Book Image

Docker for Developers

By : Richard Bullington-McGuire, Andrew K. Dennis, Michael Schwartz
2 (1)
Book Image

Docker for Developers

2 (1)
By: Richard Bullington-McGuire, Andrew K. Dennis, Michael Schwartz

Overview of this book

Docker is the de facto standard for containerizing apps, and with an increasing number of software projects migrating to containers, it is crucial for engineers and DevOps teams to understand how to build, deploy, and secure Docker environments effectively. Docker for Developers will help you understand Docker containers from scratch while taking you through best practices and showing you how to address security concerns. Starting with an introduction to Docker, you’ll learn how to use containers and VirtualBox for development. You’ll explore how containers work and develop projects within them after you’ve explored different ways to deploy and run containers. The book will also show you how to use Docker containers in production in both single-host set-ups and in clusters and deploy them using Jenkins, Kubernetes, and Spinnaker. As you advance, you’ll get to grips with monitoring, securing, and scaling Docker using tools such as Prometheus and Grafana. Later, you’ll be able to deploy Docker containers to a variety of environments, including the cloud-native Amazon Elastic Kubernetes Service (Amazon EKS), before finally delving into Docker security concepts and best practices. By the end of the Docker book, you’ll be able to not only work in a container-driven environment confidently but also use Docker for both new and existing projects.

Related Content you might be interested in

Current Title:

Small book image
Docker for Developers
Richard Bullington-McGuire | Andrew K. Dennis | Michael Schwartz
Sep, 2020 | 468 pages
Small book image
Mastering Docker..
Scott Gallagher | Russ McKendrick
Oct, 2018 | 426 pages
Small book image
Modern DevOps Practices
Gaurav Agarwal
Sep, 2021 | 530 pages
Small book image
Mastering Docker, Fourth Edition
Russ McKendrick
Oct, 2020 | 568 pages
Table of Contents (21 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Code in Action
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: An Introduction to Docker – Containers and Local Development
Section 1: An Introduction to Docker – Containers and Local Development
Free Chapter
2
Chapter 1: Introduction to Docker
Chapter 1: Introduction to Docker
The drivers for Docker
Using virtualization to economize resource usage
Addressing the increasing power requirements
Using containers to further optimize data center resources
Summary
Further reading
3
Chapter 2: Using VirtualBox and Docker Containers for Development
Chapter 2: Using VirtualBox and Docker Containers for Development
Technical requirements
Host filesystem pollution problem
Using VirtualBox for virtual machines
Using Docker containers
Getting started with Docker
Summary
Further reading
4
Chapter 3: Sharing Containers Using Docker Hub
Chapter 3: Sharing Containers Using Docker Hub
Technical requirements
Introducing Docker Hub
Implementing a MongoDB container for our application
Introducing the microservices architecture
Implementing a sample microservices application
Sharing your containers on Docker Hub
Summary
Further reading
5
Chapter 4: Composing Systems Using Containers
Chapter 4: Composing Systems Using Containers
Technical requirements
Introduction to Docker Compose
Using Docker local networking
Binding a host filesystem within containers
Other composition tools
Summary
Further reading
6
Section 2: Running Docker in Production
Section 2: Running Docker in Production
7
Chapter 5: Alternatives for Deploying and Running Containers in Production
Chapter 5: Alternatives for Deploying and Running Containers in Production
Technical requirements
Example application – ShipIt Clicker
Running Docker in production – many paths, choose wisely
What is the minimum realistic production environment?
Managed cloud services
Running your own Kubernetes cluster – from bare metal to OpenStack
Deciding on the right Docker production setup
Summary
8
Chapter 6: Deploying Applications with Docker Compose
Chapter 6: Deploying Applications with Docker Compose
Technical requirements
Selecting a host and operating system for single-host deployment
Preparing the host for Docker and Docker Compose
Deploying using configuration files and support scripts
Monitoring small deployments – logging and alerting
Limitations of single-host deployment
Summary
Further reading
9
Chapter 7: Continuous Deployment with Jenkins
Chapter 7: Continuous Deployment with Jenkins
Technical requirements
Using Jenkins to facilitate continuous deployment
The Jenkinsfile and host connectivity
Driving configuration changes through Jenkins
Deploying to multiple environments through multiple branches
Complexity and limits to scaling deployments through Jenkins
Summary
Further reading
10
Chapter 8: Deploying Docker Apps to Kubernetes
Chapter 8: Deploying Docker Apps to Kubernetes
Technical requirements
Options for Kubernetes local installation
Deploying a sample application – ShipIt Clicker v4
Choosing a Kubernetes distribution
Spinning up AWS EKS with CloudFormation
Deploying an application with resource limits to Kubernetes on AWS EKS
Using AWS Elastic Container Registry with AWS EKS
Summary
11
Chapter 9: Cloud-Native Continuous Deployment Using Spinnaker
Chapter 9: Cloud-Native Continuous Deployment Using Spinnaker
Technical requirements
Improving your setup for Kubernetes application maintenance
Spinnaker – when and why you might need more sophisticated deployments
Setting up Spinnaker in an AWS EKS cluster using Helm
Deploying ShipIt Clicker with a simple deployment strategy in Spinnaker
Surveying Spinnaker's deployment and testing features
Summary
Further reading
12
Chapter 10: Monitoring Docker Using Prometheus, Grafana, and Jaeger
Chapter 10: Monitoring Docker Using Prometheus, Grafana, and Jaeger
Technical requirements
Docker logging and container runtime logging
Using the liveness, readiness, and startup probes in Kubernetes
Gathering metrics and sending alerts with Prometheus
Visualizing operational data with Grafana
Application performance monitoring with Jaeger
Summary
Further reading
13
Chapter 11: Scaling and Load Testing Docker Applications
Chapter 11: Scaling and Load Testing Docker Applications
Technical requirements
Scaling your Kubernetes cluster
What is Envoy, and why might I need it?
Testing scalability and performance with k6
Summary
Further reading
14
Section 3: Docker Security – Securing Your Containers
Section 3: Docker Security – Securing Your Containers
15
Chapter 12: Introduction to Container Security
Chapter 12: Introduction to Container Security
Technical requirements
Virtualization and hypervisor security models
Container security models
Docker Engine and containerd – Linux security features
A note on cgroups
An overview of best practices
Summary
16
Chapter 13: Docker Security Fundamentals and Best Practices
Chapter 13: Docker Security Fundamentals and Best Practices
Technical requirements
Docker image security
Security around Docker commands
Security around the build process
Limiting resources and capabilities when deploying your builds
Summary
17
Chapter 14: Advanced Docker Security – Secrets, Secret Commands, Tagging, and Labels
Chapter 14: Advanced Docker Security – Secrets, Secret Commands, Tagging, and Labels
Technical requirements
Securely storing secrets in Docker
Adding, inspecting, and removing secrets
Secrets in action – examples
Docker tags for security
Using labels for metadata application
Summary
18
Chapter 15: Scanning, Monitoring, and Using Third-Party Tools
Chapter 15: Scanning, Monitoring, and Using Third-Party Tools
Technical requirements
Scanning and monitoring – cloud and DevOps security for containers
Securing your containers using AWS
Securing your containers using Azure
Securing your containers using GCP
Summary
Further reading
19
Chapter 16: Conclusion – End of the Road, but not the Journey
Chapter 16: Conclusion – End of the Road, but not the Journey
Technical requirements
Wrapping up – let's get started
What we learned about development
Next steps for taking your DevOps knowledge further
A summary on security and where to go next
Summary
20
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

