Docker, Inc

Proud to see Docker Captains representing the community at Container Days London. Rachid Zarouali, Pawel Piwosz, and Steven Hartland went deep on containerized local development, Cluster API, Kubernetes multi-tenancy, and the realities of data sovereignty. Events like this are a reminder that strong ecosystems are built on shared knowledge and real-world experience. Great to see the Docker community driving practical, production-focused conversations.

Running local LLMs and hitting context limits? The latest issue of the Docker AI Newsletter breaks down context packing - a technique that lets you fit longer conversations inside small models without slowing down performance. 🐳 Philippe Charrière shows how to implement it using Docker Model Runner and Agentic Compose, complete with token thresholds, summarization, and real world examples. Perfect for anyone building local assistants or working with smaller models on limited hardware. Read the full guide:

The Changelog just dropped a 🔥 new episode with Docker’s EVP of Engineering, Tushar Jain. Why did Docker make Hardened Images free and open source? How do they actually work under the hood? What’s next for container security, AI infrastructure, and developer-first tooling? The hosts ask the tough questions devs actually care about. And Tushar goes all in. If you’ve been following the DHI conversation or care about securing the software supply chain, listen to this: https://lnkd.in/dhxP9qGu

Most security issues don’t start in your code - they start in your foundation. As AI agents become part of everyday development, strong isolation is becoming a baseline security requirement. This month’s Docker Navigator newsletter dives into secure foundations: from safely running AI coding agents with Docker Sandboxes to hardened images, patching, and production-ready security workflows. Read the full issue →

What happens when you ask a coding agent to break out of its sandbox…live on a podcast!? On the latest Hanselminutes, Scott Hanselman tries exactly that with Docker Sandboxes and GitHub Copilot CLI. Together with Docker COO Mark Cavage, they dig into what “sandbox” really means: microVMs, isolation boundaries, agent autonomy, and where security actually begins and ends. If you’re experimenting with coding agents, this is a practical (and entertaining) look at how to run them safely - without slowing down development. Watch here → https://lnkd.in/grSuB2UG

Not sure where to start with MCP? MCP is quickly becoming the standard way to connect AI agents to real tools and services, but there’s a big gap between trying it out and building reliable multi-agent systems. In this session, we’ll walk through three practical ways teams are using MCP today: - Quick experiments with Docker’s MCP Toolkit and Catalog - Declarative multi-agent apps with cagent - Full agent frameworks like LangGraph and CrewAI You’ll learn when to use each approach, the tradeoffs involved, and how to apply them in practice with real-world examples. Register here → https://lnkd.in/gyevUxqH

Most container security issues start with base images, long before application code enters the picture. This post from Steve Buchanan explains how Docker Hardened Images (DHI) shift that work to the foundation, what developers and platform teams get out of the box, and how starting from a hardened base simplifies day-to-day container security. This walkthrough is especially relevant if your team is trying to truly reduce ongoing maintenance overhead and CVE noise: https://lnkd.in/gqZ6CZqm

What does container security look like in the real world - not in theory? Now that Docker Hardened Images are available to everyone, the question shifts from whether to use them to how to use them well. In this guide, Docker’s CISO Mark Lechner lays out best practices for building a scalable container security practice: drawing clear responsibility boundaries, isolating supply chain risk beyond CVEs, reducing vulnerability noise with VEX, and meeting compliance expectations without added toil. This post also draws on lessons from recent, real-world attacks and turns them into concrete actions teams can take today. A useful read for anyone responsible for container security or vulnerability management.

Coding agents need isolation in order to be more autonomous. That’s why Docker Sandboxes now supports GitHub Copilot CLI. Agents can run in isolated environments with controlled access to files, networking, and system resources. This keeps experimentation contained while preserving existing boundaries. More on Docker Sandboxes → https://lnkd.in/gBgg-jvA

Long-running systems shouldn’t require constant rework to stay secure. This is why, when services run for years, it’s essential that security be built into the foundation - not bolted on later. Temporal Technologies CTO Maxim Fateev on how free Docker Hardened Images and Extended Lifecycle Support make that possible: