SlideShare a Scribd company logo

A new model for Docker image distribution

Download as PPTX, PDF
Docker, Inc.
Docker, Inc.
Technology
1 of 36
A New Model for Image Distribution Docker Registry 2.0
Stephen Day Distribution, Tech Lead Docker, Inc. stephen@docker.com @stevvooe github.com/stevvooe
Overview • What is Docker? • What is an Image? • What is the Docker Registry? • History • Docker Registry API V2 • Implementation • The Future 3
What is Docker? https://www.docker.com/whatisdocker/
What is an Image? A runnable component with a filesystem
What is an Image? • Containers, the runtime of docker, are created from images • Filesystem made up with “layers” – Just tar files – Layers can be shared between images • Includes a description organizing layers into an image • Identified by a name (ubuntu, redis, stevvooe/myapp) • docker run ubuntu – Runs a container, created from image ubuntu 6 A runnable component with a filesystem
What is the Docker Registry? A central place to store and distribute docker images
What is the Docker Registry? • Stores the layers and the description of how they make up an image • Implements a common API agreed upon by Docker clients • Several Implementations – A simple web server to make images available – A complete web application – Services like the Docker Hub contain a registry • Documentation: https://docs.docker.com/registry/ 8 A central place to store and distribute docker images
History Docker Registry API V1
Docker Registry API V1 • Layer Oriented • Layer IDs are randomly assigned • JSON object corresponding to each layer referencing a parent • Naming accomplished through tags 10 History Layer Layer Layer Layer JSON JSON JSON JSONFetch(ID)
Registry API V1 URL Layout Methods URL GET /v1/_ping GET, PUT /v1/images/(image_id)/layer GET, PUT /v1/images/(image_id)/json GET /v1/images/(image_id)/ancestry GET /v1/repositories/(namespace)/(repository)/tags GET, PUT, DELETE /v1/repositories/(namespace)/(repository)/tags/(tag*) DELETE /v1/repositories/(namespace)/(repository)/ GET /v1/search 11 https://docs.docker.com/reference/api/registry_api/
Docker Registry API V1 • Performance – Fetch a layer, fetch the parent, fetch the parent, … • Security – Image IDs must be kept secret – Who assigns the layer IDs? – Hard to audit, verify • Implementation in Python – Affected ease of deployment – Reduced sharing with main Docker Project • More available through https://github.com/docker/docker/issues/8093 12 Problems
Docker Registry API V2 Design
Docker Registry API V2 • Simplicity – Easy to implement – Works with static host • Distribution – Separate location of content from naming • Security – Verifiable Images – Straight-forward access control • Performance – Remove the single track • Implementation – Move to Go to increase code sharing with Docker Engine 14 Goals
Docker Registry API V2 • Layers are treated as content-addressable blobs – Much better for security – Permits safe-distribution through untrusted channels • All data can be verified – Improved cache-ability • Content address is known as the “digest” 15 Content-Addressable
Docker Registry API V2 • Uniquely identifies content • A cryptographically strong hash – Chose a name, digest, that does not conflict with other concepts (map, dict, crc, etc.) • For Registry V2, simply using sha256(bytes) – Easy to implement – Easy to verify • Independently Verifiable – If you and I agree on a common algorithm, we can choose IDs for content without coordinating • Strongly-typed with tools to parse and verify – http://godoc.org/github.com/docker/distribution/digest 16 What is a digest?
Docker Registry API V2 • Describes the components of an image in a single object – Layers can be fetched immediately, in parallel 17 Manifests LayerLayer Layer Layer JSONFetch(ID)
Docker Registry API V2 • Content-addressable, as well – docker pull ubuntu@sha256:8126991394342c2775a9ba4a843869112da8156037451fc424454db43c25d8b0 – The above command will pull the exact same image that I have on my laptop • Leverages Merkle DAG – Because the digests of the layers are in the manifest, if any bit in the layer changes, the digest of the manifest changes – Similar to git, ipfs, camlistore and a host of other projects • Tags are in the manifest – This is going away 18 Manifests
Docker Registry API V2 19 Manifests { "name": <name>, "tag": <tag>, "fsLayers": [ { "blobSum": <digest> }, ... ] ], "history": [<v1 image json>, ... ] }
Docker Registry API V2 • All content is now part of a named repository – Image IDs are no longer a secret – Simplified authorization model • name + operation (push, pull) • No round trips required for access checks when using token auth • Makes implementation simple and more secure – Clients must “prove” content is available to another repository by providing it • Opened up namespace to allow more than two components – No reason to have registry enforce “<user>/<image>” – API “reversed” to make static layout easier 20 Repositories
