Book Image

Learning Docker

By : Pethuru Raj, Jeeva S. Chelladhurai, Vinod Singh, Vinod kumar Singh, Jeeva Chelladhurai, Pethuru Raj Chelliah
Book Image

Learning Docker

By: Pethuru Raj, Jeeva S. Chelladhurai, Vinod Singh, Vinod kumar Singh, Jeeva Chelladhurai, Pethuru Raj Chelliah

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning Docker
Pethuru Raj | Jeeva S. Chelladhurai | Vinod Singh | Vinod kumar Singh | Jeeva Chelladhurai | Pethuru Raj Chelliah
Jun, 2015 | 240 pages
No titles found
Table of Contents (18 chapters)
Learning Docker
Learning Docker
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Getting Started with Docker
Getting Started with Docker
An introduction to Docker
Docker on Linux
Differentiating between containerization and virtualization
Installing the Docker engine
Understanding the Docker setup
Downloading the first Docker image
Running the first Docker container
Running a Docker container on Amazon Web Services
Troubleshooting
Summary
2
Handling Docker Containers
Handling Docker Containers
Clarifying the Docker terms
Working with Docker images
Working with an interactive container
Summary
3
Building Images
Building Images
Docker's integrated image building system
A quick overview of the Dockerfile's syntax
The Dockerfile build instructions
A brief overview of the Docker image management
Best practices for writing Dockerfiles
Summary
4
Publishing Images
Publishing Images
Understanding the Docker Hub
Pushing images to the Docker Hub
Automating the building process for images
Private repositories on the Docker Hub
Organizations and teams on the Docker Hub
The REST APIs for the Docker Hub
Summary
5
Running Your Private Docker Infrastructure
Running Your Private Docker Infrastructure
The Docker registry and index
Docker registry use cases
Run your own index and registry
Push the image to the newly created Docker registry
Summary
6
Running Services in a Container
Running Services in a Container
A brief overview of container networking
Envisaging the Container as a Service
Exposing container services
Summary
7
Sharing Data with Containers
Sharing Data with Containers
The data volume
Sharing host data
Sharing data between containers
Avoiding common pitfalls
Summary
8
Orchestrating Containers
Orchestrating Containers
Linking containers
Orchestration of containers
Summary
9
Testing with Docker
Testing with Docker
A brief overview of the test-driven development
Testing your code inside Docker
Integrating Docker testing into Jenkins
Summary
10
Debugging Containers
Debugging Containers
Process level isolation for Docker containers
Debugging a containerized application
Installing and using nsenter
Summary
11
Securing Docker Containers
Securing Docker Containers
Are Docker containers secure enough?
Security-Enhanced Linux for container security
The best practices for container security
Digital signature verification
Summary
Index
Index

Security-Enhanced Linux for container security

Security-Enhanced Linux (SELinux) is a brave attempt to clean up the security holes in Linux containers and is an implementation of a Mandatory Access Control (MAC) mechanism, Multi-Level security (MLS), and Multi-Category security (MCS) in the Linux kernel. A new collaborative initiative referred to as Virtproject, is being built on SELinux, and this is getting integrated with Libvirt to provide an adaptable MAC framework for virtual machines, as well as containers. This new architecture provides a sheltered separation and safety net for containers, as it primarily prevents root processes within the container from interfacing and interfering with other processes running outside this container. Docker containers are automatically assigned to an SELinux context specified in the SELinux policy.

SELinux always checks for all the allowed operations after the standard discretionary access control (DAC) is completely checked. SELinux can establish...

Previous Section
End of Section 3
Next Section