Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News OCI Standardizes Container Registry API Based on Docker’s v2 Protocol

OCI Standardizes Container Registry API Based on Docker’s v2 Protocol

This item in japanese

The Open Container Initiative (OCI) launched the container distribution specification project to standardize the API for container image registries. It's based on the Docker Registry v2 protocol, which is used by the Docker toolset as well as by public cloud vendors.

The Docker Registry protocol v2 is the current version of the protocol used by the Docker toolset to push and pull images between registries and users. Due to the widely used nature of the protocol, it is being adopted as the basis for the new standard that all implementations can follow. According to Michael Crosby, engineer at Docker, more than 40 billion images have been pushed using the protocol. The v2 of the protocol had significant changes from the previous version, including removing the tight coupling of the image internals with the Docker toolset itself.

Chris Aniszczyk, executive director of OCI, said in a press release:

With the booming development in container and cloud native technologies, the community needs a reliable industry standard for distribution to allow for increased interoperability along with a neutral home to evolve the specification.

Apart from the standard Docker Hub registry, various cloud vendors already support the v2 protocol with their hosted registries. For example, AWS Elastic Container Registry (ECR) supports it with an additional layer of authentication where the standard 'docker login' command can be used to authenticate after obtaining a token by invoking an AWS API separately. Google Cloud Platform’s container registry has a similar authentication mechanism on top of the standard registry protocol.

Other implementations include, GitLab's container registry, Huawei's Dockyard and JFrog Artifactory. It is not clear whether the different authentication mechanisms will be unified into a single wrapper mechanism that will hide the underlying cloud provider specific ones under the new spec. Some of the other registries also implement endpoints that are not present in the Docker registry as value-adds.

The OCI, a Linux Foundation project, has standardized other aspects of the container ecosystem in the past, like the image and the runtime specifications. Both of these standards attained v1.0 last year. The current announcement looks to be another milestone in this process. The runtime specification was based on Docker's runc project as a reference implementation. The same was true for the image format spec, which was based on Docker's image format v2. The standardization happened according to the policies of the OCI Technical Oversight board, starting with a proposal followed by discussion and voting.

Rate this Article