Kategorie: Kubernetes

Docker Community All Hands: Event Recap, December 2021

One year ago, we kicked off the Community All Hands (CAH) event. The goal was to bring together Docker staff and community members for the latest product updates. This time, we’ve evolved the CAH to include multiple community tracks that give our amazing community members the opportunity to share their knowledge and expertise.  

The event had a main track, hosted by our core team, and seven community tracks. We were blown away by the level of engagement and participation from our community – over 1000 people tuned in to watch the Community talks. 

We also had a networking section where people could speak to each other and meet Docker staff. This was a great opportunity for people to learn more about our team, meet the engineers behind the curtains, and even learn about how you can work at Docker.

Scott Johnston, CEO of Docker, kicked off the company’s Community All Hands event with a presentation on the yearly recap. He highlighted some of the most important moments and accomplishments of the Docker developer community over the past year. 

 The company is focusing its roadmap and priorities on three things for developers: speed, choice, and security. 

“It’s been quite a year for all of us, and we hope you are safe and continue to stay safe and well. But it’s been also a very positive year for the Docker developer community,” Scott said. “We’re so excited about heading into the next year. It’s going to be a phenomenal year with new features, content and experiences for developers.”

One of the highlights of our Community All Hands was a panel hosted by Peter McKee with key staff from Docker Desktop, including Engineers and Product Managers. They discussed Docker Desktop’s licensing questions, roadmap, and new features. Anca Iordache talked about Awesome Compose, a collection of templates to help you start your next Docker project.

We also hosted a beginner’s track to help you get started with containers. You can hear from Docker Captains about how you can overcome the barriers in learning when trying new technologies.

Finally, the members of our Open Source programs presented their projects and explained how they use Docker to speed up their work. They showcased their projects in multiple disciplines like Bioinformatics, Developer Tooling, Machine Learning, DevOps, and Security.

The Docker developer community is thriving, and the company is committed to continuing to support and invest in it. Thank you to all of the developers who have contributed to the Docker community over the past year – we can’t wait to see what you build next.

If you missed our Community All Hands meeting, we got you. You can watch all the talks and panels on demand.

DockerCon2022

Join us for DockerCon2022 on Tuesday, May 10. DockerCon is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon 2022 offers engaging live content to help you build, share and run your applications. Register today at https://www.docker.com/dockercon/
The post Docker Community All Hands: Event Recap, December 2021 appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

WSL 2 GPU Support for Docker Desktop on NVIDIA GPUs

It’s been a year since Ben wrote about Nvidia support on Docker Desktop. At that time, it was necessary to take part in the Windows Insider program, use Beta CUDA drivers, and use a Docker Desktop tech preview build. Today, everything has  changed:

On the OS side, Windows 11 users can now enable their GPU without participating in  the Windows Insider program. Windows 10 users still need to register.Nvidia CUDA drivers have been released.Last, the GPU support has been merged in Docker Desktop (in fact since version 3.1).

Nvidia used the term near-native to describe the performance to be expected.

Where to find the Docker images

Base Docker images are hosted at https://hub.docker.com/r/nvidia/cuda. The original project is located at https://gitlab.com/nvidia/container-images/cuda.

What they contain

The nvidia-smi utility allows users to query information on the accessible devices.

$ docker run -it –gpus=all –rm nvidia/cuda:11.4.2-base-ubuntu20.04 nvidia-smi
Tue Dec 7 13:25:19 2021
+—————————————————————————–+
| NVIDIA-SMI 510.00 Driver Version: 510.06 CUDA Version: 11.6 |
|——————————-+———————-+———————-+
| GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC |
| Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. |
| | | MIG M. |
|===============================+======================+======================|
| 0 NVIDIA GeForce … On | 00000000:01:00.0 Off | N/A |
| N/A 0C P0 13W / N/A | 132MiB / 4096MiB | N/A Default |
| | | N/A |
+——————————-+———————-+———————-+

+—————————————————————————–+
| Processes: |
| GPU GI CI PID Type Process name GPU Memory |
| ID ID Usage |
|=============================================================================|
| No running processes found |
+—————————————————————————–

The dmon function of nvidia-smi allows monitoring the GPU parameters :

$ docker exec -ti $(docker ps -ql) bash
root@7d3f4cbdeabb:/src# nvidia-smi dmon
# gpu pwr gtemp mtemp sm mem enc dec mclk pclk
# Idx W C C % % % % MHz MHz
0 29 69 – – – 0 0 4996 1845
0 30 69 – – – 0 0 4995 1844

The nbody utility is a CUDA sample that provides a benchmarking mode.

