DockerCon 2017 Recap: LinuxKit, the Moby Project, and Multi-stage Builds

Written by: Laura Frank Tacho
5 min read

Last week, nearly 5,000 engineers and tech professionals converged on Austin for an action-packed few days centered around Docker. Let's recap some of the highlights of DockerCon 2017.

This year, the conference spread its focus on developers, operators, and the enterprise experience, and there was undoubtedly a massive amount of content geared toward all interests on that spectrum. Clocking in at over 100 speakers, the event also had a day full of workshops, Hands-On Labs, and a new knowledge matchmaking tool called Moby Mingle, which facilitated one-on-one connections for attendees with common interests.

Multi-stage Builds

Since Docker stabilized around monthly "edge" and quarterly "stable" releases for their core product, this year's keynote announcements weren't so much focused around dazzling product features as they were on announcing awesome tools to support workflows around Docker.

The one exception was something that's coming in Docker 17.05: multi-stage builds. This new feature, managed inside the Dockerfile, allows you to pass around content within your Dockerfile so that you're able to end with the smallest possible image. This eliminates the need for you to include your entire build environment in your Dockerfile, and instead allows you to ship only the artifacts.

Using a small Golang binary as an example, you'd be able to compile the binary in the first stages of the image build process. In the last stage, you'd effectively throw out the build environment and its dependencies, and instead just ship the binary.

If you're a Windows user, this is especially huge for you. Check out fellow Docker Captain Stefan Scherer's blog about using multi-stage images.

The Moby Project

If you read Hacker News, chances are you've already read about the announcement of the Moby Project, a collection of open-source components that you can use to assemble containerized platforms.

As the initial PR states, this is an effort to decentralize and decompose what used to be known as the Docker Engine into smaller components.

Docker (the product) is now a consumer of Moby components. To manage these new Moby components, there's also a new CLI called moby which was demoed during the keynote. This announcement ruffled a lot of feathers despite having minimal impact on developers and operators who use Docker but don't contribute to the open-source project.

The Moby Project TL;DR:

  • The Docker Community Edition (Docker 17.04.0-ce, for example) will still be free.

  • Docker is now a consumer of code in the Moby Project, which is open source.

  • The Docker CLI is not going away and will not being renamed moby. The moby CLI is used to manage components of the Moby Project.

While some users were initially startled by the renaming of the GitHub repo docker/docker to moby/moby, active discussions on Hacker News as well as a statement on the Moby Project have cleared things up in the past few days.

Docker has a history of extracting common components and donating them to the open-source community, and the Moby Project is just another step toward an open, shared containerization platform. The project reinforces Docker's commitment to open source and relives some tensions that previously existed due to the fact that Docker, Inc. (the product offered by a for-profit corporation) shared a name with Docker, the open-source project. Now the lines of governance are clearer, and the goal of the Moby Project is to help engineers build their own cool stuff based on a containerized platform.


One of the most technically impressive announcements from DockerCon was the introduction of LinuxKit, which enables you to build your own customized Linux distributions. Many engineers got into Docker because it allows us to ship the bare minimum needed to run our applications; LinuxKit embodies that same idea but at the OS level.

LinuxKit is a component that belongs to the Moby Project (though in its own GitHub namespace), and you can use the moby utility to assemble your distribution created via LinuxKit. You pick the kernel version and start adding on top of it. All of the components in the system are containerized and easily swappable. You could, for example, build a minimal RedisOS.

Because the lower-level dependencies are swappable with LinuxKit, you could build this OS on bare metal, for Windows or for Mac (as was demoed during the keynote). If you're itching to try it out for yourself, there are some cool examples in the repo.

Moby's Cool Hacks

And finally, one of the coolest parts of any DockerCon is the closing session, which features hacks from the community. This year, two projects created by Docker Captains were featured: Play with Docker and Functions as a Service (FaaS).

Play With Docker (PWD) is essentially the Golang Playground but for Docker. Built on top of Swarm and Docker-in-Docker, a new PWD session gives you four hours of hack time with Docker. You can run your nodes standalone or in Swarm mode. You can even see the GUIs of services running in your PWD containers, and even connect to your host via the PWD Docker Machine plugin. The idea of PWD was conceived in a bar in Berlin during LinuxCon 2016, and has quickly accelerated to become an indispensable learning tool.

FaaS allows you to easily create serverless functions without having to tie yourself to a specific infrastructure provider, like when using Lambda with AWS. The demo included an example integration with Alexa, as well as a pretty cool "Fan Club" generator, which assembled the avatars of users who starred the repo during the demo. You can hack on FaaS here:

Stay up to date

We'll never share your email address and you can opt out at any time, we promise.