Diogo Mónica

The Docker platform and the container has become the standard for packaging, deploying, and managing applications. In order to coordinate running containers across multiple nodes in a cluster, a key capability is required: a container orchestrator. Orchestrators are responsible for critical clustering and scheduling tasks, such as: Managing container scheduling and resource allocation. Support service discovery and hitless application deploys. Distribute the necessary resources that applications need to run. Unfortunately, the distributed nature of orchestrators and the ephemeral nature of resources in this environment makes securing orchestrators a challenging task. In this post, we will describe in detail the less-considered—yet vital—aspect…

Continue reading...
Ben Firshman

There has been incredible growth in the usage of Docker Hub: we have now served over 300 million pulls to developers around the world, and will soon be serving 100 million per month. The current generation of the Registry has done a good job so far, but we know we need a better foundation to support this growth and keep your image pulls running fast and reliably. We’re pleased to announce a huge update to how images are distributed, which will make pulling images dramatically faster and more reliable. It’s the foundation that will support image distribution in years to…

Continue reading...
Diogo Mónica

I’m thrilled to officially announce that Nathan McCauley and I are joining Docker to lead the Security Team. Back in 2011, Nathan and I were fortunate enough to join Square just as it was picking up steam. Square disrupted traditional point-of-sale systems by allowing anyone to take credit-card payments on their phone. And with great, disruptive ideas came new and interesting security engineering challenges. During our time at Square we built a wide range of different systems, from an general purpose cryptography infrastructure, a fully-fledged mutual-TLS micro-service architecture and a small end-to-end encrypted credit-card reader. All of these systems allow…

Continue reading...
Andrea Luzzardi

We are extremely excited to announce the first beta release of Swarm, a native clustering tool for Docker. For the past two years, Docker has made the lives of millions of developers easier by making building, shipping and running applications simpler through containers. However, things get complicated when dealing with more than one host for Docker containers in a distributed environment.  This is where Swarm comes in. Swarm pools together several Docker Engines and exposes them as a single virtual Docker Engine. It serves the standard Docker API, so any tool that already works with Docker can now transparently scale…

Continue reading...