Mirantis has entered into an agreement to be acquired by IREN.  A message from our CEO

Contact Us
Docs
Store
Partners
Training
Platform
k0rdent AI

k0rdent AI: Provision multi-tenanted AI-ready infrastructure and core services

WHY k0RDENT

VIDEO: Run Anywhere. Automate Everything. k0rdent in 30 seconds.

Solutions

FROM METAL-TO-MODEL™

IaaS

Unified infrastructure automation

  • Multi-Cluster

  • Hybrid Multicloud

  • Workload Migration

  • Virtualization

  • Private Clouds

GPU PaaS

GPU provisioning & partitioning

  • AI Cloud

  • Sovereign Cloud

  • Enterprise AI Factory

  • Government AI Factory

AI PaaS

Training, inference & self-service AI

  • Turnkey Training

  • Turnkey Inference

  • Self-Service Portals

  • Inference Mesh

  • Model Registry

AI Services

Expert support & services

  • MCP AdaptiveOps

Services
Modern Application Delivery
App Modernization
Cloud Platform Operations
AI Inferencing Platform
Workload Migration
MCP AdaptiveOps
Enterprise Support
Resources

KNOWLEDGE BASE

Resource Library
Blog
Case Studies
Cloud Native Cookbook
Guided Demos
Tech Talks
Videos
Webinars

COMPANY

Why Mirantis
About
Press Releases
Careers
Leadership
Events
GET STARTED
< Cloud Native Cookbook

What is the difference between Mirantis Container Runtime and Docker CE?

It can be hard to untangle the differences between container tools—especially if you’re new to the world of containerization.

image

Table of Contents

Docker Community Edition (Docker CE) remains a popular open source container engine for development and small-scale deployments. Mirantis Container Runtime (MCR), formerly Docker Engine – Enterprise, is built from the same upstream Moby project but is engineered for production environments that require stronger security controls, compliance alignment, Windows Server support, and enterprise backing.


A Quick Refresher: Moby, Docker CE, and MCR

Both Docker CE and Mirantis Container Runtime are downstream of the open source Moby project. They use the Docker API and share a common lineage.

In 2019, Mirantis acquired Docker’s enterprise business. The product formerly known as Docker Engine – Enterprise became Mirantis Container Runtime.

Today, Docker CE is community-supported, while MCR is a commercially supported container runtime designed for production use at scale.

From a developer experience perspective, MCR remains fully compatible with Docker-based workflows, including the Docker CLI, Dockerfiles, and APIs. Teams can move workloads from development to production without major workflow changes. The differences emerge in areas such as security, compliance, Windows support, and operational guarantees.

Capability MCR Docker CE
Upstream foundation Built from Moby Built from Moby
Docker CLI compatibility Yes Yes
FIPS-capable offering Yes No enterprise-backed equivalent
Enterprise support Yes (Mirantis Enterprise Support) Community support
Windows Server production support Yes Community-oriented / not enterprise-positioned
Image signing and validation Supported with Mirantis Secure Registry Not part of a comparable supported enterprise platform
Vulnerability scanning Via Mirantis Secure Registry integration Not included as a comparable supported enterprise feature
SELinux / AppArmor Supported Available in community builds
Sandboxed runtime options Supported Not positioned as an enterprise-backed differentiator
GPU integration Enterprise-backed options, including CDI-based approaches No comparable enterprise-backed positioning
OS support matrix Supported across multiple enterprise OS environments, including Windows Server Varies by community build
Runtime role in orchestration Used beneath Swarm, Kubernetes, and standalone containers Commonly used in community Docker / Swarm workflows

Runtime Security and Compliance Controls

For regulated industries and mission-critical workloads, runtime security is not optional. Mirantis Container Runtime is positioned around stronger security and compliance requirements, including FIPS-capable options for qualifying deployments.

Security capabilities associated with MCR include:

  • FIPS-capable cryptography options

  • AppArmor and SELinux support for access control

  • Sandboxed runtime options to reduce isolation risk

  • Secure mutual TLS and cryptographic node identity in supported enterprise environments

These capabilities make MCR a stronger fit for organizations that must enforce stricter security controls. Docker CE does not provide the same enterprise-backed compliance posture.

Image Integrity and Supply Chain Protection

Container security does not stop at runtime isolation. It also includes image integrity and vulnerability management.

