One of Docker’s core missions is delivering choice and flexibility across different application languages and frameworks, operating systems, and infrastructure. When it comes to modern applications, the choice of infrastructure is not just whether the application is run on-premises, on virtual machines or bare metal, or in the cloud. It can also be a choice of which architecture – x86, Arm, or GPU.
Today, we’re happy to share some updates in Docker Hub that make it easier to access multi-architecture images and scanning results through the Tag UX.
Navigating to Image Tags
In this example, we’re looking at a listing for a Docker Official Image that supports x86, PowerPC and IBMz as listed in the labels. When you land on the image page on Docker Hub, you can quickly identify if an image supports multiple architectures in the labels underneath the image name. For further details, you can click on ‘Tags’:
In this section, you can now view the different architectures separately to easily identify the right image for the architecture you need, complete with image size and operating system information:
If you click on the digest for a particular architecture, you will now also be able to see the actual source of the image – the layer-by-layer details that make up the image.
If vulnerability scanning was completed on that image, you’ll also be able to quickly identify if the image has any known vulnerabilities and if there are, whether these vulnerabilities are rated as critical, major or minor. The scanning results are based on a binary level scan of the image against the CVE database.
In this second example, you’ll see that layers 2 to 6 have passed vulnerability scanning via the green checkboxes, but the very first layer of the image has issues:
When you click on the first row, you’ll see that the image contains multiple components and that multiple components have known vulnerabilities ranging from minor to critical. To explore further, click on the caret to expand and view all of the found vulnerabilities:
Each vulnerability is linked directly to the CVE so that you can learn more about the CVE and its implications. That will allow you to decide if it needs to be fixed or not.
Get Started with Docker and Explore Docker Hub
Docker Hub is a great place to start learning more about Docker containers. Create your own account and get access to a guided tutorial on using Docker Hub and the free Docker Desktop. With your account, you also get free public repositories and one free private repository to start sharing and collaborating on content.
To learn more about Docker Hub: