In this Docker Online Meetup, Docker Software Engineer Tony Holdstock-Brown discusses the latest features in Docker Trusted Registry 1.4.1 including:
- Image deletion and garbage collection
- Set up, and manage user accounts, teams, organizations, and repositories from either APIs or through the Trusted Registry user interface
- Search, browse, and discover images created by other users through either APIs or through the Trusted Registry UI
- New APIs for accessing repositories, account management, indexing, searching, and reindexing
- New experimental feature: Docker Trusted Registry now integrates with Docker Content Trust using Notary
2. Docker Trusted Registry Recap
2
• Registry for building, storing and managing images securely, within
your firewall
• Maintain control over Docker images to meet your security or
regulatory compliance requirements.
3. DTR Primary Usage Scenarios
CI/CD with
Docker
• Centrally located base images
• Store individual build images
• Pull tested images to production
Containers as
a Service
• Deploy Jenkins executors or Hadoop nodes
• Instant-on developer environment
• Selected curated apps from a catalog
• Dynamic composition of micro-services (“PAAS”)
4. Pre DTR 1.4
General
Features
• Admin & Health UI
• Registry Storage Status
• LDAP/AD Integration
• RBAC API (Admin, R/W, R/O)
• User actions/API audit logs
• Registry v2 API & v2 Image Support
• One click install/upgrade
Platform
Features
• Storage drivers for filesystem, s3, and azure
• Support Tooling
• Support for Ubuntu, RHEL, CentOS
• Tested at 300 concurrent pulls/instance
5. DTR 1.4.1 Release
General
Features
• Orgs, Teams & Repo permissions UI
• Search index, API & UI
• Interactive API documentation
• Image deletion from index
• Image garbage collection
Experimental • Docker Content Trust: View Docker Notary signatures in DTR
DTR 1.4.2 Release (End of Dec)
Platform
Features
• Swift Driver Support
12. DCT Integrations
● View and manage keys from DTR
● Key delegations to DTR orgs & teams
● Promote images through signatures
● dev signed -> QA signed -> prod signed
● Policy enforcement through integrations
Description
Sysadmin
Dev
Prod
Ops
13. Docker Universal Control Plane Integration
● End-to-end authn integration with LDAP/AD
● Cross product RBAC across orgs
● Complete CI/CD visibility
Description