Docker Registry API V2 • Shared-nothing – “Backend” ties a cluster of registries together – Allows scaling by adding instances – Performance limited by backend • Make backend faster, registry gets faster • Pull-optimized – Most important factor when distributing software – May hurt certain use cases • Resumable Pull and Push (specified but not implemented) – Resumable pull already available with http Range requests – Two-step upload start for resumable push – Built into the protocol for future support • A living specification – Meant to be used and modified – Always backwards compatible 21 Overview
Registry API V2 URL Layout Methods URL GET /v2/ GET /v2/<name>/tags/list GET, PUT, DELETE /v2/<name>/manifests/<reference> GET /v2/<name>/blobs/<digest> POST /v2/<name>/blobs/uploads/ GET, PUT, PATCH, DELETE /v2/<name>/blobs/uploads/<uuid> 22 https://docs.docker.com/registry/spec/api/
Docker Registry API V2 • Content addresses (digests) are primary identifier • Unrolled image description model • Multi-step upload – Provides flexibility in failure modes – Options for future alternative upload location (redirects) • No Search API – In V1, this API does everything – Replacing with something better • No explicit tagging API – This will change: https://github.com/docker/distribution/pull/173 23 Differences from V1
Docker Registry 2.0 Implementation
Docker Registry 2.0 • Registry 2.0 released with Docker 1.6 – Mostly a success – https://github.com/docker/distribution • Running the Hub – S3 backend • Having some trouble with round trips to s3 :( – Decent performance with very little caching • A lot of low hanging fruit left to tackle 25 Status
Docker Registry 2.0 • Full support release with Docker 1.6 – Minimal bugs – Most problems are common to version upgrades • Header required to declare support for 2.0 API • Validated most concepts in 1.3, 1.4 with V2 preview – Much faster pull performance – You’ve probably already used it • There are some edge cases – push-heavy workflows – disk io when verifying large images – We are mitigating these 26 Does it work?
Docker Registry 2.0 • Are you on Docker 1.6+? – Yes. • Evaluate it • Test it • Break it (and file bugs https://github.com/docker/distribution/issues) • Deploy it • Are you on Docker <1.6? – Are you entrenched in v1? • Perhaps, hold off – Run dual stack v1, v2 • https://docs.docker.com/registry/deploying/#configure-nginx-with-a-v1-and-v2-registry • Not recommended to auto-port images between v1 and v2 27 Should you be using it?
Docker Registry 2.0 • Internal deployments – Use the filesystem driver — it is really fast – Backup with rsync • Scale storage – Use S3 driver • Make sure you are “close” since round trip times can have an effect • Scale Reads – Use round robin DNS • Do not use this for HA – Rsync to followers on read-only filesystem – Add machines to taste • https://docs.docker.com/registry/deploying/ 28 Deploying
Docker Registry 2.0 • Feature parity with V1 – Maturity – Building collective operational knowledge • Hard to break some bad practices from v1 • Proxy Caching • Catalog API – What’s in my registry? • Deletes – Diverse backend support makes this hard – https://github.com/docker/distribution/issues/461 – https://github.com/docker/distribution/issues/462 • Search – See the goals of Distribution to see why this is interesting 29 Future
Docker Distribution A project to improve packing, shipping, storing, and delivering content
Docker Distribution • Goals – Improve the state of image distribution in Docker • Focus – Security – Reliability – Performance • Build a solid and secure foundation • Unlock new distribution models – Moving images around no longer requires a registry – Peer to Peer for large deployments 31 Overview
Docker Distribution • Clean up the docker daemon code base – Defined new APIs for working with docker content – Increase feature velocity – Generalize around strong base • Current Manifest format is provisional – Still includes v1 layer JSON – Content-addressability + mediatypes make support new formats trivial – https://github.com/docker/distribution/pull/62 • Road Map: https://github.com/docker/distribution/wiki 32 Future
Docker Distribution Google Group: distribution@dockerproject.org GitHub: https://github.com/docker/distribution IRC on Freenode: #docker-distribution
Join us at DockerCon Save 10% on registration with code: containyourself June 22-23, 2015 in San Francisco, CA Register now: dockercon.com @dockercon | dockercon.com
Q&A
THANK YOU

Recommended

Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC WongDocker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker, Inc.
 
