David Lawrence

What is Notary and why is it important to CNCF?

As you may have heard, the Notary project has been invited to join the Cloud Native Computing Foundation (CNCF). Much like its real world namesake, Notary is a platform for establishing trust over pieces of content. In life, certain important events such as buying a house are facilitated by a trusted third party called a “notary.” When buying a house, this person is typically employed by the lender to verify your identity and serve as a witness to your signatures on the mortgage agreement. The notary carries a special stamp and will also sign the documents as an affirmation that a notary was present and verified all the required information relating to the borrowers. In a similar manner, the Notary project, initially sponsored by Docker, is designed to provide high levels of trust  over digital content using strong cryptographic signatures. In addition Continue reading…

Victor Coisne

Moby Summit LA alongside Open Source Summit North America

Since the Moby Project introduction at DockerCon 2017 in Austin last April, the Moby Community has been hard at work to further define the Moby project, improve its components (runC, containerd, LinuxKit, InfraKit, SwarmKit, Libnetwork and Notary) and fine processes and clear communication channels. All project maintainers are developing these aspects in the open with the support of the community. Contributors are getting involved on GitHub, giving feedback on the Moby Project Discourse forum and asking questions on Slack. Special Interest Groups (SIGs) for the Moby Project components have been formed based on the Kubernetes model for Open Source collaboration. These SIGs ensure a high level of transparency and synchronization between project maintainers and a community of heterogeneous contributors. In addition to these online channels and meetings, the Moby community hosts regular meetups and summits. Check out the videos and slides from the last Continue reading…

Docker Security Team

Notary 0.2 – Delegations and more!

The Notary ™ project has been continuing to forge towards 1.0 and we’re pleased to announce our 0.2 release. In addition to various minor improvements and bugfixes we have added some significant features. Read on to find out more!

Chris Hines

Docker Webinar Q&A: Intro To Docker Security

Today, security is one the biggest topics within the enterprise world and tops the list of enterprise IT initiatives.  As companies have begun to adopt containers within their environments, they have realized the security benefits that come with them as well. Enterprises can now use containers as a means of actually reducing risk within their organization. Containers are isolated from one another, using the same kernel, but are completely unaware that each other exists. This isolation acts a natural security mechanism, making it difficult for hackers to break into environments and gain control of enterprise applications.

Get the Latest Docker News by Email

Docker Weekly is a newsletter with the latest content on Docker and the agenda for the upcoming weeks.

Diogo Mónica

Introducing Docker Content Trust

Image Signing and Verification using The Update Framework (TUF) A common request that we’ve heard from the Docker community is the need to have strong cryptographic guarantees over what code and what versions of software are being run in your infrastructure. This is an absolute necessity for secure and auditable production deployments. To answer these needs, we are excited to announce a new feature in 1.8 called Docker Content Trust which integrates The Update Framework (TUF) into Docker using Notary, an open source tool that provides trust over any content.

Announcing Docker 1.8: Content Trust, Toolbox, and Updates to Registry and Orchestration

We’re thrilled to announce Docker 1.8 with support for image signing, a new installer, as well as incremental improvements to Engine, Compose, Swarm, Machine and Registry. You’ve been telling us that you want Docker to be more extensible and composed of smaller, standalone components. We hear you loud and clear. In June, we announced our intention to release runC as a separate piece of plumbing. With this release we’re taking another step towards that goal. The system powering image signing has been implemented as a separate piece of plumbing called Notary, and volume plugins, an experimental feature in 1.7, has now been promoted to the stable release. Across the board we’ve been making the usual quality improvements – something we know is important to all of you running Docker in production.