Docker hires'n'acquires to cure its security, networking headaches

Container wrangler adding staff to tackle top issues

Application container firm Docker is staffing up, having brought on new talent to further its security and networking development efforts.

On Tuesday, Diogo Mónica and Nathan McCauley, two former engineers for mobile payments outfit Square, jointly blogged that they had joined Docker to lead its security engineering.

"We've built, managed and secured distributed systems at scale, and now with Docker we can take what we've learned and build security directly into the distributed application platform," the pair wrote.

They may have their work cut out for them. Docker's popularity exploded over the past year, but it was also stung by multiple serious security vulnerabilities that called to question its fitness as mission-critical enterprise infrastructure technology.

Alex Polvi, CEO of CoreOS, which ships Docker as a key component of its cloudy Linux distro, went as far as to describe Docker's security model as "broken" and said his company would develop alternative software. And even Gartner, which is otherwise bullish on Docker, said Docker containers "disappoint when it comes to secure administration and management."

Mónica and McCauley said they are "embedding themselves" into the Docker engineering team and would soon begin a series of blog posts on infrastructure security best practices and container security in particular.

Docker's staffing spree didn't stop there, though. On Wednesday it announced that it had acquired software-defined networking (SDN) startup Socketplane for an undisclosed sum.

Palo Alto, California-based Socketplane, which was founded in the fourth quarter of 2014, described itself as a company comprised of veterans of Cisco, Dell, HP, OpenDaylight, and Red Hat that was working on providing a native SDN solution for Docker. Docker has now brought that expertise in-house.

"Our explicit focus is to lead the collaboration around a rich set of APIs that will empower [Docker] partners to create enterprise-class networking solutions that will further drive the adoption of multi-container, multi-host distributed applications," the Socketplane team wrote in a blog post.

The moves come a month after Docker announced a reshuffle of its top brass in which it divided the project's leadership between a chief architect, chief maintainer, and chief operator.

Docker is also working to reorganize the project's developers around specific subsystems – such as security, networking, storage, and so on – each with its own maintainer. Speaking at the DockerCon Europe conference in Amsterdam in December, Docker CTO and cofounder Solomon Hykes said the idea is to give maintainers a greater sense of ownership over problem areas, rather than have the same people maintain lots of different subsystems.

"If the breakdown is well done, then you have a situation where I wake up in the morning [as a subsystem maintainer] and what I worry about is at human scale," Hykes said. "I don't have to constantly hold the state of everything in my brain, because it's too big now. It's not possible."

Expect Docker to announce more new faces as the year progresses. The company secured a $40m round of funding led by Sequoia Capital in September 2014, which reportedly gave it a total valuation of $400m. ®

Other stories you might like

  • Tesla driver charged with vehicular manslaughter after deadly Autopilot crash

    Prosecution seems to be first of its kind in America

    A Tesla driver has seemingly become the first person in the US to be charged with vehicular manslaughter for a deadly crash in which the vehicle's Autopilot mode was engaged.

    According to the cops, the driver exited a highway in his Tesla Model S, ran a red light, and smashed into a Honda Civic at an intersection in Gardena, Los Angeles County, in late 2019. A man and woman in the second car were killed. The Tesla driver and a passenger survived and were taken to hospital.

    Prosecutors in California charged Kevin George Aziz Riad, 27, in October last year though details of the case are only just emerging, according to AP on Tuesday. Riad, a limousine service driver, is facing two counts of vehicular manslaughter, and is free on bail after pleading not guilty.

    Continue reading
  • AMD returns to smartphone graphics with new Samsung chip for your pocket computer

    We're back in black

    AMD's GPU technology is returning to mobile handsets with Samsung's Exynos 2200 system-on-chip, which was announced on Tuesday.

    The Exynos 2200 processor, fabricated using a 4nm process, has Armv9 CPU cores and the oddly named Xclipse GPU, which is an adaptation of AMD's RDNA 2 mainstream GPU architecture.

    AMD was in the handheld GPU market until 2009, when it sold the Imageon GPU and handheld business for $65m to Qualcomm, which turned the tech into the Adreno GPU for its Snapdragon family. AMD's Imageon processors were used in devices from Motorola, Panasonic, Palm and others making Windows Mobile handsets.

    Continue reading
  • Big shock: Guy who fled political violence and became rich in tech now struggles to care about political violence

    'I recognize that I come across as lacking empathy,' billionaire VC admits

    Billionaire tech investor and ex-Facebook senior executive Chamath Palihapitiya was publicly blasted after he said nobody really cares about the reported human rights abuse of Uyghur Muslims in China.

    The blunt comments were made during the latest episode of All-In, a podcast in which Palihapitiya chats to investors and entrepreneurs Jason Calacanis, David Sacks, and David Friedberg about technology.

    The group were debating the Biden administration’s response to what's said to be China's crackdown of Uyghur Muslims when Palihapitiya interrupted and said: “Nobody cares about what’s happening to the Uyghurs, okay? ... I’m telling you a very hard ugly truth, okay? Of all the things that I care about … yes, it is below my line.”

    Continue reading

Biting the hand that feeds IT © 1998–2022