Book Image

Docker on Windows

By : Elton Stoneman
Book Image

Docker on Windows

By: Elton Stoneman

Overview of this book

Docker is a platform for running server applications in lightweight units called containers. You can run Docker on Windows Server 2016 and Windows 10, and run your existing apps in containers to get significant improvements in efficiency, security, and portability. This book teaches you all you need to know about Docker on Windows, from 101 to deploying highly-available workloads in production. This book takes you on a Docker journey, starting with the key concepts and simple examples of how to run .NET Framework and .NET Core apps in Windows Docker containers. Then it moves on to more complex examples—using Docker to modernize the architecture and development of traditional ASP.NET and SQL Server apps. The examples show you how to break up monoliths into distributed apps and deploy them to a clustered environment in the cloud, using the exact same artifacts you use to run them locally. To help you move confidently to production, it then explains Docker security, and the management and support options. The book finishes with guidance on getting started with Docker in your own projects, together with some real-world case studies for Docker implementations, from small-scale on-premises apps to very large-scale apps running on Azure.
Table of Contents (20 chapters)
Title Page
Credits
About the Author
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
Index

Summary


This chapter looked at the security considerations of Docker and Windows containers. You learned that the Docker platform is built for security in depth, and the runtime security of containers is only one part of the story. Security scanning, image signing, content trust, and secure distributed communication combine to give you a secure software supply chain.

You looked at the practical security aspects of running apps in Docker and learned how processes in Windows container run in a context that makes it difficult for attackers to escape from containers and invade other processes. Container processes will use all the compute resources they need, but I also demonstrated how to limit CPU and memory usage, which can prevent rogue containers starving the host's compute resources.

In a dockerized application, you have much more scope to enforce security in depth. I explained why minimal images help keep applications safe and how you can use Docker Security Scanning to be alerted if there...