Docker Registry V2
Docker Registry V2Docker Registry V2
Docker Registry V2
Docker, Inc.
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
John Willis
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Hao Fan
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
Aniekan Akpaffiong
 
Docker Hub Breakout Session at DockerCon by Ken Cochrane
Docker Hub Breakout Session at DockerCon by Ken CochraneDocker Hub Breakout Session at DockerCon by Ken Cochrane
Docker Hub Breakout Session at DockerCon by Ken Cochrane
Docker, Inc.
 
Docker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and toolsDocker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and tools
Ramit Surana
 
Docker in real life
Docker in real lifeDocker in real life
Docker in real life
Nguyen Van Vuong
 

Recommended

Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC WongDocker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker, Inc.
 
Docker Registry V2
Docker Registry V2Docker Registry V2
Docker Registry V2
Docker, Inc.
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
John Willis
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Hao Fan
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
Aniekan Akpaffiong
 
Docker Hub Breakout Session at DockerCon by Ken Cochrane
Docker Hub Breakout Session at DockerCon by Ken CochraneDocker Hub Breakout Session at DockerCon by Ken Cochrane
Docker Hub Breakout Session at DockerCon by Ken Cochrane
Docker, Inc.
 
Docker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and toolsDocker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and tools
Ramit Surana
 
Docker in real life
Docker in real lifeDocker in real life
Docker in real life
Nguyen Van Vuong
 
Introduction to container based virtualization with docker
Introduction to container based virtualization with dockerIntroduction to container based virtualization with docker
Introduction to container based virtualization with docker
Bangladesh Network Operators Group
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An Introduction
POSSCON
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Phuc Nguyen
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Jeffrey Ellin
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
Docker Registry + Basic Auth
Docker Registry + Basic AuthDocker Registry + Basic Auth
Docker Registry + Basic Auth
Remotty
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Instruqt
 
Docker and containers - For Boston Docker Meetup Workshop in March 2015
Docker and containers - For Boston Docker Meetup Workshop in March 2015Docker and containers - For Boston Docker Meetup Workshop in March 2015
Docker and containers - For Boston Docker Meetup Workshop in March 2015
Jonas Rosland
 
Docker introduction for the beginners
Docker introduction for the beginnersDocker introduction for the beginners
Docker introduction for the beginners
Juneyoung Oh
 
Learning Docker with Thomas
Learning Docker with ThomasLearning Docker with Thomas
Learning Docker with Thomas
Thomas Tong, FRM, PMP
 
Docker basics
Docker basicsDocker basics
Docker basics
Claudio Montoya
 
Docker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and ContainersDocker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and Containers
Yajushi Srivastava
 
Introduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and DockerIntroduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and Docker
Chris Taylor
 
Docker based-pipelines
Docker based-pipelinesDocker based-pipelines
Docker based-pipelines
DevOps.com
 
Introduction to Docker - VIT Campus
Introduction to Docker - VIT CampusIntroduction to Docker - VIT Campus
Introduction to Docker - VIT Campus
Ajeet Singh Raina
 
Introduction To Docker
Introduction To DockerIntroduction To Docker
Introduction To Docker
Dr. Syed Hassan Amin
 
Docker in pratice -chenyifei
Docker in pratice -chenyifeiDocker in pratice -chenyifei
Docker in pratice -chenyifei
dotCloud
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Jian Wu
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
dotCloud
 
Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707
Clarence Ho
 
DockerCon SF 2015: A New Model for Image Distribution
DockerCon SF 2015: A New Model for Image DistributionDockerCon SF 2015: A New Model for Image Distribution
DockerCon SF 2015: A New Model for Image Distribution
Docker, Inc.
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to Docker
Docker, Inc.
 

