The Cloud Native Computing Foundation has announced a new partnership with Docker aimed at strengthening the infrastructure that supports open source projects within the cloud native ecosystem. Under the agreement, all CNCF-hosted projects will gain access to Docker’s Sponsored Open Source program, known as DSOS, which provides premium registry, security, and support services.
CNCF, the organization that fosters sustainable ecosystems for cloud native software, has worked closely with Docker since its early days. This new arrangement formalizes and expands that relationship, reflecting the central role container technology continues to play in cloud development and deployment.
The DSOS program is designed to help open source communities operate at scale by offering infrastructure and tooling that is typically only available to enterprise users. CNCF projects enrolled in the program will benefit from unlimited image pulls on Docker Hub, automated builds directly from source, access to Docker Scout for vulnerability analysis and policy enforcement, usage metrics, and streamlined support. Sponsored OSS status will also improve project visibility and trust among developers and enterprises that rely on these tools in production environments.
DevSecOps Practices
Docker Hub, one of the world’s largest container image registries, currently supports more than 22 billion image downloads each month and hosts over 14 million images. With so many projects in the CNCF ecosystem using Docker as a default distribution channel, the partnership aims to ensure that both maintainers and users have secure, reliable access to the images and tools they need.
For project maintainers, the benefits include infrastructure built to accommodate the demands of running production-grade open source initiatives, while end users gain more trustworthy access to the software that underpins modern cloud environments. The addition of Docker Scout and Hardened Images introduces enhanced security and compliance capabilities, aligning with DevSecOps practices that are becoming standard across enterprises.
Beyond technical integration, the collaboration underscores a broader commitment to shoring up the open source supply chain. With increasing concerns about vulnerabilities and software integrity, both organizations are positioning the partnership as a way to enhance trust while maintaining open collaboration.
The agreement will also increase discoverability for Docker within the CNCF ecosystem. Docker will be listed as an official service provider on the CNCF Project Services page, making it easier for maintainers to find and use the resources available.
Enrollment in the DSOS program is open to all CNCF projects. Participating projects will be marked with a DSOS badge on Docker Hub, signaling their inclusion and giving developers assurance that the software is distributed with added security and infrastructure backing. Projects not yet enrolled can opt in by contacting the CNCF Service Desk.
By combining Docker’s infrastructure with CNCF’s portfolio of projects, the partnership aims to create a more secure, scalable, and collaborative foundation for the cloud native ecosystem at a time when containerization and open source tools are more deeply embedded in enterprise workflows than ever before.
Discover more from WIREDGORILLA
Subscribe to get the latest posts sent to your email.