$ docker run -it –gpus=all –rm nvcr.io/nvidia/k8s/cuda-sample:nbody nbody -benchmark
…
> 1 Devices used for simulation
GPU Device 0: “Turing” with compute capability 7.5

> Compute 7.5 CUDA device: [NVIDIA GeForce GTX 1650 Ti]
16384 bodies, total time for 10 iterations: 25.958 ms
= 103.410 billion interactions per second
= 2068.205 single-precision GFLOP/s at 20 flops per interaction

Quick comparison to a CPU suggest a different order of magnitude of performance. GPU is 2000 times faster:

> Simulation with CPU
4096 bodies, total time for 10 iterations: 3221.642 ms
= 0.052 billion interactions per second
= 1.042 single-precision GFLOP/s at 20 flops per interaction

What can you do with a paravirtualized GPU?

Run cryptographic tools

Using a GPU is of course useful when operations can be heavily parallelized. That’s the case for hash analysis. dizcza hosted its nvidia-docker based images of hashcat on Docker hub. This image magically works on Docker Desktop!

$ docker run -it –gpus=all –rm dizcza/docker-hashcat //bin/bash
root@a6752716788d:~# hashcat -I
hashcat (v6.2.3) starting in backend information mode

clGetPlatformIDs(): CL_PLATFORM_NOT_FOUND_KHR

CUDA Info:
==========

CUDA.Version.: 11.6

Backend Device ID #1
Name………..: NVIDIA GeForce GTX 1650 Ti
Processor(s)…: 16
Clock……….: 1485
Memory.Total…: 4095 MB
Memory.Free….: 3325 MB
PCI.Addr.BDFe..: 0000:01:00.0

From there it is possible to run hashcat benchmark

hashcat -b
…
Hashmode: 0 – MD5
Speed.#1………: 11800.8 MH/s (90.34ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1
Hashmode: 100 – SHA1
Speed.#1………: 4021.7 MH/s (66.13ms) @ Accel:32 Loops:512 Thr:1024 Vec:1
Hashmode: 1400 – SHA2-256
Speed.#1………: 1710.1 MH/s (77.89ms) @ Accel:8 Loops:1024 Thr:1024 Vec:1
…

Draw fractals

The project at https://github.com/jameswmccarty/CUDA-Fractal-Flames uses CUDA for generating fractals. There are two steps to build and run on Linux. Let’s see if we can have it running on Docker Desktop. A simple Dockerfile with nothing fancy helps for that.

# syntax = docker/dockerfile:1.3-labs
FROM nvidia/cuda:11.4.2-base-ubuntu20.04
RUN apt -y update
RUN DEBIAN_FRONTEND=noninteractive apt -yq install git nano libtiff-dev cuda-toolkit-11-4
RUN git clone –depth 1 https://github.com/jameswmccarty/CUDA-Fractal-Flames /src
WORKDIR /src
RUN sed ‘s/4736/1024/’ -i fractal_cuda.cu # Make the generated image smaller
RUN make

And then we can build and run:

$ docker build . -t cudafractal
$ docker run –gpus=all -ti –rm -v ${PWD}:/tmp/ cudafractal ./fractal -n 15 -c test.coeff -m -15 -M 15 -l -15 -L 15

Note that the –gpus=all is only available to the run command. It’s not possible to add GPU intensive steps during the build.

Here’s an example image:

Machine learning

Well really, looking at GPU usage without looking at machine learning would be a miss. The tensorflow:latest-gpu image can take advantage of the GPU in Docker Desktop. I will simply point you to Anca’s blog earlier this year. She described a tensorflow example and deployed it in the cloud: https://www.docker.com/blog/deploy-gpu-accelerated-applications-on-amazon-ecs-with-docker-compose/

Conclusion: What are the benefits for developers? 

At Docker, we want to provide a turn key solution for developers to execute their workflows seamlessly:

With Docker Desktop, developers can run their code locally and deploy to the infrastructure of their choice.We provide support in the issue tracker https://github.com/docker/for-winDownload the latest version of Docker Desktop now.