More Related Content

What's hot

Docker and containers - For Boston Docker Meetup Workshop in March 2015
Docker and containers - For Boston Docker Meetup Workshop in March 2015Docker and containers - For Boston Docker Meetup Workshop in March 2015
Docker and containers - For Boston Docker Meetup Workshop in March 2015
Jonas Rosland
 
Docker based-pipelines
Docker based-pipelinesDocker based-pipelines
Docker based-pipelines
DevOps.com
 
Docker in pratice -chenyifei
Docker in pratice -chenyifeiDocker in pratice -chenyifei
Docker in pratice -chenyifei
dotCloud
 

What's hot (20)

Introduction to container based virtualization with docker
Introduction to container based virtualization with dockerIntroduction to container based virtualization with docker
Introduction to container based virtualization with docker
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An Introduction
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Docker Registry + Basic Auth
Docker Registry + Basic AuthDocker Registry + Basic Auth
Docker Registry + Basic Auth
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Docker and containers - For Boston Docker Meetup Workshop in March 2015
Docker and containers - For Boston Docker Meetup Workshop in March 2015Docker and containers - For Boston Docker Meetup Workshop in March 2015
Docker and containers - For Boston Docker Meetup Workshop in March 2015
 
Docker introduction for the beginners
Docker introduction for the beginnersDocker introduction for the beginners
Docker introduction for the beginners
 
Learning Docker with Thomas
Learning Docker with ThomasLearning Docker with Thomas
Learning Docker with Thomas
 
Docker basics
Docker basicsDocker basics
Docker basics
 
Docker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and ContainersDocker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and Containers
 
Introduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and DockerIntroduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and Docker
 
Docker based-pipelines
Docker based-pipelinesDocker based-pipelines
Docker based-pipelines
 
Introduction to Docker - VIT Campus
Introduction to Docker - VIT CampusIntroduction to Docker - VIT Campus
Introduction to Docker - VIT Campus
 
Introduction To Docker
Introduction To DockerIntroduction To Docker
Introduction To Docker
 
Docker in pratice -chenyifei
Docker in pratice -chenyifeiDocker in pratice -chenyifei
Docker in pratice -chenyifei
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
 
Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707
 

Viewers also liked

Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to Docker
Docker, Inc.
 
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
Docker, Inc.
 
Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...
Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...
Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...
Docker, Inc.
 
Open Design at large scale by Solomon Hykes
Open Design at large scale by Solomon HykesOpen Design at large scale by Solomon Hykes
Open Design at large scale by Solomon Hykes
Docker, Inc.
 
DockerCon SF 2015: AWS w/ Deepak Singh
DockerCon SF 2015: AWS w/ Deepak SinghDockerCon SF 2015: AWS w/ Deepak Singh
DockerCon SF 2015: AWS w/ Deepak Singh
Docker, Inc.
 
DockerCon SF 2015: Resilient Routing and Discovery
DockerCon SF 2015: Resilient Routing and DiscoveryDockerCon SF 2015: Resilient Routing and Discovery
DockerCon SF 2015: Resilient Routing and Discovery
Docker, Inc.
 
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Docker, Inc.
 
Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad
Docker, Inc.
 

Viewers also liked (20)

DockerCon SF 2015: A New Model for Image Distribution
DockerCon SF 2015: A New Model for Image DistributionDockerCon SF 2015: A New Model for Image Distribution
DockerCon SF 2015: A New Model for Image Distribution
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to Docker
 
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
 
Opinionated containers and the future of game servers by Brendan Fosberry
Opinionated containers and the future of game servers by Brendan FosberryOpinionated containers and the future of game servers by Brendan Fosberry
Opinionated containers and the future of game servers by Brendan Fosberry
 
Migrating a large code-base to containers by Doug Johnson and Jonathan Lozins...
Migrating a large code-base to containers by Doug Johnson and Jonathan Lozins...Migrating a large code-base to containers by Doug Johnson and Jonathan Lozins...
Migrating a large code-base to containers by Doug Johnson and Jonathan Lozins...
 
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
 
Enable Fig to deploy to multiple Docker servers by Willy Kuo
Enable Fig to deploy to multiple Docker servers by Willy KuoEnable Fig to deploy to multiple Docker servers by Willy Kuo
Enable Fig to deploy to multiple Docker servers by Willy Kuo
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1
 
Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...
Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...
Evaluating and ranking genome assemblers by Michael Barton (Joint Genome Inst...
 
