At the end of last year we launched vulnerability scanning options as part of the Docker platform. We worked together with our partner Snyk to include security testing options along multiple points of your inner loop. We incorporated scanning options into the Hub, so that you can configure your repositories to automatically scan all the pushed images. We also added a scanning command to the Docker CLI on Docker Desktop for Mac and Windows, so that you can run vulnerability scans for images on your local machine. The earlier in your development that you find these vulnerabilities, the easier and cheaper it is to fix them. Vulnerability scan results also provide remediation guidance on things that you can do to remove the reported vulnerabilities. Some of the examples of remediation include recommendations for alternative base images with lower vulnerability counts, or package upgrades that have already resolved the specified vulnerabilities.
We are now making another update in our security journey, by bringing “docker scan” to the Docker CLI on Linux. The experience of scanning on Linux is identical to what we have already launched for Desktop CLI, with scanning support for linux/amd64 (x86-64) Docker images. The Continue reading
We are excited to announce the release of Docker Desktop 3.4.
This release includes several improvements to Docker Desktop, including our new Volume Management interface, the Compose v2 roll-out, and changes to how to Skip an update to Docker Desktop based on your feedback.
Have you wanted a way to more easily manage and explore your volumes?
In this release we’re introducing a new capability in Docker Desktop that helps you to create and delete volumes from Desktop’s Dashboard as well as to see which ones are In Use.
For developers with Pro and Team Docker subscriptions, we’ll be bringing a richer experience to managing your volumes.
You’ll be able to explore the contents of the volumes so that you can more easily get an understanding of what’s taking up space within the volume.
You’ll also be able to easily see which specific containers are using any particular volume.
We’re also looking to add additional capabilities in the future, such as being able to easily download files from the volume, read-only view for text files, and more. We’d love to hear more about what you’d like to see us prioritize and focus on in improving the Continue reading
As many of you are aware, it has been a difficult period for companies offering free cloud compute . Unfortunately, Docker’s Autobuild service has been targeted by the same bad actors, so today we are disappointed to announce that we will be discontinuing Autobuilds on the free tier starting from June 18, 2021.
In the last few months we have seen a massive growth in the number of bad actors who are taking advantage of this service with the goal of abusing it for crypto mining. For the last 7 years we have been proud to offer our Autobuild service to all our users as the simplest way to set up CI for containerized projects. As well as the increased cost of running the service, this type of abuse periodically impacts performance for paying Autobuild users and induces many sleepless nights for our team
In April we saw the number of build hours spike 2X our usual load and by the end of the month we had already deactivated ~10,000 accounts due to mining abuse The following week we had another ~2200 miners spin up.
As a result of this we have made the hard choice to remove Autobuilds Continue reading
Nearly 80,000 participants registered for DockerCon Live 2021! There were fantastic keynotes, compelling sessions, thousands of interactions and everything in-between that a developer and development teams need to help solve their day-to-day application development challenges.
In all that excitement, you might have missed the new innovations that Docker announced to make it easier for developers to build, share and run your applications from code to cloud. These enhancements are a result of Docker’s continued investment and commitment to make sure developers have the best experience possible while making app development more efficient and secure.
Application security is directly tied to the software supply chain. Developers are realizing the importance of integrating security as early as possible in the development process. They must now consider the security directives of their organization and associated compliance rules while also enabling their teams to work in the most secure, efficient way possible.
These new product enhancements bolster security in a number of dimensions including scanning for vulnerabilities during different development stages and increasing team security by offering tools such as audit logs and scoped access tokens.
Take a look at what we announced:
Verified Publisher Program
Docker launched the Docker Verified Publisher program Continue reading
Docker Inc. started like many startups with engineers working from a single location. For us, this was in the Bay Area in the US. We were very office-centric, so the natural way to increase diversity and to get engineers from different cultures to work together was to open new offices in diverse locations. Right from the start, our goal was to mix American and European ways of producing software, giving us the best of both cultures.
In 2015, Docker started to open offices in Europe, starting with Cambridge in the United Kingdom and followed by Paris in France. With these two locations, the long road to gaining experience working with remote employees began.
Having multiple offices scattered around the world is different from being fully remote. But you still start experiencing some of the challenges of not having everybody in the same location simultaneously. We spent a great deal of our time on planes or trains visiting each other.
Despite the robust open-source culture of the company, which shows that you can build great software while not having everybody in the same room, we still had a very office-centric culture. A lot of the Continue reading
It’s here! Ready or not, DockerCon — our free, one-day, all-digital event designed for developers by developers — has arrived. Registration is open until 9 a.m., so if you haven’t already done so, go ahead and sign up!