What this book covers

Chapter 1, Introduction to Docker, provides some background on Docker, a walk-through of containers and their purpose, and presents the reader with an introduction to the topics that will be discussed in the book.

Chapter 2, Using VirtualBox and Docker Containers for Development, guides the reader through using a virtual machine locally for development and then compares this to how Docker can be used for containerized development projects.

Chapter 3, Sharing Containers Using Docker Hub, introduces the reader to Docker Hub and pre-built containers. Next, we explore the process of building specialized containers.

Chapter 4, Composing Systems Using Containers, investigates more complex situations where multiple containers need to work together as a complete system. Additionally, we give the reader an overview of Docker Compose.

Chapter 5, Alternatives for Deploying and Running Containers in Production, helps the reader understand the spectrum of choices when it comes to running containers in a production environment, including cloud options, on-premises and hybrid solutions.

Chapter 6, Deploying Applications with Docker Compose, discusses how to deploy a production application on a single host with Docker Compose and how to deal with logging and monitoring, along with the pros and cons of this simple setup.

Chapter 7, Continuous Deployment with Jenkins, shows how to use Jenkins for continuous integration (CI) and continuous deployment (CD) for containers, using a Jenkinsfile and multiple development branches.

Chapter 18, Deploying Docker Apps to Kubernetes, explores Kubernetes concepts, cloud distribution options, and shows how to create an Amazon Web Services Elastic Kubernetes Service (EKS) cluster for deploying Docker applications to Kubernetes.

Chapter 9, Cloud-Native Continuous Deployment Using Spinnaker, builds upon the skills we developed around CI/CD by integrating Netflix's Spinnaker with Kubernetes and looking at automated tests.

Chapter 10, Monitoring Docker Using Prometheus, Grafana, and Jaeger, explains how to monitor container-based applications using AWS CloudWatch, Prometheus, and Grafana. We introduce the OpenTracing API and implement it using Jaeger.

Chapter 11, Scaling and Load Testing Docker Applications, explores how to scale a Docker-based application through Kubernetes. It introduces the concept of a service mesh and shows a simple implementation using Envoy, integrating load balancing and advanced traffic routing and filtering, including utilization of the circuit breaker pattern. Finally, we show how to use k6.io to perform load testing to demonstrate that our application can scale out.

Chapter 12, Introduction to Container Security, walks the reader through basic container security concepts, including how virtualization and hypervisor security models work.

Chapter 13, Docker Security Fundamentals and Best Practices, builds upon the previous chapter's introduction and delves deeper into Docker and security components. This includes a comparison of Docker commands and their security implications.

Chapter 14, Advanced Docker Security – Secrets, Secret Commands, Tagging, and Labels, covers the topics of secrets, including passwords, and how they can be used securely with container-based environments. The reader is also introduced to the use of tagging and labeling best practices.

Chapter 15, Scanning, Monitoring, and Using Third-Party Tools, expands upon our logging and monitoring skills acquired from other chapters by refocusing on these elements from a security focus. Here, we also look at what options are available for users of AWS, Azure, and GCP and how we can scan containers for security issues using Anchore.

Chapter 16, Conclusion – End of the Road, but not the Journey, wraps the book up by revisiting what we have learned so far. Finally, we provide some ideas for where the reader can go next in exploring container-based projects. This ranges from adding Netflix Chaos Monkey to their CI/CD pipeline, to running Metasploit in a container.

Previous Section
Next Section