Book Image

The Docker Workshop

By : Vincent Sesto, Onur Yılmaz, Sathsara Sarathchandra, Aric Renzo, Engy Fouda
5 (1)
Book Image

The Docker Workshop

5 (1)
By: Vincent Sesto, Onur Yılmaz, Sathsara Sarathchandra, Aric Renzo, Engy Fouda

Overview of this book

No doubt Docker Containers are the future of highly-scalable software systems and have cost and runtime efficient supporting infrastructure. But learning it might look complex as it comes with many technicalities. This is where The Docker Workshop will help you. Through this workshop, you’ll quickly learn how to work with containers and Docker with the help of practical activities.? The workshop starts with Docker containers, enabling you to understand how it works. You’ll run third party Docker images and also create your own images using Dockerfiles and multi-stage Dockerfiles. Next, you’ll create environments for Docker images, and expedite your deployment and testing process with Continuous Integration. Moving ahead, you’ll tap into interesting topics and learn how to implement production-ready environments using Docker Swarm. You’ll also apply best practices to secure Docker images and to ensure that production environments are running at maximum capacity. Towards the end, you’ll gather skills to successfully move Docker from development to testing, and then into production. While doing so, you’ll learn how to troubleshoot issues, clear up resource bottlenecks and optimize the performance of services. By the end of this workshop, you’ll be able to utilize Docker containers in real-world use cases.
Table of Contents (17 chapters)
Preface

Authorization Plugins

Docker authorization is based on two modes: all kinds of actions are enabled or all kinds of actions are disabled. In other words, if a user can access the Docker daemon, they can run any command and consume the API or Docker client commands. If you need more granular access control methods, you need to use authorization plugins in Docker. Authorization plugins enhance authentication and permission for Docker Engine operations. They enable more granular access to control who can take specific actions on Docker Engine.

Authorization plugins approve or deny the requests forwarded by Docker daemons using the request context. Therefore, the plugins should implement the following two methods:

  • AuthZReq: This method is called before the Docker daemon processes the request.
  • AuthZRes: This method is called before the response is returned from the Docker daemon to the client.

In the following exercise, you will learn how to configure and...