Docker is the hottest buzzword in technology these days! This book helps you to ensure that you are securing all the pieces in the Docker ecosystems of tools. Keeping your data and systems safe is of utmost importance these days, and with Docker, it's the same exception. Learn how Docker is inherently secure and how to secure the pieces around it even more and be on the lookout for potential vulnerabilities as they take place.
Chapter 1, Securing Docker Hosts, starts off the book by discussing how to secure the first part of getting your Docker environment up and running, and that is by focusing on your Docker hosts. The Docker hosts are the platform that your containers will run on. Without securing these first, it's like leaving the front door to your house wide open.
Chapter 2, Securing Docker Components, focuses on securing the components of Docker, such as the registry you can use, the containers that run on your hosts, and how to sign your images.
Chapter 3, Securing and Hardening Linux Kernels, explains hardening guides that are out there as well as different security measures/methods you can use to help secure the kernel that is being used to run your containers as it's important to secure it.
Chapter 4, Docker Bench for Security, informs how well you have set up your Docker environment with the Docker Bench Security application, get recommendations for where you should focus your efforts to fix right away, and what you don't really have to fix right now, but should keep yourself aware of.
Chapter 5, Monitoring and Reporting Docker Security Incidents, covers how to stay on top of the items that Docker has released regarding the security findings to help keep you aware of your environments. Also, we will take a look at how to safely report any security findings you come across to ensure that Docker has a chance to alleviate the concern before it becomes public and widespread.
Chapter 6, Using Docker's Built-in Security Features, introduces the use of Docker tools to help secure your environment. We will go over all of them to give you a baseline of what you can use that is provided by Docker itself. You can learn what command-line and GUI tools you can use for your security needs.
Chapter 7, Securing Docker with Third-party Tools, covers the third-party tools that are out there to help you keep your Docker environment secure. You will learn about command line, but we'll focus on third-party tools. We will take a look at traffic authorization, summon, and sVirt with SELinux.
Chapter 8, Keeping up on Security, explains the means that you can use to keep up to date with Docker-related security issues that are out there for the version of the Docker tools you might be running now, how to stay ahead of any security issues, and keep your environments secure even with threats out there.
The book will walk you through the installation of any tools that you will need. You will need a system with Windows, Mac OS, or Linux installed; preferably, the latter one, as well as an Internet connection.
This book is intended for those developers who will be using Docker as their testing platform as well as security professionals who are interested in securing Docker containers. Readers must be familiar with the basics of Docker.
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "You will need pass phrase you entered earlier for ca-key.pem."
Any command-line input or output is written as follows:
$ docker run -it scottpgallagher/chef-server /bin/bash
New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "The next section, Security settings, is probably one of the most important ones."
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail <[email protected]>, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
If you have a problem with any aspect of this book, you can contact us at <[email protected]>, and we will do our best to address the problem.