DockerCon2022

Join us for DockerCon2022 on Tuesday, May 10. DockerCon is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon 2022 offers engaging live content to help you build, share and run your applications. Register today at https://www.docker.com/dockercon/
The post WSL 2 GPU Support for Docker Desktop on NVIDIA GPUs appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

The Grace Period for the Docker Subscription Service Agreement Ends Soon – Here’s What You Need to Know

Remember the updates to our product subscription tiers we announced on August 31? You may recall we also announced a grace period for those that need to transition from a free to a paid subscription to use Docker Desktop. This is a friendly reminder that that grace period is ending on January 31, 2022.

Docker trusts our customers to be in compliance by January 31, 2022 and Docker Desktop will continue to function normally after January 31st. But this is a reminder that unpaid commercial use by companies over 250 employees or $10 million USD in annual revenue will be out of compliance with the Docker Subscription Service Agreement.

Updated Docker Subscription Tiers

To recap our August 31 announcement, Docker announced updated product subscription tiers — Docker Personal, Docker Pro, Docker Team and Docker Business. Docker Personal replaces Docker Free and it remains free for personal use, education, non-commercial open source projects, and small businesses. Docker Business is our newest subscription offering that enables commercial use of Docker Desktop, and includes additional enterprise-grade management and security features like Image Access Management, vulnerability scanning, SAML SSO, and more.

The updated subscription terms for Docker Desktop reflect our need to scale our business sustainably and enables us to continue providing value across all Docker subscriptions. Check out our pricing page and Subscription Cheat Sheet to compare our subscription tiers and figure out which subscription is right for you and your organization. 

Using Docker Desktop in large commercial organizations will require a Pro, Team or Business paid subscription, starting at $5 a month. Docker Desktop remains free for small businesses (fewer than 250 employees AND less than $10 million USD in annual revenue), as well as for personal use, education, and non-commercial open source projects.

Docker Desktop: More than a Container UI

Thousands of developers use Docker Desktop in production but many people may not realize just how much value Docker Desktop packs under the hood. Docker Desktop manages all the complexities of integrating, configuring and maintaining Docker Engine and Kubernetes in Windows and Mac desktop environments (filesystems, VMs, networking and more). This allows developers to spend more time building applications and less time tinkering with infrastructure. With a paid subscription, organizations get additional value from Docker Desktop, including capabilities for managing secure software supply chains, centralizing policy visibility and controls, and easily managing users and access for hundreds or thousands of developers.

Docker Business Enables Scalability and Security 

​​The new Docker Business subscription is designed for organizations that use Docker at scale for application development, and that require features like secure software supply chain management, single sign-on (SSO), container registry access controls and more. It has an easy-to-use SaaS-based management plane that allows IT leaders to efficiently observe and manage all their Docker development environments and accelerate their secure software supply chain initiatives. Docker Business also includes Image Access Management which gives admins the ability to control which container images developers can access from Docker Hub, ensuring teams are building securely from the start by using only trusted content. 

Image Access Management is just the first of many control-plane features to be added to Docker Business. In the not-too-distant future look for SAML-based SSO; support for local registries such as JFrog Artifactory, along with other public registries such as ECR; visibility into which images are being consumed, versions and security vulnerabilities, and more security, management, and  productivity features. Check out the Docker Business Whitepaper to learn more about how Docker Business extends the Docker experience developers already know and love with premium features and capabilities.

Learn More

Again, the Docker Subscription Service Agreement went into effect on August 31st and the grace period for those who need to switch to a paid Docker subscription under the new terms ends soon on January 31, 2022. We’ve put together resources to help make this transition as easy as possible: 

Use the Docker Subscription Cheat Sheet to figure out which subscription is right for you.Do the New Terms of Docker Desktop Apply If You Don’t Use the Docker Desktop UI? Read this to find out.Considering an alternative to Docker Desktop? Read this blog recapping Docker Captain Bret Fisher’s video on your options.Check out the FAQ on the subscription and licensing updates.Read about “The Magic Behind the Scenes of Docker Desktop.”Check out a recording from our recent Docker Business Webinar.

Learn more about Docker Business in our white paper, Build Modern and Secure Applications at Scale with Docker Business.