This is your chance to learn all you can about modern application delivery in a cloud-native world — including the application development technology, skills, tools and people you need to help solve the problems you face day to day.
Final reminders: Don’t forget to catch our line-up of keynote speakers including Docker CEO Scott Johnston, and to bring your questions to Live Panels hosted by Docker Captain Bret Fisher, as well as our two developer-focused panels and Hema Ganapathy’s women’s panel. Just put your questions on selected topics in chat, and the team will do their best to answer them.
If you still need guidance on what to focus on, here’s a reminder of what not to miss. And don’t forget to come celebrate our global community in Community Rooms — a first at DockerCon.
That’s it! Now go forth and carpe DockerCon!
DockerCon LIVE 2021
Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE is Continue reading
With DockerCon just a day away, let’s not forget to give a big THANK YOU to all our sponsors.
As our ecosystem partners, they play a central role in our strategy to deliver the best developer experience from local desktop to cloud, and/or to offer best-in-class solutions to help you build apps faster, easier and more securely. Translation: We couldn’t do what we do without them.
So be sure to visit their virtual rooms and special sessions at DockerCon this Thursday, May 27. With more than 20 Platinum, Gold or Silver sponsors this year, you’ll have plenty to choose from.
For example, check out AWS’s virtual room and the session with AWS Principal Technologist Massimo Re Ferrè at 3:15 p.m.-3:45 p.m. PDT.
And check out Microsoft’s virtual room and any of the three sessions it’s offering — How to Package DevOps Tools Using Docker Containers (3:45 p.m.- 4:15 p.m.), Container-Based Development with Visual Studio Code (4:15 p.m.- 4:45 p.m.), and Supercharging Machine Learning Development with Azure Machine Learning and Containers in VS Code! (4:45 p.m.- 5:15 p.m.).
Or there’s Mirantis’ virtual room and their two Continue reading
At Docker, we feel strongly about embracing diversity and we are committed to being proactive with respect to inclusion. As an example of our support for diversity, we are hosting the Community Rooms during DockerCon with panels and sessions for our global audience in their native languages. We are also highlighting the contributions from our women Captains and community developers.
At DockerCon, the Women in Tech panel will focus on the breadth and depth of knowledge from our panelists and their experiences using Docker technology throughout their career. Join us as we discuss the career choices that led these women to become application developers and hear about key innovations that they are working on.
Women in Tech Panel 4:15 Pacific on May 27, 2021
This panel is just one event out of a one day event packed with demonstrations, product announcement, company updates and more – all of it is focused on modern application delivery in a cloud-native world.
Our panelists and moderators include:
Hema Ganapathy – Moderator
Product Marketing, Docker
Hema is a highly seasoned technology professional with 30+ years of experience in software development, telecommunications, cloud computing and big data. She has held senior positions in Continue reading
Can you feel it? DockerCon is just days away. There’s still time to register before the one-day, free, virtual extravaganza takes place this Thursday, May 27. Demonstrations, product announcements, company updates — you name it, it’s on the program. All of it focused on modern application delivery in a cloud-native world.
Do DockerCon your way. There’s tons of options. Be sure to catch our line-up of top-notch keynote speakers, which includes Docker CEO Scott Johnston, CTO Justin Cormack, VP of Products Donnie Berkholz, and special guests from GitHub and Orbital Insight.
Check out our recent blog on what not to miss, such as sessions on coding using Docker’s new HTTP APIs, a dive into Docker Dev Environments, tips for navigating a multi-architecture world, and what to do if your container image has more vulnerabilities than you have Twitter followers.
Got questions? Find answers via Live Panels hosted by Docker Captain Bret Fisher, join Peter McKee on two developer focused panels and participate in Hema Ganapathy’s women’s panel. Just put your questions on selected topics in chat, and the team will do their best to answer them. Note: These live streamed Q&A sessions tend to be DevOps focused Continue reading
You’ll have no shortage of content to choose from at DockerCon 2021. The one-day virtual event on May 27 will offer a smorgasbord of demonstrations, product announcements, company updates and more — all of it focused on modern application delivery in a cloud-native world.
But if you need some help narrowing down what’s in the must-see category, allow us to recommend the following key sessions. They include hands-on coding using Docker’s new HTTP APIs, a dive into Docker Dev Environments, tips for navigating a multi-architecture world, and what to do if your container image has more vulnerabilities than you have Twitter followers.
Check them out. They’re all free! And if you can’t participate live, you can watch recordings at your own pace.