Open Design at large scale by Solomon Hykes
Open Design at large scale by Solomon HykesOpen Design at large scale by Solomon Hykes
Open Design at large scale by Solomon Hykes
 
DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
 
DockerCon SF 2015: AWS w/ Deepak Singh
DockerCon SF 2015: AWS w/ Deepak SinghDockerCon SF 2015: AWS w/ Deepak Singh
DockerCon SF 2015: AWS w/ Deepak Singh
 
DockerCon SF 2015: Resilient Routing and Discovery
DockerCon SF 2015: Resilient Routing and DiscoveryDockerCon SF 2015: Resilient Routing and Discovery
DockerCon SF 2015: Resilient Routing and Discovery
 
BBC: CI Problems and our Solutions by Simon Thulbourn
BBC: CI Problems and our Solutions by Simon ThulbournBBC: CI Problems and our Solutions by Simon Thulbourn
BBC: CI Problems and our Solutions by Simon Thulbourn
 
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
 
Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad
 
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
 
Building Web Scale Apps with Docker and Mesos by Alex Rukletsov (Mesosphere)
Building Web Scale Apps with Docker and Mesos by Alex Rukletsov (Mesosphere)Building Web Scale Apps with Docker and Mesos by Alex Rukletsov (Mesosphere)
Building Web Scale Apps with Docker and Mesos by Alex Rukletsov (Mesosphere)
 

Similar to A new model for Docker image distribution

Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deployment
Dave Ward
 
Lightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in PracticeLightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in Practice
Docker, Inc.
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
dotCloud
 

Similar to A new model for Docker image distribution (20)

CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the World
 
Road to Opscon (Pisa '15) - DevOoops
Road to Opscon (Pisa '15) - DevOoopsRoad to Opscon (Pisa '15) - DevOoops
Road to Opscon (Pisa '15) - DevOoops
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with Docker
 
Containers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciContainers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aci
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
 
Exploring Docker in CI/CD
Exploring Docker in CI/CDExploring Docker in CI/CD
Exploring Docker in CI/CD
 
IBM WebSphere Application Server traditional and Docker
IBM WebSphere Application Server traditional and DockerIBM WebSphere Application Server traditional and Docker
IBM WebSphere Application Server traditional and Docker
 
Tech talk on docker with demo
Tech talk on docker with demoTech talk on docker with demo
Tech talk on docker with demo
 
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
 
Using Docker in production: Get started today!
Using Docker in production: Get started today!Using Docker in production: Get started today!
Using Docker in production: Get started today!
 
ExpoQA 2017 Docker and CI
ExpoQA 2017 Docker and CIExpoQA 2017 Docker and CI
ExpoQA 2017 Docker and CI
 
Docker & ci
Docker & ciDocker & ci
Docker & ci
 
Rails Applications with Docker
Rails Applications with DockerRails Applications with Docker
Rails Applications with Docker
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Intro docker and demo monitor on docker
Intro docker and demo monitor on dockerIntro docker and demo monitor on docker
Intro docker and demo monitor on docker
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deployment
 
Lightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in PracticeLightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in Practice
 
Oracle database on Docker Container
Oracle database on Docker ContainerOracle database on Docker Container
Oracle database on Docker Container
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
 

More from Docker, Inc.

Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
Docker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
Docker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
Docker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
Docker, Inc.
 

