What’s New with Docker Trusted Registry (v1.4.x)?

Docker Trusted Registry Recap

2

•Registry for building, storing and managing images securely, within your firewall

•Maintain control over Docker images to meet your security or regulatory compliance requirements.

DTR Primary Usage Scenarios

CI/CD with Docker

• Centrally located base images• Store individual build images• Pull tested images to production

Containers as a Service

• Deploy Jenkins executors or Hadoop nodes• Instant-on developer environment• Selected curated apps from a catalog• Dynamic composition of micro-services (“PAAS”)

Pre DTR 1.4

General Features

• Admin & Health UI• Registry Storage Status• LDAP/AD Integration• RBAC API (Admin, R/W, R/O)• User actions/API audit logs• Registry v2 API & v2 Image Support• One click install/upgrade

Platform Features

• Storage drivers for filesystem, s3, and azure• Support Tooling• Support for Ubuntu, RHEL, CentOS• Tested at 300 concurrent pulls/instance

DTR 1.4.1 Release

General Features

• Orgs, Teams & Repo permissions UI• Search index, API & UI• Interactive API documentation• Image deletion from index• Image garbage collection

Experimental • Docker Content Trust: View Docker Notary signatures in DTR

DTR 1.4.2 Release (End of Dec)

Platform Features

• Swift Driver Support

Architecture

Datastore

Storage Drivers

Admin UIAudit and Event logs

Directory Services

LoadBalancer

Registry ServersAdminServer

AuthServer

Log Aggregator

Docker Engines

PostgreSQL

LDAPS 636Local Syslog

Docker Client

> docker

HTTPS 443

Demo Time

7

8

Deep Dive: Delete

9

Deep Dive: Delete

10

Deep Dive: Garbage Collection

11

Docker Content Trust Integration

Docker Universal Control Plane Integration

Future Plans and Features

DCT Integrations

● View and manage keys from DTR● Key delegations to DTR orgs & teams● Promote images through signatures

● dev signed -> QA signed -> prod signed● Policy enforcement through integrations

Description

Sysadmin

Dev

Prod Ops

Docker Universal Control Plane Integration

● End-to-end authn integration with LDAP/AD● Cross product RBAC across orgs● Complete CI/CD visibility

Description

Thank you!