DockerCon LIVE 2021
Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon LIVE 2021 offers engaging live content to help you build, share and run your applications. Continue reading
Guest post by Docker Captain Bret Fisher, a DevOps consultant and the creator of the popular Docker Mastery Udemy course. Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE for a free, one day virtual event at https://dockr.ly/2PSJ7vn
I have the pleasure of hosting many of the live events at DockerCon this year. You may remember my 7+ hour non-stop live stream from last year’s DockerCon LIVE 2020 with nearly 20 guests:
This year we’re calling them Live Panels. You’ll find them in their own track in the schedule.
If you’ve never visited one of my live streams before, they tend to be DevOps focused, and as practical and real-world as we can be. Come ready to ask my guests questions in chat on our selected topics, and we’ll do our best to answer as many as we can! You get to guide the conversation with the live stream chat Q&A.
I’m hosting three live panels on three topics. I wanted to discuss the top three things that I think are the hottest topics in Docker and Cloud Native container tech today for developers and DevOps professionals, so be sure to stop Continue reading
Tune in as host Peter McKee turns over the controls to Brandon Waterloo for a show-and-tell of how to work with Docker and Visual Studio Code (VSCode). A senior software engineer at Microsoft, Waterloo is the lead developer of the Docker extension and works mainly on the Docker extension for VSCode.
VSCode is a streamlined source-code editor made by Microsoft for Windows, Linux and macOS that’s fine-tuned for building and debugging modern web and cloud applications. The Docker extension makes it easier to build apps that leverage Docker containers, helps scaffold needed files, build Docker images, debug your app inside a container and more.
Follow along as Waterloo builds a basic Python FastAPI app with a Redis backend and a simple hit counter, adding Docker files in order to containerize it. Along the way, he and McKee talk scaffolding, running, debugging, syntax highlighting, intelligent code completion, snippets and the climate benefits of living in Texas (McKee) versus Michigan (Waterloo).
Watch the video here:
Join Us for DockerCon LIVE 2021
Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE is a free, one day virtual event that is a unique experience for developers and development teams who Continue reading
In line with our promise last year to continue publishing incident reviews for Docker Hub, we have two to discuss from April. While many users were unaffected, it is important for us to be transparent with our community, and we hope it is both informative and instructive.
Starting at about 07:30 UTC, a small proportion of registry requests (under 3%) against Docker Hub began failing. Initial investigation pointed towards several causes, including overloaded internal DNS services and significant and unusual load from several users and IPs. Changes were made to address all of these (scaling, blocking, etc), and while the issue seemed to resolve for several hours at a time, it continued coming back.
The issue re-occurred intermittently into the next day, at which point the actual root cause was determined to be under-scaled load balancers doing service discovery and routing for our applications.
In the past, the bottleneck for the load balancing system was network bandwidth on the nodes, and auto scaling rules were thus tied to bandwidth metrics. Over time and across some significant changes to this system, the load balancing application had become more CPU intensive, and thus the current auto scaling setup Continue reading
Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon LIVE 2021 offers engaging live content to help you build, share and run your applications. Register today at https://dockr.ly/2PSJ7vn
With DockerCon just around the corner, we’re pleased to announce our outstanding keynote speaker line-up.
Among the Docker luminaries taking the virtual stage May 27 will be CEO Scott Johnston, CTO Justin Cormack and VP of Products Donnie Berkholz. Look for keynotes, too, from special guests Dana Lawson, GitHub VP of Engineering, and Matt Falk, VP of Engineering, Data Science and Computer Vision at Orbital Insight.
Picking up hosting duties will be Docker’s Peter McKee and William Quiviger, along with DevOps consultant and Docker Captain Bret Fisher.
They’re just part of the one-day event packed with demonstrations, product announcements, company updates and more — all of it focused on modern application delivery in a cloud-native world.
Last year 78,000 registrants Continue reading
Join host Peter McKee and Python wizard Michael Kennedy for a warts-and-all demo of how to Dockerize a Python app using FastAPI, a popular Python framework. Kennedy is a developer and entrepreneur, and the founder and host of two successful Python podcasts — Talk Python To Me and Python Bytes. He’s also a Python Software Foundation Fellow.
With some skillful back-seat driving by McKee, Kennedy shows how to build a bare-bones web API — in this case one that allows you to ask questions and get answers about movies (director, release date, etc.) — by mashing together a movie service and FastAPI. Next, he shows how to put it into a Docker container, create an app and run it, finally sharing the image on GitHub.
