Book Image

Docker for Developers

By : Richard Bullington-McGuire, Andrew K. Dennis, Michael Schwartz
2 (1)
Book Image

Docker for Developers

2 (1)
By: Richard Bullington-McGuire, Andrew K. Dennis, Michael Schwartz

Overview of this book

Docker is the de facto standard for containerizing apps, and with an increasing number of software projects migrating to containers, it is crucial for engineers and DevOps teams to understand how to build, deploy, and secure Docker environments effectively. Docker for Developers will help you understand Docker containers from scratch while taking you through best practices and showing you how to address security concerns. Starting with an introduction to Docker, you’ll learn how to use containers and VirtualBox for development. You’ll explore how containers work and develop projects within them after you’ve explored different ways to deploy and run containers. The book will also show you how to use Docker containers in production in both single-host set-ups and in clusters and deploy them using Jenkins, Kubernetes, and Spinnaker. As you advance, you’ll get to grips with monitoring, securing, and scaling Docker using tools such as Prometheus and Grafana. Later, you’ll be able to deploy Docker containers to a variety of environments, including the cloud-native Amazon Elastic Kubernetes Service (Amazon EKS), before finally delving into Docker security concepts and best practices. By the end of the Docker book, you’ll be able to not only work in a container-driven environment confidently but also use Docker for both new and existing projects.
Table of Contents (21 chapters)
1
Section 1: An Introduction to Docker – Containers and Local Development
6
Section 2: Running Docker in Production
14
Section 3: Docker Security – Securing Your Containers

Chapter 15: Scanning, Monitoring, and Using Third-Party Tools

So far, we have explored how we can manually configure our Docker containers to ensure security is a priority. In this chapter, we will look at some of the tools available to automatically scan our images and monitor our production loads. This will provide a jumping off spot for you to expand your Docker-based projects further, based upon your cloud provider if you use one.

We will start off by looking at DevOps solutions such as Anchore Engine for scanning images for security vulnerabilities, review docker stats and learn how it is useful, set up cAdvisor for local monitoring, and understand how Datadog can be used as a cloud-based solution for gathering container stats.

This chapter will also briefly review AWS security options including GuardDuty for monitoring production environments and cover some of the features that Microsoft Azure offers. You'll gain an understanding of what tools are available to Google...