Book Image

Docker Cookbook - Second Edition

By : Ken Cochrane, Jeeva S. Chelladhurai, Neependra K Khare
2 (1)
Book Image

Docker Cookbook - Second Edition

2 (1)
By: Ken Cochrane, Jeeva S. Chelladhurai, Neependra K Khare

Overview of this book

Docker is an open source tool used for creating, deploying, and running applications using containers. With more than 100 self-contained tutorials, this book examines common pain points and best practices for developers building distributed applications with Docker. Each recipe in this book addresses a specific problem and offers a proven, best practice solution with insights into how it works, so that you can modify the code and configuration files to suit your needs. The Docker Cookbook begins by guiding you in setting up Docker in different environments and explains how to work with its containers and images. You’ll understand Docker orchestration, networking, security, and hosting platforms for effective collaboration and efficient deployment. The book also covers tips and tricks and new Docker features that support a range of other cloud offerings. By the end of this book, you’ll be able to package and deploy end-to-end distributed applications with Docker and be well-versed with best practice solutions for common development problems.

Related Content you might be interested in

Current Title:

Small book image
Docker Cookbook - Second Edition
Ken Cochrane | Jeeva S. Chelladhurai | Neependra K Khare
Aug, 2018 | 352 pages
Small book image
Learning Docker
Jeeva S Chelladhurai | Pethuru Raj | Vinod Singh
May, 2017 | 300 pages
Small book image
Docker Bootcamp
Jeeva S Chelladhurai | Pethuru Raj | Russ McKendrick | Vinod Singh
Apr, 2017 | 196 pages
Small book image
Docker Deep Dive
Nigel Poulton
Oct, 2020 | 250 pages
Table of Contents (13 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Free Chapter
1
Introduction and Installation
Introduction and Installation
Introduction
Verifying requirements for Docker installation
Installing Docker on Ubuntu
Installing Docker on CentOS
Installing Docker on Linux with an automated script
Installing Docker for Windows
Installing Docker for Mac
Pulling an image and running a container
Adding a nonroot user to administer Docker
Finding help with the Docker command line
2
Working with Docker Containers
Working with Docker Containers
Introduction
Listing/searching for an image
Pulling an image
Listing images
Starting a container
Listing containers
Looking at the container logs
Stopping a container
Removing a container
Removing all stopped containers
Setting the restart policy on a container
Getting privileged access inside a container
Accessing the host device inside a container
Injecting a new process into a running container
Reading a container's metadata
Labeling and filtering containers
Reaping a zombie inside a container
3
Working with Docker Images
Working with Docker Images
Introduction
Creating an image from the container
Creating an account with Docker Hub
Logging in and out of the Docker image registry
Publishing an image to the registry
Looking at the history of an image
Removing an image
Exporting an image
Importing an image
Building an image using a Dockerfile
Building an Apache image – a Dockerfile example
Setting up a private index/registry
Automated builds – with GitHub and Bitbucket
Creating a custom base image
Creating a minimal image using a scratch base image
Building images in multiple stages
Visualizing the image hierarchy
4
Network and Data Management for Containers
Network and Data Management for Containers
Introduction
Accessing containers from outside
Attaching containers to a host network
Launching containers with no network
Sharing IP addresses with other containers
Creating a user-defined bridge network
Discovering and load balancing containers
Persisting data using volumes
Sharing data between the host and the container
5
Docker Use Cases
Docker Use Cases
Introduction
Testing with Docker
Performing CI/CD with Shippable and Heroku
Performing CI/CD with TravisCI
Setting up PaaS with OpenShift origin
Building and deploying an app on OpenShift from the source code
6
Docker APIs and SDKs
Docker APIs and SDKs
Introduction
Working with images using APIs
Building images using APIs
Launching containers using APIs
Performing container operations using APIs
Exploring Docker remote API client libraries
Configuring the Docker daemon for remote connectivity
Securing the Docker daemon's remote connectivity
7
Docker Performance
Docker Performance
Introduction
Benchmarking CPU performance
Benchmarking disk performance
Benchmarking network performance
Getting container resource usage using the stats feature
Setting up performance monitoring
8
Docker Orchestration and Hosting a Platform
Docker Orchestration and Hosting a Platform
Introduction
Running applications with Docker Compose
Setting up a cluster with Docker Swarm
Using secrets with Docker Swarm
Setting up a Kubernetes cluster
Using secrets with Kubernetes
Scaling up and down in Kubernetes cluster
Setting up WordPress with Kubernetes clusters
9
Docker Security
Docker Security
Introduction
Setting Mandatory Access Control (MAC) with SELinux
Allowing writes to volumes mounted from the host with SELinux ON
Removing capabilities to break down the power of a root user inside a container
Sharing namespaces between the host and the container
10
Getting Help and Tips and Tricks
Getting Help and Tips and Tricks
Introduction
Starting Docker in debug mode
Building a Docker binary from the source
Building images without using cached layers
Building your own bridge for container communication
Changing the default OCI runtime
Selecting the logging driver for containers
Getting real-time Docker events for containers
11
Docker on the Cloud
Docker on the Cloud
Introduction
Docker for AWS
Deploying WordPress on Docker for AWS
Docker for Azure
Deploying Joomla! on Docker for Azure
12
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Setting Mandatory Access Control (MAC) with SELinux

It is recommended that you set up some form of MAC on the Docker host, either through SELinux or AppArmor, depending on the Linux distribution. In this recipe, we'll see how to set up SELinux on a Fedora/RHEL/CentOS installed system. Let's first look at what SELinux is:

  • SELinux is a labeling system
  • Every process has a label
  • Every file, directory, and system object has a label
  • Policy rules control access between labeled processes and labeled objects
  • The kernel enforces the rules

With Docker containers, we use two types of SELinux enforcement:

  • Type enforcement: This is used to protect the host system from container processes. Each container process is labeled svirt_lxc_net_t, and each container file is labeled svirt_sandbox_file_t. The svirt_lxc_net_t type is allowed to manage any content labeled with svirt_sandbox_file_t...
Previous Section
End of Section 3
Next Section