Docker 18.09 extends the cycle of support, SSH forwarding and more

Docker Logo: Container Loaded Whale

A few days ago the Docker developers released a new version of their software coming this to version 18.09 representing a significant advance of the world's leading container engine.

With this new release of Docker developers have introduced new architectures and features that improve container performance and accelerate adoption for every type of Docker user, be it a developer, an IT admin, working at a startup, or a large established company.

Main new features of Docker 18.09

Docker has just released version 18.09 for CE and EE with many exciting new features and bug fixes.

One of the main highlights of this new release is that the BuildKit engine can now be used.

This is a new engine for building and packaging software using containers. It is a new codebase intended to replace the internals of the current build features in Moby Engine.

Features specific to the EE version of the Docker engine include:

  • Added FIPS compliance for Windows Server 2016 and later versions
  • Docker Content Trust Enforcement for Enterprise Engine. This allows Docker Engine - Enterprise to run containers that are not signed by a specific organization.

As well It should be noted that a new directive "#syntax" has been introduced, which allows the inclusion of Dockerfile analysis extensions.

Added the ability to use BuildKit without including experimental mode and an API updated to version 1.39 has been received.

On the other hand, added support for remote access using SSH and a new command "docker engine" to control the lifecycle of the Docker Engine, which runs in a separate privileged container based on containererd.

Extended development cycle

As of Docker 18.09, the release support time has been increased from 4 to 7 months due to the modernization of the development cycle of Docker Community Edition (Stable releases are now formed not once a quarter, but once every six months.)

DockerEngineDiagram-1

Possibility of integrating Build-time secrets

One of the complexities of using Dockerfiles has always been accessing private resources. As far as I know if you needed to access a repository or private service, there really wasn't a good one to achieve it.

Docker 18.09 build command comes with many new updates. Most importantly, a completely new backend implementation provided by the Moby BuildKit project can now be used.

The BuildKit backend comes with a bunch of new features, one of which is support for build secrets in Dockerfiles.

The Build secrets implementation is based on two new features provided by BuildKit. One is the ability to use image-loaded custom constructor frontends in the registry, and the other is the ability to use mounts in RUNcommands for Dockerfiles.

BuildKit improvements

Docker 18.09 also includes a new build architecture which improves performance, storage management, and extensibility, while adding some important new features:

Performance improvements BuildKit includes a redesigned model concurrency and caching that makes it much faster, more accurate and portable.

For example, when testing the Dockerfile project Moby set speed increased from 2 to 9,5 times due to the simultaneous execution of multiple mounting stages, ignoring unused steps and incremental data files between sets in view context.

This new implementation also supports these new operating models:

  • Parallel stages of construction
  • Skip unused stages and unused context files
  • Incremental context transfer between builds

Of the other characteristics that can be highlighted, we find:

  • Updated input bash and zsh command bases.
  • A new local registry driver has been added, allowing the registry to be stored in a local file. Unlike jsonfilelog, the new handler is not bound to a specific log format.
  • Added support for using the default global address pool.
  • Based on the Docker Engine 18.09, a commercial product Docker Enterprise 2.1 was formed, which includes the delivery of additional plugins, support for the SLA (Service Level Agreement) and means to verify with digital signatures.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.