If you’re looking for a scripted, flawless, pre-recorded demo, this is not the one for you! McKee and Kennedy iterate and troubleshoot their way through the process — which makes this a great place to start if you’re new to Dockerizing Python apps. Install scripts, libraries, automation, security, best practices, and a pinch of Python zen — it’s all here. (Duration 1 hour, 10 mins.)
Join Us for DockerCon LIVE 2021
Join us Continue reading
The Docker community spans the four corners of the world. To celebrate the global nature of our community at DockerCon this year, we’ve created something new: Community Rooms.
Building on the learnings of our “regional rooms experiment” during our last Community All-Hands, Community Rooms are virtual spaces that DockerCon attendees will be able to join to discuss, share and learn about Docker in their own language and/or around a specific topic area.
The main focus of these Community Rooms is to bring people together and encourage interaction so we have set them up to be 100% live. Yep, that’s right, all the content you’ll find in these rooms, whether they’re talks, demos, workshops, panel discussions etc. will be in real-time, all broadcast over a live Zoom link.
Hosted by the Community for the Community
Each Community Room will be overseen by Docker Captains and Community Leaders. They will be responsible for every aspect of the room, from the curation of content, to the management of the schedule, to the recruitment of the speakers, to the moderation of their room’s live chat.
There will be seven community rooms to choose from, each with one or Continue reading
DockerCon Live 2021 is almost here and it’s going to be one to remember. Our one-day, all-digital event on May 27 will be jam-packed with the application development technology, skills, tools and people you need to help solve the problems you face day to day — all for free.
Designed for developers by developers, this year’s event is all about modern application delivery in a cloud-native world. At DockerCon, you’ll learn how Docker helps you grow your development capacity and community connections so you can accelerate how you build, share and run your applications, and spend more of your time actually coding the next great application.
Ten Reasons to Attend
WIth exactly one month before lift off, here’s a quick update on all the goodness that awaits you at this year’s DockerCon LIVE 2021. Like last year, we’ll have one full day of keynotes, breakout sessions across several tracks and live panels and interviews. The current agenda and full list of speakers is available on our website.
Engaging in real-time
A big focus is live content and interaction between speakers and attendees. Our partners at The Cube have worked hard on improving their conference platform and expanding on functionality, so get ready for more real-time content and awesome new features to help speakers and attendees connect, meet, greet, share and learn from each other.
To help set the stage, that day kick’s with must-see keynotes from Docker leadership and compelling guest speakers. We’ll have a special post about our keynote line-up on our blog soon.
We’re still building out the schedule (yes, that’s what happens when you have so much awesome content to work with!) but we anticipate that we’ll have at least 40 breakout sessions with an absolutely stellar line-up of speakers. You can find the current list of speakers here and the Continue reading
Guest post by Docker Captain Gianluca Arbezzano
Recently Corey Quinn from LastWeekInAWS wrote an article that made me think “Nobody Cares About the Operating System Anymore”. Please have a look at it! I like the idea that nobody cares about where their application runs. Developers only want them running.
I am one of the maintainers for the Tinkerbell project. A bare metal workflows engine that heavily relies on containers and Docker to get its work done. It tries to find an answer for a reasonable question: how do we manage rooms of pieces of hardware? More in practice, how can we bring an API on top of everybody’s data centers?
Containers are the abstraction we decided to use when running reusable code (that we call actions) in somebody else’s hardware. Mainly because distribution, packaging, and runtime are solved issues. Everyone knows how to build, push and run a container.
I think this scenario compares well with the story Corey highlighted. Operating systems are an established, well-known abstraction for the majority of the use cases.
The lifecycle of a bare metal server can be summarised as follows:
With just over a month to go before DockerCon LIVE 2021, we’re thrilled to announce our first round of speakers. We have returning favorites and compelling new first time speakers to round out your DockerCon experience.
We received hundreds of amazing speaker proposals which made it difficult to select just a few. We set up a small team this year composed of seven Docker staff members and three Docker Captains to diligently review each proposal and deliberate once a week. We have more speakers and sessions to announce so stay tuned.
Remember, if you haven’t registered for DockerCon, please make sure to do so now to get an early peak at the conference website.
Melissa McKay – Developer Advocate @ JFrog
The Docker and Container Ecosystem 101
Lukonde Mwila – Senior Software Engineer @ Entelect
Docker Swarm: A Journey to the AWS Cloud
Peter Mckee – Head of Developer Relations @ Docker
Event Emcee and Panel Moderator
Bret Fisher – DevOps Consultant and Docker Captain
Julie Lerman – Software Coach and Docker Captain
Nick Janetakis – Full-Stack Developer and Docker Captain
Best Practices around Creating a Production Ready Web App with Docker Continue reading