More from Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

Recently uploaded

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

Recently uploaded (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

A new model for Docker image distribution

  • 1. A New Model for Image Distribution Docker Registry 2.0
  • 2. Stephen Day Distribution, Tech Lead Docker, Inc. stephen@docker.com @stevvooe github.com/stevvooe
  • 3. Overview • What is Docker? • What is an Image? • What is the Docker Registry? • History • Docker Registry API V2 • Implementation • The Future 3
  • 5. What is an Image? A runnable component with a filesystem
  • 6. What is an Image? • Containers, the runtime of docker, are created from images • Filesystem made up with “layers” – Just tar files – Layers can be shared between images • Includes a description organizing layers into an image • Identified by a name (ubuntu, redis, stevvooe/myapp) • docker run ubuntu – Runs a container, created from image ubuntu 6 A runnable component with a filesystem
  • 7. What is the Docker Registry? A central place to store and distribute docker images
  • 8. What is the Docker Registry? • Stores the layers and the description of how they make up an image • Implements a common API agreed upon by Docker clients • Several Implementations – A simple web server to make images available – A complete web application – Services like the Docker Hub contain a registry • Documentation: https://docs.docker.com/registry/ 8 A central place to store and distribute docker images
  • 10. Docker Registry API V1 • Layer Oriented • Layer IDs are randomly assigned • JSON object corresponding to each layer referencing a parent • Naming accomplished through tags 10 History Layer Layer Layer Layer JSON JSON JSON JSONFetch(ID)
  • 11. Registry API V1 URL Layout Methods URL GET /v1/_ping GET, PUT /v1/images/(image_id)/layer GET, PUT /v1/images/(image_id)/json GET /v1/images/(image_id)/ancestry GET /v1/repositories/(namespace)/(repository)/tags GET, PUT, DELETE /v1/repositories/(namespace)/(repository)/tags/(tag*) DELETE /v1/repositories/(namespace)/(repository)/ GET /v1/search 11 https://docs.docker.com/reference/api/registry_api/
  • 12. Docker Registry API V1 • Performance – Fetch a layer, fetch the parent, fetch the parent, … • Security – Image IDs must be kept secret – Who assigns the layer IDs? – Hard to audit, verify • Implementation in Python – Affected ease of deployment – Reduced sharing with main Docker Project • More available through https://github.com/docker/docker/issues/8093 12 Problems
  • 13. Docker Registry API V2 Design
  • 14. Docker Registry API V2 • Simplicity – Easy to implement – Works with static host • Distribution – Separate location of content from naming • Security – Verifiable Images – Straight-forward access control • Performance – Remove the single track • Implementation – Move to Go to increase code sharing with Docker Engine 14 Goals
  • 15. Docker Registry API V2 • Layers are treated as content-addressable blobs – Much better for security – Permits safe-distribution through untrusted channels • All data can be verified – Improved cache-ability • Content address is known as the “digest” 15 Content-Addressable
  • 16. Docker Registry API V2 • Uniquely identifies content • A cryptographically strong hash – Chose a name, digest, that does not conflict with other concepts (map, dict, crc, etc.) • For Registry V2, simply using sha256(bytes) – Easy to implement – Easy to verify • Independently Verifiable – If you and I agree on a common algorithm, we can choose IDs for content without coordinating • Strongly-typed with tools to parse and verify – http://godoc.org/github.com/docker/distribution/digest 16 What is a digest?
  • 17. Docker Registry API V2 • Describes the components of an image in a single object – Layers can be fetched immediately, in parallel 17 Manifests LayerLayer Layer Layer JSONFetch(ID)
  • 18. Docker Registry API V2 • Content-addressable, as well – docker pull ubuntu@sha256:8126991394342c2775a9ba4a843869112da8156037451fc424454db43c25d8b0 – The above command will pull the exact same image that I have on my laptop • Leverages Merkle DAG – Because the digests of the layers are in the manifest, if any bit in the layer changes, the digest of the manifest changes – Similar to git, ipfs, camlistore and a host of other projects • Tags are in the manifest – This is going away 18 Manifests
  • 19. Docker Registry API V2 19 Manifests { "name": <name>, "tag": <tag>, "fsLayers": [ { "blobSum": <digest> }, ... ] ], "history": [<v1 image json>, ... ] }
  • 20. Docker Registry API V2 • All content is now part of a named repository – Image IDs are no longer a secret – Simplified authorization model • name + operation (push, pull) • No round trips required for access checks when using token auth • Makes implementation simple and more secure – Clients must “prove” content is available to another repository by providing it • Opened up namespace to allow more than two components – No reason to have registry enforce “<user>/<image>” – API “reversed” to make static layout easier 20 Repositories
  • 21. Docker Registry API V2 • Shared-nothing – “Backend” ties a cluster of registries together – Allows scaling by adding instances – Performance limited by backend • Make backend faster, registry gets faster • Pull-optimized – Most important factor when distributing software – May hurt certain use cases • Resumable Pull and Push (specified but not implemented) – Resumable pull already available with http Range requests – Two-step upload start for resumable push – Built into the protocol for future support • A living specification – Meant to be used and modified – Always backwards compatible 21 Overview
