaller, standalone components. We hear you loud and clear. In June, we announced our intention to release runC as a separate piece of plumbing. With this release we’re taking another step towards that goal. The system powering image signing has been implemented as a separate piece of plumbing called Notary, and volume plugins, an experimental feature in 1.7, has now been promoted to the stable release. Across the board we’ve been making the usual quality improvements – something we know is important to all of you running Docker in production.