Book Image

Getting Started with Containerization

By : Dr. Gabriel N. Schenker, Hideto Saito, Hui-Chuan Chloe Lee, Ke-Jou Carol Hsu
Book Image

Getting Started with Containerization

By: Dr. Gabriel N. Schenker, Hideto Saito, Hui-Chuan Chloe Lee, Ke-Jou Carol Hsu

Overview of this book

Kubernetes is an open source orchestration platform for managing containers in a cluster environment. This Learning Path introduces you to the world of containerization, in addition to providing you with an overview of Docker fundamentals. As you progress, you will be able to understand how Kubernetes works with containers. Starting with creating Kubernetes clusters and running applications with proper authentication and authorization, you'll learn how to create high-availability Kubernetes clusters on Amazon Web Services (AWS), and also learn how to use kubeconfig to manage different clusters. Whether it is learning about Docker containers and Docker Compose, or building a continuous delivery pipeline for your application, this Learning Path will equip you with all the right tools and techniques to get started with containerization. By the end of this Learning Path, you will have gained hands-on experience of working with Docker containers and orchestrators, including SwarmKit and Kubernetes. This Learning Path includes content from the following Packt products: • Kubernetes Cookbook - Second Edition by Hideto Saito, Hui-Chuan Chloe Lee, and Ke-Jou Carol Hsu • Learn Docker - Fundamentals of Docker 18.x by Gabriel N. Schenker
Table of Contents (25 chapters)
Title Page
Copyright
About Packt
Contributors
Preface
Index

Secrets


Secrets are used to work with confidential data in a secure way. Swarm secrets are secure at rest and in transit. That is, when a new secret is created on a manager node, and it can only be created on a manager node, its value is encrypted and stored in the raft consensus storage. This is why it is secure at rest. If a service gets a secret assigned to it, then the manager reads the secret from storage, decrypts it, and forwards it to all the containers who are instances of the Swarm service that requests the secret. Since the node-to-node communication in swarm is using mutual transport layer security (TLS), the secret value, although decrypted, is still secure in transit. The manager forwards the secret only to the worker nodes on which a service instance is running. Secrets are then mounted as files into the target container. Each secret corresponds to a file. The name of the secret will be the name of the file inside the container, and the value of the secret is the content of...