Book Image

Mastering Docker, Fourth Edition - Fourth Edition

Book Image

Mastering Docker, Fourth Edition - Fourth Edition

Overview of this book

Docker has been a game changer when it comes to how modern applications are deployed and created. It has now grown into a key driver of innovation beyond system administration, with a significant impact on the world of web development. Mastering Docker shows you how you can ensure that you're keeping up with the innovations it's driving and be sure you're using it to its full potential. This fourth edition not only demonstrates how to use Docker more effectively but also helps you rethink and reimagine what you can achieve with it. You'll start by building, managing, and storing images along with exploring best practices for working with Docker confidently. Once you've got to grips with Docker security, the book covers essential concepts for extending and integrating Docker in new and innovative ways. You'll also learn how to take control of your containers efficiently using Docker Compose, Docker Swarm, and Kubernetes. By the end of this Docker book, you’ll have a broad yet detailed sense of what's possible with Docker and how seamlessly it fits in with a range of other platforms and tools.
Table of Contents (22 chapters)
1
Section 1: Getting Up and Running with Docker
8
Section 2: Clusters and Clouds
16
Section 3: Best Practices

Third-party security services

Before we finish this chapter, we are going to take a look at some of the third-party services available to help you with the vulnerability assessment of your images.

Quay

Quay, an image registry by Red Hat, is similar to Docker Hub/Registry; one difference is that Quay actually performs a security scan of each image after it is pushed/built.

You can see the results of the scan by viewing the Repository Tags for your chosen image. Here you will see a column for Security Scan. As you can see in the following screenshot, in the example image that we created, there are no problems:

Figure 14.2 – A passed security scan on Quay

Clicking on Passed will take you to a more detailed breakdown of any vulnerabilities that have been detected within the image. As there are no vulnerabilities at the moment (which is a good thing), this screen does not tell us much. However, clicking on the Packages icon in the left-hand menu...