O'Reilly logo

Orchestrating Docker by Shrikrishna Holla

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security

Security is of prime importance when it comes to deciding whether to invest in a technology, especially when that technology has implications on the infrastructure and workflow. Docker containers are mostly secure, and since Docker doesn't interfere with other systems, you can use additional security measures to harden the security around the docker daemon. It is better to run the docker daemon in a dedicated host and run other services as containers (except services such as ssh, cron, and so on).

In this section, we will discuss Kernel features used in Docker that are pertinent to security. We will also consider the docker daemon itself as a possible attack vector.

Image credit http://xkcd.com/424/

Kernel namespaces

Namespaces provide sandboxing ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required