DockerCon2022

Join us for DockerCon2022 on Tuesday, May 10. DockerCon is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon 2022 offers engaging live content to help you build, share and run your applications. Register today at https://www.docker.com/dockercon/
The post The Grace Period for the Docker Subscription Service Agreement Ends Soon – Here’s What You Need to Know appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

Apache Log4j 2 CVE-2021-44228

We know that many of you are working hard on fixing the new and serious Log4j 2 vulnerability CVE-2021-44228, which has a 10.0 CVSS score. We send our #hugops and best wishes to all of you working on this vulnerability, now going by the name Log4Shell. This vulnerability in Log4j 2, a very common Java logging library, allows remote code execution, often from a context that is easily available to an attacker. For example, it was found in Minecraft servers which allowed the commands to be typed into chat logs as these were then sent to the logger. This makes it a very serious vulnerability, as the logging library is used so widely and it may be simple to exploit. Many open source maintainers are working hard with fixes and updates to the software ecosystem.

We want to help you as much as we can in this challenging time, and we have collected as much information as possible for you here, including how to detect the CVE and potential mitigations. 

We will update this post as more information becomes available.

Am I vulnerable?

The vulnerable versions of Log4j 2 are versions 2.0 to version 2.14.1 inclusive. The first fixed version is 2.15.0. We strongly encourage you to update to the latest version if you can. If you are using a version before 2.0, you are also not vulnerable.

You may not be vulnerable if you are using these versions, as your configuration may already mitigate this (see the Mitigations section below), or the things you log may not include any user input. This may be difficult to validate however without understanding all the code paths that may log in detail, and where they may get input from. So you probably will want to upgrade all code using vulnerable versions.

The configuration for the docker scan command previously shipped in Docker Desktop versions 4.3.0 and earlier unfortunately do not pick up this vulnerability on scans. Please update to Docker Desktop 4.3.1+ with docker scan 0.11.0+, which we released today, 11 December 2021.

If you are using docker scan from Linux you can download binaries from GitHub and install in the plugins directory as explained in the instructions here. We will soon update the Linux CLI version to include the updated docker scan.

If you use the updated version, you should see a message in the output log like this:

Upgrade org.apache.logging.log4j:log4j-core@2.14.0 to org.apache.logging.log4j:log4j-core@2.15.0 to fix
✗ Arbitrary Code Execution (new) [Critical Severity][https://snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720] in org.apache.logging.log4j:log4j-core@2.14.0
introduced by org.apache.logging.log4j:log4j-core@2.14.0

To test this, you can check a vulnerable image, for example this image contains a vulnerable version.

docker scan elastic/logstash:7.13.3

or to cut out all the other vulnerabilities

docker scan elastic/logstash:7.13.3 | grep ‘Arbitrary Code Execution’

For more information about docker scan, see the documentation.

Docker Hub Scans

Docker Hub security scans are currently not picking up the Log4j 2 vulnerability. We are working to fix this as soon as we can, and to re-scan existing images so you can see which ones are vulnerable. We apologise for this, and will update here as soon as we have fixed this. Please use docker scan from the updated version above until this has been remedied.

Mitigations

You may well want to use a web application firewall (WAF) as an initial part of your mitigation and fix process.

For containerized applications, if the version of Log4j 2 you are using is 2.10.0 or later, there is an environment variable or Java command line option you can use to disable the unsafe substitution behaviour. You can add the line:

ENV LOG4J_FORMAT_MSG_NO_LOOKUPS=true

to your Dockerfile, or you can add the equivalent flag “-Dlog4j.formatMsgNoLookups=true” to the command you run in your container, for example:

CMD [”java”, “-Dlog4j.formatMsgNoLookups=true”, “-jar”, “…”]

Both of these are equivalent. You can see how this works with an example proof of concept repo.

You can also configure the environment variable at runtime, which can be easier, for example for Kubernetes you could add these lines into your configuration.

spec:
containers:
– name: …
image: …
env:
– name: LOG4J_FORMAT_MSG_NO_LOOKUPS
value: “true”

For Docker Compose you can use something like:

web:
environment:
– LOG4J_FORMAT_MSG_NO_LOOKUPS=true

Docker Official Images

A number of the Docker Official images do contain the vulnerable versions of Log4j 2. The ones that we believe may contain vulnerable versions of Log4j 2, at the time of publishing this blog:

couchbase 

elasticsearch 

flink 

geonetwork 

lightstreamer 

logstash

neo4j 

nuxeo 

solr 

sonarqube 

storm 

xwiki 

We are in the process of updating Log4j 2 in these images to the latest version available. These images may not be vulnerable for other reasons, and you can check for this on the upstream websites.

