Sign In Start Free Trial

Book Overview & Buying
Table Of Contents
Feedback & Rating

Docker Cookbook - Second Edition

By : Cochrane, Jeeva S. Chelladhurai, K Khare

3.5 (2)

Docker Cookbook

3.5 (2)

By: Cochrane, Jeeva S. Chelladhurai, K Khare

Overview of this book

Docker is an open source tool used for creating, deploying, and running applications using containers. With more than 100 self-contained tutorials, this book examines common pain points and best practices for developers building distributed applications with Docker. Each recipe in this book addresses a specific problem and offers a proven, best practice solution with insights into how it works, so that you can modify the code and configuration files to suit your needs. The Docker Cookbook begins by guiding you in setting up Docker in different environments and explains how to work with its containers and images. You’ll understand Docker orchestration, networking, security, and hosting platforms for effective collaboration and efficient deployment. The book also covers tips and tricks and new Docker features that support a range of other cloud offerings. By the end of this book, you’ll be able to package and deploy end-to-end distributed applications with Docker and be well-versed with best practice solutions for common development problems.

Preface

Preface

Who this book is for

What this book covers

To get the most out of this book

Sections

Get in touch

Free Chapter

Introduction and Installation

Introduction and Installation

Introduction

Verifying requirements for Docker installation

Installing Docker on Ubuntu

Installing Docker on CentOS

Installing Docker on Linux with an automated script

Installing Docker for Windows

Installing Docker for Mac

Pulling an image and running a container

Adding a nonroot user to administer Docker

Finding help with the Docker command line

Working with Docker Containers

Working with Docker Containers

Introduction

Listing/searching for an image

Pulling an image

Listing images

Starting a container

Listing containers

Looking at the container logs

Stopping a container

Removing a container

Removing all stopped containers

Setting the restart policy on a container

Getting privileged access inside a container

Accessing the host device inside a container

Injecting a new process into a running container

Reading a container's metadata

Labeling and filtering containers

Reaping a zombie inside a container

Working with Docker Images

Working with Docker Images

Introduction

Creating an image from the container

Creating an account with Docker Hub

Logging in and out of the Docker image registry

Publishing an image to the registry

Looking at the history of an image

Removing an image

Exporting an image

Importing an image

Building an image using a Dockerfile

Building an Apache image – a Dockerfile example

Setting up a private index/registry

Automated builds – with GitHub and Bitbucket

Creating a custom base image

Creating a minimal image using a scratch base image

Building images in multiple stages

Visualizing the image hierarchy

Network and Data Management for Containers

Network and Data Management for Containers

Introduction

Accessing containers from outside

Attaching containers to a host network

Launching containers with no network

Sharing IP addresses with other containers

Creating a user-defined bridge network

Discovering and load balancing containers

Persisting data using volumes

Sharing data between the host and the container

Docker Use Cases

Docker Use Cases

Introduction

Testing with Docker

Performing CI/CD with Shippable and Heroku

Performing CI/CD with TravisCI

Setting up PaaS with OpenShift origin

Building and deploying an app on OpenShift from the source code

Docker APIs and SDKs

Docker APIs and SDKs

Introduction

Working with images using APIs

Building images using APIs

Launching containers using APIs

Performing container operations using APIs

Exploring Docker remote API client libraries

Configuring the Docker daemon for remote connectivity

Securing the Docker daemon's remote connectivity

Docker Performance

Docker Performance

Introduction

Benchmarking CPU performance

Benchmarking disk performance

Benchmarking network performance

Getting container resource usage using the stats feature

Setting up performance monitoring

Docker Orchestration and Hosting a Platform

Docker Orchestration and Hosting a Platform

Introduction

Running applications with Docker Compose

Setting up a cluster with Docker Swarm

Using secrets with Docker Swarm

Setting up a Kubernetes cluster

Using secrets with Kubernetes

Scaling up and down in Kubernetes cluster

Setting up WordPress with Kubernetes clusters

Docker Security

Docker Security

Introduction

Setting Mandatory Access Control (MAC) with SELinux

Allowing writes to volumes mounted from the host with SELinux ON

Removing capabilities to break down the power of a root user inside a container

Sharing namespaces between the host and the container

Getting Help and Tips and Tricks

Getting Help and Tips and Tricks

Introduction

Starting Docker in debug mode

Building a Docker binary from the source

Building images without using cached layers

Building your own bridge for container communication

Changing the default OCI runtime

Selecting the logging driver for containers

Getting real-time Docker events for containers

Docker on the Cloud

Docker on the Cloud

Introduction

Docker for AWS

Deploying WordPress on Docker for AWS

Docker for Azure

Deploying Joomla! on Docker for Azure

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

3.5 (2)

5 star

50%

4 star

0%

3 star

0%

2 star

50%

1 star

0%

Removing capabilities to break down the power of a root user inside a container

In simple terms, with capabilities we can break down the power of a root user. Note the following from the main capabilities page:

For the purpose of performing permission checks, traditional UNIX implementations distinguish two categories of processes: privileged processes (whose effective user ID is 0, referred to as superuser or root), and unprivileged processes (whose effective UID is non-zero). Privileged processes bypass all kernel permission checks, while unprivileged processes are subject to full permission checking based on the process's credentials (usually: effective UID, effective GID, and supplementary group list).

Starting with kernel 2.2, Linux divides the privileges traditionally associated with superusers into distinct units, known as capabilities, which can be independently...

Visually different images

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Docker Cookbook

Search

Your notes and bookmarks