Docker Experimental Features in Red Hat Enterprise Linux

Updated -

The following features included in the docker component (docker-1.4 and higher) are not yet upstream, and considered experimental. The user interface for these features may change in future releases. The features are fully supported as part of a standard Red Hat Enterprise Linux or Red Hat Enterprise Linux Atomic host deployment.

Registry Access Control: The docker daemon includes two options to manage which registries it can connect to. These can be defined in /etc/sysconfig/docker with the ADD_REGISTRY and BLOCK_REGISTRY options.

# If you want to add your own registry to be used for docker search and docker
# pull use the ADD_REGISTRY option to list a set of registries, each prepended
# with --add-registry flag. The first registry added will be the first registry
# searched.

Each registry in ADD_REGISTRY is searched in order of appearance in the configuration file. Red Hat's default includes
an entry for the Red Hat maintained registry ( on the Red Hat Customer Portal for images from Red Hat product families.

# If you want to block registries from being used, uncomment the BLOCK_REGISTRY
# option and give it a set of registries, each prepended with --block-registry
# flag. For example adding will stop users from downloading images
# from
# BLOCK_REGISTRY='--block-registry'

The default configuration includes access to the Docker Hub as builtin feature of the docker component, To prevent access to the Docker Hub, a special keyword "public", should be used in the BLOCK_REGISTRY option.

Network Namespace Creation: In addition to docker automatically creating namespaces needed to start a container instance, users can now specify an externally created network namespace. This will facilitate the usage of external network interface creation tools to be leveraged in a docker container context.


The PATH is replaced with the network namespace path entry in /var/run/netns/. Tools such as ip netns can be used to create manage independent network namespaces and interfaces.