Docker security – best practices
In this section, we will look at the best practices when it comes to Docker as well as the Center for Internet Security guide to properly secure all the aspects of your Docker environment. You will be referring to this guide when you actually run the scan (in the next section of this chapter) and get results back of what needs or should be fixed. The guide is broken down into the following sections:
The host configuration
The Docker daemon configuration
The Docker daemon configuration files
Container images/runtime
Docker security operations
Docker – best practices
Before we dive into the Center for Internet Security guide, let's go over some of the best practices to use Docker:
One application per container: Spread out your applications to one per container. Docker was built for this and it makes everything easier at the end of the day. That isolation we talked about earlier is where this is the key.
Review who has access to your Docker hosts: Remember that whoever...