Lastly, let's take a look at the security aspect of putting Docker into production. This is probably one of the most talked about aspects of not only Docker, but any technology out there. What security risks exist? What security advantages exist? We will take a look at both of these aspects as well as cover the best practices for your overall Docker setup.
These are the things to keep in mind when you are setting up your production environment:
Whoever has access to your Docker host has access to every single Docker container that is running on that host and has the ability to stop them, delete them, or even start up new containers.
Remember that you can run Docker containers or attach containers to Docker volumes using the read-only modes. This can be done by adding the
:ro
option to the volume:$ docker run -d -v /opt/uploads:ro nginx $ docker run -d --volumes-from data:ro nginx
Remember to utilize the Docker security benchmark application to help tune...