Book Image

Learn Docker - Fundamentals of Docker 19.x - Second Edition

By : Dr. Gabriel N. Schenker

Book Image

Learn Docker - Fundamentals of Docker 19.x - Second Edition

By: Dr. Gabriel N. Schenker

Overview of this book

Containers enable you to package an application with all the components it needs, such as libraries and other dependencies, and ship it as one package. Docker containers have revolutionized the software supply chain in both small and large enterprises. Starting with an introduction to Docker fundamentals and setting up an environment to work with it, you’ll delve into concepts such as Docker containers, Docker images, and Docker Compose. As you progress, the book will help you explore deployment, orchestration, networking, and security. Finally, you’ll get to grips with Docker functionalities on public clouds such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP), and learn about Docker Enterprise Edition features. Additionally, you’ll also discover the benefits of increased security with the use of containers. By the end of this Docker book, you’ll be able to build, ship, and run a containerized, highly distributed application on Docker Swarm or Kubernetes, running on-premises or in the cloud.

Preface

Who this book is for

What this book covers

To get the most out of this book

Section 1: Motivation and Getting Started

Section 1: Motivation and Getting Started

Free Chapter

What Are Containers and Why Should I Use Them?

What Are Containers and Why Should I Use Them?

What are containers?

Why are containers important?

What's the benefit for me or for my company?

The Moby project

Docker products

Container architecture

Further reading

Setting Up a Working Environment

Setting Up a Working Environment

Technical requirements

The Linux command shell

PowerShell for Windows

Using a package manager

Choosing a code editor

Installing Docker for Desktop

Installing Docker Toolbox

Installing Minikube

Further reading

Section 2: Containerization, from Beginner to Black Belt

Section 2: Containerization, from Beginner to Black Belt

Mastering Containers

Mastering Containers

Technical requirements

Running the first container

Starting, stopping, and removing containers

Inspecting containers

Exec into a running container

Attaching to a running container

Retrieving container logs

Anatomy of containers

Further reading

Creating and Managing Container Images

Creating and Managing Container Images

What are images?

Creating images

Lift and shift: Containerizing a legacy app

Sharing or shipping images

Further reading

Data Volumes and Configuration

Data Volumes and Configuration

Technical requirements

Creating and mounting data volumes

Sharing data between containers

Using host volumes

Defining volumes in images

Configuring containers

Further reading

Debugging Code Running in Containers

Debugging Code Running in Containers

Technical requirements

Evolving and testing code running in a container

Auto restarting code upon changes

Line-by-line code debugging inside a container

Instrumenting your code to produce meaningful logging information

Using Jaeger to monitor and troubleshoot

Further reading

Using Docker to Supercharge Automation

Using Docker to Supercharge Automation

Technical requirements

Executing simple admin tasks in a container

Using test containers

Using Docker to power a CI/CD pipeline

Further reading

Advanced Docker Usage Scenarios

Advanced Docker Usage Scenarios

Technical requirements

All of the tips and tricks of a Docker pro

Running your Terminal in a remote container and accessing it via HTTPS

Running your development environment inside a container

Running your code editor in a remote container and accessing it via HTTPS

Further reading

Section 3: Orchestration Fundamentals and Docker Swarm

Section 3: Orchestration Fundamentals and Docker Swarm

Distributed Application Architecture

Distributed Application Architecture

Understanding the distributed application architecture

Patterns and best practices

Running in production

Further reading

Single-Host Networking

Single-Host Networking

Technical requirements

Dissecting the container network model

Network firewalling

Working with the bridge network

The host and null network

Running in an existing network namespace

Managing container ports

HTTP-level routing using a reverse proxy

Further reading

Docker Compose

Technical requirements

Demystifying declarative versus imperative

Running a multi-service app

Scaling a service

Building and pushing an application

Using Docker Compose overrides

Further reading

Orchestrators

What are orchestrators and why do we need them?

The tasks of an orchestrator

Overview of popular orchestrators

Further reading

Introduction to Docker Swarm

Introduction to Docker Swarm

The Docker Swarm architecture

Stacks, services, and tasks

Multi-host networking

Creating a Docker Swarm

Deploying a first application

The swarm routing mesh

Further reading

Zero-Downtime Deployments and Secrets

Zero-Downtime Deployments and Secrets

Technical requirements

Zero-downtime deployment

Storing configuration data in the swarm

Protecting sensitive data with Docker secrets

Further reading

Section 4: Docker, Kubernetes, and the Cloud

Section 4: Docker, Kubernetes, and the Cloud

Introduction to Kubernetes

Introduction to Kubernetes

Technical requirements

Kubernetes architecture

Kubernetes master nodes

Introduction to Minikube

Kubernetes support in Docker for Desktop

Introduction to pods

Kubernetes ReplicaSet

Kubernetes deployment

Kubernetes service

Context-based routing

Comparing SwarmKit with Kubernetes

Further reading

Deploying, Updating, and Securing an Application with Kubernetes

Deploying, Updating, and Securing an Application with Kubernetes

Technical requirements

Deploying a first application

Defining liveness and readiness

Zero downtime deployments

Kubernetes secrets

Further reading

Monitoring and Troubleshooting an App Running in Production

Monitoring and Troubleshooting an App Running in Production

Technical requirements

Monitoring an individual service

Using Prometheus to monitor a distributed application

Troubleshooting a service running in production

Further reading

Running a Containerized App in the Cloud

Running a Containerized App in the Cloud

Technical requirements

Deploying and using Docker EE on AWS

Exploring Microsoft's Azure Kubernetes Service (AKS)

Understanding GKE

Further reading

Assessments

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Protecting sensitive data with Docker secrets

Secrets are used to work with confidential data in a secure way. Swarm secrets are secure at rest and in transit. That is, when a new secret is created on a manager node, and it can only be created on a manager node, its value is encrypted and stored in the raft consensus storage. This is why it is secure at rest. If a service gets a secret assigned to it, then the manager reads the secret from storage, decrypts it, and forwards it to all the containers who are instances of the swarm service that requested the secret. Since node-to-node communication in Docker Swarm uses mutual transport layer security (TLS), the secret value, although decrypted, is still secure in transit. The manager forwards the secret only to the worker nodes that a service instance is running on. Secrets are then mounted as files into the target container...