When you run applications on the cloud, odds are you're actually running them in containers. And many of us aren't creating our own containers of common applications, such as the Apache Web Server[1], MySQL DBMS[2], or the Traefik cloud-native edge router[3]. Instead, we simply grab them from the Docker Hub[4] or another repository of popular container images. Unfortunately, for users who don't want to pay for their images, Docker[5] is not a charity. Starting in November, Docker has started limiting Docker container pull requests[6] for anonymous and free authenticated users. To address this issue, Amazon Web Services (AWS) has started working on its own public container registry[7].
You may think this is much ado about nothing. I mean how many container images can one company pull anyway? The answer is that Amazon Elastic Container Registry (ECR) customers alone download billions of images each week. That's no typo. Billions.
Today's production software chain often consists of grabbing a popular container image, running it for a few minutes or hours, and then dumping it. If you need it again, you just repeat the process.
That's great for you, but it's not so great for Docker. As Jean-Laurent de Morlhon, Docker's VP of software engineering, explained: "The vast majority of Docker users pulled images at a rate you would expect for normal workflows. However, there is an outsized impact from a small number of anonymous users. For example, roughly 30% of all downloads on Hub come from only 1% of our anonymous users.[8]" So, since bandwidth isn't free, Docker is rate-limiting its free and anonymous users.
This began on Nov. 2. Anonymous and free users are now limited