In the meantime, for your running applications using these images, see Mitigations above for information on how you can set the environment variable at runtime to mitigate the CVE. Please note: geonetwork and logstash both use earlier versions of Log4j 2 for which the environment variable mitigation does not work, so you will not be able to mitigate these two in this way.

If you use other images as a base (such as openjdk) that do not have affected versions of Log4j 2, it is possible you may be adding Log4j 2 as part of your build on top of an unaffected image and will need to update your Log4j 2 dependency to the latest fixed version.

Other images on Docker Hub

We are working with the Docker Verified Publishers to identify and update their affected images. We are looking at ways to show you images that are affected and we will continue to update this post as we have more information.

Is Docker’s infrastructure affected?

Docker largely uses Go code in our applications, not Java. Although we do use some Java applications, we have confirmed we are not vulnerable to CVE-2021-44228.
The post Apache Log4j 2 CVE-2021-44228 appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

Docker Secure Images: What Are They and How Do I Use Them?

One of the major challenges in today’s development environments is balancing innovation with security. Focusing on both is never a small effort and might seem tedious or constraining at times, but when security is implemented from the start, it can shorten development time and prevent exposure to vulnerabilities.

This is why Docker rolled out Docker Official Images (now also available on Amazon Elastic Container Registry Public) and the Docker Verified Publisher Program – so developers know they are starting development with reliable building blocks that have been curated and vetted by Docker. 

If you’ve seen those green and blue badges – “Official Image” and “Verified Publisher” – next to certain images on Docker Hub, then you’re already one step ahead of the rest. Docker Verified Publisher images come from repositories published by Docker partners, so you know you’re pulling your image from a trusted source. Docker Official Images are a curated set of images that are reviewed and published by a dedicated team, working in collaboration with upstream software maintainers, security experts, and the broader Docker community. You can use these images as fully-furnished starting points or drop-in solutions.

Your next question is likely, how do I start using those images? The good news is that our recent guide, “Jump-Starting Development with Secure Images from Docker”, lays this out for you, providing a step-by-step look at how to build with Docker Official Images and Verified Publisher Images, specifically installing a Python image and setting up a Ruby on Rails environment with multiple images. 

Docker helps developers build, share, and run applications that are secure from the start. The Docker Verified Publisher Program and Docker Official Images are just one of the ways we provide a solid foundation for your applications, so you can focus on building better software.

Get started with Docker Official and Verified Publisher images today by downloading our guide. Interested in joining the Docker Verified Publisher Program? Sign up here!

Resources

Blog: Docker Verified Publisher: Trusted Sources, Trusted ContentBlog: Welcome Canonical to Docker Hub and the Docker Verified Publisher ProgramPress Release: Docker Expands Trusted Content Offering for Developers Blog: Secure Software Supply Chain Best Practices 

DockerCon Live 2022

Join us for DockerCon Live 2022 on Tuesday, May 10. DockerCon Live is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon Live 2022 offers engaging live content to help you build, share and run your applications. Register today at https://www.docker.com/dockercon/
The post Docker Secure Images: What Are They and How Do I Use Them? appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

Do the New Terms of Docker Desktop Apply If You Don’t Use the Docker Desktop UI?

Even if you’re not taking advantage of the user interface that Docker provides with Docker Desktop and are simply using the CLI, you may still need a paid subscription to use Docker Desktop. Much of the value of Docker Desktop comes from making it easy to develop with containers locally on Windows and Mac.

We announced updates to our product subscriptions back in August and as part of that change, Docker Desktop now requires a per-user paid subscription (Pro, Team, or Business) for professional use in larger companies (larger than 250 employees OR greater than $10 million in annual revenue). 

If you meet the criteria above for a large business, and you’ve installed Docker Desktop, you need a paid subscription that starts for as little as $5 per user, per month.  

Docker Desktop remains free for small businesses (fewer than 250 employees AND less than $10 million in annual revenue), personal use, education, and non-commercial open source projects.

