You have Docker; Now what?

Artifactory Docker Registry

Almost all organizations developing software today use Docker. However, there are some that still don’t have confidence to take Docker to production.

Let’s take a closer look at two main challenges behind this hesitation, which are visibility into the Docker images and where/how they are managed.

Challenge 1: What’s in your Docker images

Docker images are not empty, they contain multiple binaries (such as OS packages and applications). Putting them into production requires visibility into what exactly they include. You really need to know what is in your Docker images before you can use them. For example, you need to ensure that there are no security and license vulnerabilities in them, and that you are using the right versions. Most users are unaware of the security issues or even that they are using an old version.

Artifactory Package Viewer

Challenge 2: Where are your Docker images stored and managed

When considering where to store and manage your binaries, file systems or object-storage for binaries are just not enough. They may not even work with client tools such as Maven client and Docker client. Furthermore, as you scale, collaboration and dependency management across disperse sites will become more complex and unmanageable. Some may even consider using a version control system, such as Git. However, Git is designed for source code and should not be misused to store application binaries. And it really doesn’t work for Docker.

Binary Management challenges

Furthermore, these binaries are components of larger applications or services. Various teams need to deploy these binaries with their dependencies, across one or multiple environments throughout all stages of the pipeline, in a repeatable and reliable way.

So, how do you manage all of this? Bottom-line, you need a single place to get all the binaries. If it comes from multiple sources, then it is very hard to manage. A universal binary repository manager helps you address all these issues.

Universal Binary Repository: JFrog Artifactory

A universal binary repository manager provides a singles source of truth for all your binaries, whether they are application packages, OS packages within a Docker image or the Docker image itself. This enables you to ship updates continuously and automatically in a secure way, and at the same time ensure that your release always uses the trusted version of the binary in production.

JFrog Artifactory, the universal repository manager, helps you set up a secure private Docker registry in minutes to manage all your Docker images while exercising fine-grained access control. Artifactory places no limitations and lets you set up any number of Docker registries through the use of local, remote and virtual Docker repositories, and works transparently with the Docker client to manage all your Docker images, whether created internally or downloaded from remote Docker resources such as Docker Hub.

Top 7 benefits of using JFrog Artifactory to manage Docker images

    1. Facilitate Multiple Docker Registries
      Artifactory lets you define as many Docker registries as you wish. This enables you to manage each project in a distinct registry and exercise better access control to your Docker images.
    2. Use Docker Naturally
      Artifactory supports the relevant calls of the Docker Registry API so that you can transparently use the Docker client to access images through Artifactory.
    3. Secure private Docker Registry with Fine-grained Access Control
      Local Docker repositories are where you store internal Docker images for distribution across your organization. With the fine-grained access control provided by built-in security features, Artifactory offers secure Docker push and pull with local Docker repositories as fully functional, secure, private Docker registries.
    4. Confidently Promote Images to Production
      Artifactory lets you promote Docker images, as immutable, stable binaries, through the quality gates all the way to production.
    5. Consistent and reliable access to remote images
      Remote Docker repositories in Artifactory proxy external resources such as Docker Hub, or a remote Docker repository in another Artifactory instance, and cache downloaded images. As a result, overall networking is reduced, and access to images on these remote resources is faster, consistent and reliable.
    6. Ability to leverage Smart Search
      Using Artifactory’s Package Search, find your images in the most natural way for Docker using the image name, tag or digest.
    7. JFrog End-to-End Platform
      Through Artifactory’s tight integration with JFrog Bintray, you can manage your Docker images from development, through your pipeline, all the way to distribution.

For any organization using Docker – whether in development, testing, or production, an enterprise-grade binary repository really helps you take your Docker implementation to the next level.  

The benefits of Artifactory highlighted in this blog are just the tip of the iceberg. You must also think about scalability, security and high availability. In a future blog posts we’ll cover these aspects applying them to your Docker implementation.