Are you missing patching your clusters because of the new Docker hub limits?
Docker announced new limits on image pulls from its Hub. We examine how it may impact your K8s operations.
What is happening with Docker Hub and rate limits?
A couple of months ago, Docker announced that they would be rate limiting container image pulls starting November 1st 2020 and will start applying the rate limits as detailed in the Docker subscription plan page. Docker also updated their Terms and Services to reflect this change. Simply put, the following limits will apply
- Free plan for anonymous users: 100 pulls per 6 hours
- Free plan for authenticated users: 200 pulls per 6 hours
- Pro plan: unlimited, no rate limiting
- team plan: unlimited, no rate limiting
Why is this significant?
Different people use the docker hub and container images differently based on the environment in which they work. There are developers who use docker images for testing and building applications, system administrators that use containers to run software that glues multi service architectures together, cluster administrators who create and destroy containers when testing workloads and orchestration environments pulling and starting containers when there is a need for them. For a plethora of use cases, a significant amount of them potentially use anonymous requests to fetch and work with containers.
What is the impact of this change?
Based on your environment of usage, you may be impacted differently. Read on to see how this impacts CI/CD pipelines and security and how different cloud providers are dealing with this.
Read more …
