Docker Online Meetup #30: Docker Trusted Registry 1.4.1
-
Upload
docker-inc -
Category
Technology
-
view
4.320 -
download
1
Transcript of Docker Online Meetup #30: Docker Trusted Registry 1.4.1
What’s New with Docker Trusted Registry (v1.4.x)?
Docker Trusted Registry Recap
2
•Registry for building, storing and managing images securely, within your firewall
•Maintain control over Docker images to meet your security or regulatory compliance requirements.
DTR Primary Usage Scenarios
CI/CD with Docker
• Centrally located base images• Store individual build images• Pull tested images to production
Containers as a Service
• Deploy Jenkins executors or Hadoop nodes• Instant-on developer environment• Selected curated apps from a catalog• Dynamic composition of micro-services (“PAAS”)
Pre DTR 1.4
General Features
• Admin & Health UI• Registry Storage Status• LDAP/AD Integration• RBAC API (Admin, R/W, R/O)• User actions/API audit logs• Registry v2 API & v2 Image Support• One click install/upgrade
Platform Features
• Storage drivers for filesystem, s3, and azure• Support Tooling• Support for Ubuntu, RHEL, CentOS• Tested at 300 concurrent pulls/instance
DTR 1.4.1 Release
General Features
• Orgs, Teams & Repo permissions UI• Search index, API & UI• Interactive API documentation• Image deletion from index• Image garbage collection
Experimental • Docker Content Trust: View Docker Notary signatures in DTR
DTR 1.4.2 Release (End of Dec)
Platform Features
• Swift Driver Support
Architecture
Datastore
Storage Drivers
Admin UIAudit and Event logs
Directory Services
LoadBalancer
Registry ServersAdminServer
AuthServer
Log Aggregator
Docker Engines
PostgreSQL
LDAPS 636Local Syslog
Docker Client
> docker
HTTPS 443
Demo Time
7
8
Deep Dive: Delete
9
Deep Dive: Delete
10
Deep Dive: Garbage Collection
11
Docker Content Trust Integration
Docker Universal Control Plane Integration
Future Plans and Features
DCT Integrations
● View and manage keys from DTR● Key delegations to DTR orgs & teams● Promote images through signatures
● dev signed -> QA signed -> prod signed● Policy enforcement through integrations
Description
Sysadmin
Dev
Prod Ops
Docker Universal Control Plane Integration
● End-to-end authn integration with LDAP/AD● Cross product RBAC across orgs● Complete CI/CD visibility
Description
Thank you!