Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Preface
Who is actually using Docker in production?
Who is this book for?
Why Docker?
Development vs. production
What we mean by Production
Batteries included vs. composable tools
What not to dockerize
Authors
1. Getting Started
Terminology
Image vs. Container
Containers vs. Virtual Machines
CI/CD: Continuous Integration / Continuous Delivery
Host Management
Orchestration
Scheduling
Discovery
Configuration Management
Development to Production
Multiple Ways to Use Docker
What to Expect
2. The Stack
Build System
Image Repository
Host Management
Configuration Management
Deployment
Orchestration
3. Example - Barebones Environment
Keeping the Pieces Simple
Keeping The Processes Simple
Systems in Detail
Leveraging systemd
Cluster-wide, common and local configurations
Deploying services
Support services
Discussion
Future
4. Web Environment
Orchestration
Building the server for the container (aka getting Docker on the host)
Building the container (the listening web service)
Networking
Data storage
Logging
Monitoring
No worries about new dependencies
Zero downtime
Service rollbacks
Pros
Cons
Conclusion
5. Beanstalk Environment
Process to build containers
Process to deploy/update containers
Logging
Monitoring
Security
Pros
Cons
Other notes
6. Kubernetes Environment
OpenShift v3
Interview, Clayton Coleman, RedHat
7. Security
Threat models
Containers and security
Kernel updates
Container updates
suid and guid binaries
root in containers
Capabilities
seccomp
Kernel security frameworks
Resource limits and cgroups
ulimit
User namespaces
Image verification
Running the docker daemon securely
Monitoring
Devices
Mount points
ssh
Secret distribution
Location
8. Building Images
Not your father’s images
Copy on Write and Efficient Image Storage and Distribution
Image building fundamentals
Layered File Systems and Preserving Space
Start small
Keeping images small
Making images reusable
Configuring via Environment Variables
Making an image configurable via environment variables when the process is not
Using Template Files
Mounting The Configuration Files
Make images that reconfigure themselves when docker changes
Trust and Images
Make your images immutable
9. Storing Docker Images
Getting up and running with storing Docker images
Automated builds
Private repository
Scaling the Private registry
S3
Local storage
Load balancing the registry
Maintenance
Making your private repository secure
SSL
Authentication
Save/Load
Minimizing your image sizes
Other Image repository solutions
10. CICD
Let everyone just build and push containers!
Integration testing with Docker
Conclusion
11. Configuration Management
Configuration Management vs. Containers
Configuration management for containers
Chef
Ansible
Salt Stack
Puppet
Conclusion
12. Docker storage drivers
AUFS
DeviceMapper
btrfs
overlay
vfs
Conclusion
13. Docker networking
Networking Basics
IP address allocation
Port allocation
Domain name resolution
Service discovery
Advanced Docker networking
Network security
Multihost inter container communication
Network namespace sharing
IPv6
Conclusion
14. Scheduling
15. Service discovery
DNS service discovery
DNS servers reinvented
Zookeeper
Service discovery with Zookeeper
etcd
Service discovery with etcd
consul
Service discovery with consul
registrator
Eureka
Service discovery with Eureka
Smartstack
Service discovery with Smartstack
Nerve
Synapse
Summary
nsqlookupd
Summary
16. Logging and Monitoring
Logging
Native Docker logging
Attaching to Docker containers
Exporting logs to host
Sending logs to a centralized logging system
Side mounting logs from another container
Monitoring
Host based monitoring
Docker deamon based monitoring
Container based monitoring
References
17. Reference
Blogs and Articles
Production Examples
Security
← Prev
Back
Next →
← Prev
Back
Next →