There is a grace period until January 31, 2022, for those that require a paid subscription to use Docker Desktop.

Okay, so what do I get with Docker Desktop?  

With Docker Desktop, installation, configuration, and maintenance are as easy as one click. Starting from the top, Docker Desktop comes as one single package for Mac or Windows. There is a single installer that, in one click, sets up everything you need to use Docker in minutes. 

Docker simplifies configuration under Docker Desktop, taking care of port mappings, file system concerns, and other default settings, making it seamless to develop on your local machine. Docker also maintains and regularly updates Docker Desktop with bug fixes and security updates. 

You can learn more about all the magic behind the scenes of Docker Desktop in this blog. Or check out these Twitter threads from @glours and @BretFisher. Bret Fisher, one of our Docker Captains, also has a great rundown on his Youtube show here. 

Docker Desktop features – many of which are not related to the UI:

Here’s a summarized list of the features you get with Docker Desktop. You can also learn more about the difference between Docker Desktop vs. DIY with Docker Engine here.  

How can I check if I have Docker Desktop installed?

Checking to see if you are using Docker Desktop is simple. An easy way to determine if Docker Desktop is currently running on your machine is if this icon is present:  

You can also check to see if Docker Desktop is installed via the filesystem. 

On Mac, look for “/Applications/Docker.app”On Windows, look for “C:Program FilesDockerDocker” 

Picking the Docker Subscription that meets your needs

Check out the Docker pricing page to compare all the features in each subscription. If you’d like some help picking the subscription that best suits your needs, you can also check out the Docker Subscription Cheat Sheet. It highlights some of the key differences between each of the subscriptions: Personal, Pro, Team, and Business. And if you still have questions, you can always check out our FAQ page that has additional details.  

DockerCon Live 2022

Join us for DockerCon Live 2022 on Tuesday, May 10. DockerCon Live is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon Live 2022 offers engaging live content to help you build, share and run your applications. Register today at https://www.docker.com/dockercon/
The post Do the New Terms of Docker Desktop Apply If You Don’t Use the Docker Desktop UI? appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

Docker Verified Publisher: Trusted Sources, Trusted Content

Six months since its launch at DockerCon, the Docker Verified Publisher program delivers on its promise to developers and partners alike

The Docker Verified Publisher program means trusted content and trusted sources for the millions of Docker users. At the May 2021 DockerCon, Docker announced its Secure Software Supply Chain initiative, highlighting Docker Verified Publisher as a key component of that trusted content. 

The trusted images in Docker Hub help development teams build secure software supply chains, minimizing exposure to malicious content early in the process to save time and money later. Docker allows developers to quickly and confidently discover and use images in their applications from known, trusted sources. 

Docker Verified Publisher partners join the trusted content Docker provides, along with Docker Official Images and the Docker Open Source program. In short, the Docker Verified Publisher program promises developers that the images they use are from the trusted software publisher. And a Docker Hub search shows trusted sources first.

Trusted images and software security are at the forefront of what the new Docker Business subscription tier offers, too. These trusted images can be allowed into large organizations – while preventing unverified, untrusted community images via the Docker Business Image Management features in the Docker Hub organization control plane. And of course, those trusted images include Docker Verified Publisher partners.

Dozens of software publishers have joined the Docker Verified Publisher program already, and more are poised to join before Docker’s new Docker Desktop license policies take effect (31 January 2022).

Docker Verified Publisher partners enjoy benefits such as:

Removal of rate limiting on all repos in the DVP partners’ namespace, providing a premium user experience: all Docker users, whether they have a Docker subscription or not, are be able to pull the partner’s images as much as they wantDVP badging on partner namespace and repos, indicating the trusted content and verified source (part of Docker’s Secure Software Supply Chain initiative)Priority search ranking in Docker Hub Co-marketing opportunities including social shares, posts on the popular Docker blog, the exclusive right to sponsor DockerCon 2022,etc.Inclusion as one of two trusted sources in the image access controls included in the Docker Business subscription tier, bringing essential security and management capabilities to larger Docker customersRegular reporting to track key partner repo metrics such as pull requests, unique IP addresses, and moreAnd more benefits added regularly

To learn more and join the Docker Verified Publisher program, just email partners@docker.com or visit this page to contact us.
The post Docker Verified Publisher: Trusted Sources, Trusted Content appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/