MCR, when used with Mirantis Secure Registry, supports image signing and validation workflows as well as vulnerability scanning and visibility into known CVEs. This helps organizations control image provenance and improve supply chain security in production environments.

This capability is especially important for distributed teams and multi-site production environments where image provenance must be controlled.

Docker CE does not include a comparable supported enterprise platform for signed image validation and integrated scanning out of the box.

Windows Server: Native, Enterprise-Supported Containers

Windows container support is one of the clearest differentiators between MCR and Docker CE.

Mirantis Container Runtime is documented for Windows Server and delivers enterprise support for Windows container workloads in production environments. It is also positioned for use across multiple enterprise operating system environments, enabling more consistent runtime behavior across heterogeneous infrastructure. For enterprises modernizing legacy .NET and Windows-based workloads, that matters. It provides a supported runtime path for production Windows containers.

Docker CE can run on Windows, but it is not positioned as an enterprise Windows Server container runtime in the same way.

Enterprise Support and SLAs

Mirantis Container Runtime is backed by Mirantis Enterprise Support, which is a key distinction for teams running business-critical workloads.

Docker CE relies on community support. For development and experimentation, that may be sufficient. For production environments, many organizations require vendor-backed support and contractual SLAs.

AI and GPU-Accelerated Workloads

MCR is positioned to support enterprise GPU-backed container workloads, including CDI-related approaches. That makes it relevant for organizations running AI and machine learning applications that need a supported runtime foundation.

Docker CE may be usable in GPU-related scenarios, but it is not positioned with the same enterprise-backed support story.

Orchestration Flexibility

MCR can serve as the container runtime beneath Swarm, Kubernetes, and standalone container deployments. It also serves as the container runtime at the heart of Mirantis Kubernetes Engine, enabling organizations to standardize on a production-grade runtime across orchestration models.

Docker CE supports familiar Docker and Swarm-based workflows, but without the same enterprise support model.

When to Choose Docker CE vs Mirantis Container Runtime

Docker CE may be sufficient if:

  • You are running development environments

  • You do not require enterprise support

  • You do not need Windows Server production support

  • You do not have compliance requirements that call for a FIPS-capable runtime path

Mirantis Container Runtime is a better fit for:

  • Regulated environments with stronger security and compliance requirements

  • Enterprises that want supported image signing, validation, and scanning workflows

  • Windows Server container production deployments

  • Organizations that need vendor-backed support and SLAs

  • Teams standardizing on a supported runtime across multiple deployment environments

Docker CE and Mirantis Container Runtime share a common heritage. The difference is not the basic Docker experience. It is the level of support, security posture, compliance alignment, and production assurance behind it.

MCR is designed for organizations moving containers from experimentation into supported, business-critical production use.

Book a demo today and start exploring MCR.

Next Up

Graphic defining cloud native concepts and their importance in modern application development

What Is Cloud Native and Why Should I Care?

Cloud native is a buzzy term in tech, these days. But what does it mean? And why should you care?

READ NOW

Overview illustration of Kubernetes architecture and its core functions.

What is Kubernetes?

Kubernetes is software that automatically manages, scales, and maintains multi-container workloads in desired states.

READ NOW

Visual guide explaining Kubernetes monitoring, including metrics collection and observability tools.

What is Kubernetes monitoring?

Kubernetes monitoring provides visibility into what’s happening inside your cluster.

READ NOW

k0rdent whitepaper cover

Whitepaper:

k0rdent: Helping Platform Engineers

Tame multi-cloud K8s complexity

Download Whitepaper
k0rdent Datasheet cover

Datasheet:

k0rdent Datasheet

Open-source K8s platform engineering

Download Datasheet
Mirantis AI Factory Reference Architecture cover

Reference Architecture:

AI Factory Reference Architecture

Build sovereign AI infra at scale

Download Now
Mirantis logo
  • Linkedin Icon
  • Facebook Icon
  • Youtube Icon
  • X Icon

900 E Hamilton Avenue
Suite 650
Campbell, CA 95008
+1-650-963-9828

Privacy Policy

Do Not Sell My Information

UK Modern Slavery Act Statement

Why k0rdent?
Products
Open Source
Solutions
Services
Knowledge Base
Company

© 2005 - 2026 Mirantis, Inc. All rights reserved. “Mirantis” and “FUEL” are registered trademarks of Mirantis, Inc. All other trademarks are the property of their respective owners.