Since Docker launched in 2013, it has brought a level of excitement and innovation to software development that’s contagious. It has rallied support from every corner—enterprises to startups, developers to IT folk, plus the open source community, ISVs, the biggest public cloud vendors, and every tool across the software stack. Since the launch of Docker, many major milestones have served to advance the container revolution. Let’s look at some of them.
Your storage system should be locked down with all security and access control tools available to you as well. That is true whether the storage serves containers or any other type of application environment. How do you secure containers? That may sound like a simple question, but it actually has a six- or seven-part answer. That’s because securing containers doesn’t involve just deploying one tool or paying careful attention to one area where vulnerabilities can exist.
Registries are one of the key components that make working with containers, primarily Docker, so appealing to the masses. A registry hosts images that are downloaded and run on hosts in a container engine. A container is simply a running instance of a specific image. Think of an image as a ready-to-go package, like an MSI on Microsoft Windows or an RPM on Red Hat Enterprise Linux. I won’t go into the details of how registries work here, but if you want to learn more,this article is a great read.
Note: you can read the Part 1 and Part 2 of this series, which describes how to deploy service stacks from a private docker registry with Rancher. This is my third and final blog post, and follows part 2, where I stepped through the creation of a private, password-protected Docker registry. and integrated this private registry with Rancher. In this post, we will be putting this registry to work (although for speed, I will use public images).
For proprietary applications, a hosted docker registry is ideal for hosting images privately in a production-grade registry. Learn more at Rancher.
When we shipped Rancher 0.12 last week we added one of the more frequently requested features, support for private Docker registries. Rancher had always allowed users to provision containers from DockerHub, but many organizations run their own registries, or use private hosted registries such as Quay.io, and private DockerHub accounts. Beginning with this release, users will be able to connect their private registry directly to their Rancher environment, and deploy containers from private Docker images.