菜单
工具

Docker Notary

NOT ON THE CURRENT EDITION
This blip is not on the current edition of the radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the radarUnderstand more
Nov 2019
评估?

Docker Notary是对镜像、文件及容器等资产进行签名的开源工具,用于验证资产的来源。对于受控的环境来说这是超级有用的功能,而对于其他环境来说也是很好的实践。容器在创建时,会使用代表发布者身份的私钥及哈希进行签名,并存储至元数据。对于已经发布的容器(或其他资产),就可以用镜像的哈希以及发布者的公钥对其来源进行验证。虽然已经有Docker Trusted Registry这样可公开访问、可信任的注册中心,但也可以运行自己的注册中心。我们的团队在本地运行Notary服务时发现还有些问题,并建议使用其他支持Notary的注册中心。