  • 22. Registry API V2 URL Layout Methods URL GET /v2/ GET /v2/<name>/tags/list GET, PUT, DELETE /v2/<name>/manifests/<reference> GET /v2/<name>/blobs/<digest> POST /v2/<name>/blobs/uploads/ GET, PUT, PATCH, DELETE /v2/<name>/blobs/uploads/<uuid> 22 https://docs.docker.com/registry/spec/api/
  • 23. Docker Registry API V2 • Content addresses (digests) are primary identifier • Unrolled image description model • Multi-step upload – Provides flexibility in failure modes – Options for future alternative upload location (redirects) • No Search API – In V1, this API does everything – Replacing with something better • No explicit tagging API – This will change: https://github.com/docker/distribution/pull/173 23 Differences from V1
  • 25. Docker Registry 2.0 • Registry 2.0 released with Docker 1.6 – Mostly a success – https://github.com/docker/distribution • Running the Hub – S3 backend • Having some trouble with round trips to s3 :( – Decent performance with very little caching • A lot of low hanging fruit left to tackle 25 Status
  • 26. Docker Registry 2.0 • Full support release with Docker 1.6 – Minimal bugs – Most problems are common to version upgrades • Header required to declare support for 2.0 API • Validated most concepts in 1.3, 1.4 with V2 preview – Much faster pull performance – You’ve probably already used it • There are some edge cases – push-heavy workflows – disk io when verifying large images – We are mitigating these 26 Does it work?
  • 27. Docker Registry 2.0 • Are you on Docker 1.6+? – Yes. • Evaluate it • Test it • Break it (and file bugs https://github.com/docker/distribution/issues) • Deploy it • Are you on Docker <1.6? – Are you entrenched in v1? • Perhaps, hold off – Run dual stack v1, v2 • https://docs.docker.com/registry/deploying/#configure-nginx-with-a-v1-and-v2-registry • Not recommended to auto-port images between v1 and v2 27 Should you be using it?
  • 28. Docker Registry 2.0 • Internal deployments – Use the filesystem driver — it is really fast – Backup with rsync • Scale storage – Use S3 driver • Make sure you are “close” since round trip times can have an effect • Scale Reads – Use round robin DNS • Do not use this for HA – Rsync to followers on read-only filesystem – Add machines to taste • https://docs.docker.com/registry/deploying/ 28 Deploying
  • 29. Docker Registry 2.0 • Feature parity with V1 – Maturity – Building collective operational knowledge • Hard to break some bad practices from v1 • Proxy Caching • Catalog API – What’s in my registry? • Deletes – Diverse backend support makes this hard – https://github.com/docker/distribution/issues/461 – https://github.com/docker/distribution/issues/462 • Search – See the goals of Distribution to see why this is interesting 29 Future
  • 30. Docker Distribution A project to improve packing, shipping, storing, and delivering content
  • 31. Docker Distribution • Goals – Improve the state of image distribution in Docker • Focus – Security – Reliability – Performance • Build a solid and secure foundation • Unlock new distribution models – Moving images around no longer requires a registry – Peer to Peer for large deployments 31 Overview
  • 32. Docker Distribution • Clean up the docker daemon code base – Defined new APIs for working with docker content – Increase feature velocity – Generalize around strong base • Current Manifest format is provisional – Still includes v1 layer JSON – Content-addressability + mediatypes make support new formats trivial – https://github.com/docker/distribution/pull/62 • Road Map: https://github.com/docker/distribution/wiki 32 Future
  • 33. Docker Distribution Google Group: distribution@dockerproject.org GitHub: https://github.com/docker/distribution IRC on Freenode: #docker-distribution
  • 34. Join us at DockerCon Save 10% on registration with code: containyourself June 22-23, 2015 in San Francisco, CA Register now: dockercon.com @dockercon | dockercon.com
  • 35. Q&A

Editor's Notes

  1. Please ask questions in chat, I’ll address them at the end
  2. “Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications.“ key point One can build applications These applications can be packed into images Others can run those images
  3. This is a harder definition Moving these around is the main problem we are working on
  4. How have we moved these bits around in the past?
  5. doesn’t represent the runnable components if you fail to push a layer, the id will be assigned by that registry and represents the partial data
  6. image names are restricted to two components image ids have minimal access control at a url level
  7. - Don’t worry; I love Python
  8. “Using less commonly used root term of message digest"
  9. doesn’t represent the runnable components if you fail to push a layer, the id will be assigned by that registry and represents the partial data
  10. Sorry for the eye chart Resumable push - more important to build in protocol than implement right away Refactoring the client code in the daemon to make this easier
  11. image names are restricted to two components image ids have minimal access control at a url level
  12. come participate