Docker 1.3 Improves Container Security
The open-source Docker container virtualization project is out this week with the Docker Engine 1.3 release, providing some really important security features.
Docker Founder Solomon Hykes detailed many of the big updates in Docker Enginer 1.3 during a Linuxcon keynote in August.
Among the big additions is the ability to check images with the using of a digital signature. By having the digital signature, it provides users with an additional layer of confidence to know that an image has not been tampered with.
There are also new security labeling options that can enable control with SELinux and AppArmor. Both SELinux and AppArmor provide fine-grained system controls for what running processes can and cannot do on a system.
Looking beyond just security, Docker Engine 1.3 also has one really interesting new command that should be a major boost for container orchestration and control. That command is 'docker-exec' and it enables an administrator to run a process in an existing, active container.
"With docker exec, you'll be able to do things like add or remove devices from running containers, debug running containers, and run commands that are not part of the container's static specification," the Docker 1.3 release notes states.
Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist