Criteria for Selecting a Docker Image Distribution Method
Choosing the best distribution method for your needs might seem daunting. In situations like these you should take the time to understand the options, identify criteria for making a selection, and avoid the urge to make the quick decision or settle.
I’ve identified selection criteria based on differences across the spectrum and common business concerns. When making a decision consider how important each of these are in your situation:
- Cost
- Visibility
- Transport Speed or Bandwidth Overhead
- Longevity Control
- Availability Control
- Access Control
- Artifact Integrity
- Artifact Confidentiality
- Requisite Expertise
Cost is the most obvious criteria and the distribution spectrum ranges in cost from free to very expensive and, “its complicated.” Lower cost is generally better, but most people have some flexibility on cost when the alternative does not fit their needs. For example most people will trade cost for artifact confidentiality if the situation calls for it.
Visibility is the next most obvious criteria for a distribution method. Secret projects or internal tools should be difficult if not impossible for unauthorized people to discover. In another case, public works or open source projects should be as visible as possible to promote adoption.
Transportation speed or bandwidth overhead is the next most flexible criteria. File sizes and image installation speed will vary between methods that leverage image layers, concurrent downloads, prebuilt images, and those that use flat image files or rely on deployment time image builds. High transportation speeds or low installation latency is critical for systems that use just-in-time deployment to service synchronous requests. The opposite is true in development environments, or asynchronous processing systems.
Longevity control is a business concern more than a technical concern. Hosted distribution methods are subject to other people or companies business concerns. An executive faced with the option of using a hosted registry might ask, “What happens if they go out of business or pivot away from repository hosting?” The question reduces to, “Will the business needs of the third-party change before yours?” If this is a concern for you, then longevity control is important. Docker makes it simple to switch between methods and other criteria like requisite expertise or cost may actually trump this concern. For those reasons, longevity control is another of the more flexible criteria.
Availability control is your ability to control the resolution of availability issues with your repositories. Hosted solutions provide no availability control. Businesses typically provide some service level agreement on availability if you are a paying customer, but there is nothing you can do to directly resolve an issue. On the other end of the spectrum, private registries or custom solutions put both the control and responsibility in your hands.
Access control provides protects your images from modification or access by unauthorized parties. There are varying degrees of access control. Some systems only provide access control of modifications to a specific repository, while others provide course control of entire registries. Other systems might include pay-walls or digital right management controls. Projects typically have specific access control needs dictated by the product or business. This makes access control requirements one of the least flexible and most important to consider.
Artifact integrity and confidentiality both fall in the less flexible and more technical end of the spectrum. Artifact integrity is trustworthiness and consistency of your files and images. Violations of integrity may include man-in-the-middle attacks where an attacker intercepts your image downloads and replaces the content with their own. They might also include malicious or hacked registries that lie about the payloads they return.
Artifact confidentiality is a common requirement for companies developing trade secret or proprietary software. For example, if you use Docker to distribute cryptographic material then confidentiality will be a major concern. Artifact integrity and confidentiality features vary across the spectrum. Overall, the “out of the box” distribution security features will not provide the tightest confidentiality or integrity. If that is one of your needs, a solution will need to be implemented and reviewed by an information security professional.
The last thing to consider when choosing a distribution method is the level of expertise required. Using hosted methods can be very simple and requires little more than a mechanical understanding of the tools. Building custom image or image source distribution pipelines will require expertise with a suite of related technologies. If you do not have that expertise or do not have access to someone that does, using more complicated solutions will be a challenge. In that case, you might be able to reconcile the gap at additional cost.
Keep these criteria, or others that you might come up with, in mind when evaluating distribution solutions. Doing so will help you make a data based decision.
