Last checked and updated on April 15, 2026What Is New in Docker Engine 17.10
Docker 17.10 CE brought a significant shift in how container runtimes are managed, alongside a host of builder and CLI improvements. This release focused on decoupling the underlying runtime from the core engine.
| Category | Key Changes |
|---|---|
| New Features | Default containerd integration, Docker Builder, docker container prune command |
| Runtime | Switched to containerd 1.0, support for Microsoft Windows Server 1709 |
| Builder | BuildKit technology preview, # syntax directive for Dockerfiles |
| Networking | DNS Round Robin load balancing for Swarm services |
| Deprecations | Deprecated the DEBIAN_FRONTEND environment variable in Dockerfiles |
How did the container runtime change in 17.10?
Docker Engine 17.10 CE began using containerd 1.0 as the default container runtime. This was a major architectural change, moving from a direct integration with runc to a more modular approach.
In practice, this meant the Docker daemon now delegates container lifecycle operations to containerd, which then uses runc. This decoupling creates a cleaner stack and allows containerd to be used by other systems independently. The change was mostly transparent to users but laid the groundwork for a more robust and pluggable infrastructure.
What builder improvements were introduced?
This release included a technology preview of BuildKit, a next-generation build subsystem. While not enabled by default, it promised significant performance enhancements, improved caching, and parallel build processing.
To use the experimental builder, users had to set the DOCKER_BUILDKIT=1 environment variable. A key feature introduced alongside it was the # syntax parser directive in Dockerfiles, allowing for more flexible and powerful Dockerfile definitions. This was the first step toward a much faster and more feature-rich build experience.
What new commands and CLI features were added?
The CLI gained the handy docker container prune command. This lets you quickly clean up all stopped containers with a single command, freeing up disk space without having to manually list and remove them.
For builders, the docker build command gained support for the new --network flag, giving you control over the networking mode used during the build process. This is useful for builds that need to access resources on specific networks.
Were there any networking updates for Swarm?
Yes, Docker 17.10 added DNS Round Robin (DNSRR) load balancing for Swarm mode services. Previously, Swarm used virtual IPs (VIPs) and an internal load balancer by default.
With DNSRR, you can now configure a service to use simple DNS-based load balancing instead. This is useful for certain use cases where you need to avoid the VIP layer, such as when using a custom load balancer or for specific legacy application requirements. You enable it by setting --endpoint-mode dnsrr on your service.
What was deprecated in this release?
The use of the DEBIAN_FRONTEND environment variable inside Dockerfiles was officially deprecated. This variable was commonly used to avoid interactive prompts when installing packages in Debian-based images.
The recommended approach is to use the -y flag with apt-get instead. This change was made to encourage more explicit and reliable build instructions that are less dependent on environment state.
FAQ
Is Docker 17.10 using containerd instead of runc now?
No, it's using both. Docker Daemon now talks to containerd 1.0, which then manages runc. This adds a layer of abstraction, making the runtime more modular. Runc is still the component that actually creates and runs the containers.
How do I try out the new BuildKit builder?
You have to explicitly enable it by setting the environment variable DOCKER_BUILDKIT=1 before running your docker build command. Without this flag, the build will use the classic builder.
What does the # syntax line do in a Dockerfile?
It's a parser directive that tells the Dockerfile parser how to interpret the file. This was introduced to support the experimental BuildKit features and allows for future extensions to the Dockerfile syntax without breaking backward compatibility.
Why would I use --endpoint-mode dnsrr for a Swarm service?
You'd use DNS Round Robin mode if your application needs to bypass Docker's internal load balancer (VIP). This is common for applications that handle their own service discovery or when using an external load balancer that works directly with the individual container IPs.
My build breaks because of DEBIAN_FRONTEND being deprecated. What should I do?
Instead of setting ENV DEBIAN_FRONTEND=noninteractive in your Dockerfile, you should use the -y flag with your apt-get install commands to automatically answer "yes" to prompts, e.g., RUN apt-get update && apt-get install -y mypackage.