Book Image

The Docker Workshop

By : Vincent Sesto, Onur Yılmaz, Sathsara Sarathchandra, Aric Renzo, Engy Fouda
5 (3)
Book Image

The Docker Workshop

5 (3)
By: Vincent Sesto, Onur Yılmaz, Sathsara Sarathchandra, Aric Renzo, Engy Fouda

Overview of this book

No doubt Docker Containers are the future of highly-scalable software systems and have cost and runtime efficient supporting infrastructure. But learning it might look complex as it comes with many technicalities. This is where The Docker Workshop will help you. Through this workshop, you’ll quickly learn how to work with containers and Docker with the help of practical activities.? The workshop starts with Docker containers, enabling you to understand how it works. You’ll run third party Docker images and also create your own images using Dockerfiles and multi-stage Dockerfiles. Next, you’ll create environments for Docker images, and expedite your deployment and testing process with Continuous Integration. Moving ahead, you’ll tap into interesting topics and learn how to implement production-ready environments using Docker Swarm. You’ll also apply best practices to secure Docker images and to ensure that production environments are running at maximum capacity. Towards the end, you’ll gather skills to successfully move Docker from development to testing, and then into production. While doing so, you’ll learn how to troubleshoot issues, clear up resource bottlenecks and optimize the performance of services. By the end of this workshop, you’ll be able to utilize Docker containers in real-world use cases.
Table of Contents (17 chapters)
Preface

Utilizing SaaS Security Scans with Snyk

Snyk is an online SaaS application that provides an easy-to-use interface that allows you to scan your Docker images for vulnerabilities. Although Snyk is a paid application, it does provide a free tier with a large amount of functionality to the user. It provides unlimited tests to open source projects and allows GitHub and GitLab integration, with remediation to open source projects and continuous monitoring. You are limited to the amount of container vulnerability testing that is allowed.

The following exercise will run through using the web interface providing a guide on how to register for an account and then add your container to be scanned for security vulnerabilities.

Exercise 11.04: Setting up a Snyk Security Scan

In this exercise, you will use your web browser to work with Snyk to start implementing security scans on our security-app image:

  1. Create an account with Snyk if you have not used Snyk before or do not have...