Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Preface
Who is This Book For?
Who is Actually Using Docker in Production?
Why Docker?
Development vs. Production
What We Mean by Production
Batteries Included vs. Composable Tools
What Not to Dockerize
Authors
Technical Reviewers
1. Getting Started
Terminology
Image vs. Container
Containers vs. Virtual Machines
CI/CD: Continuous Integration / Continuous Delivery
Host Management
Orchestration
Scheduling
Discovery
Configuration Management
Development to Production
Multiple Ways to Use Docker
What to Expect
Why is Docker in production difficult?
2. The Stack
Build System
Image Repository
Host Management
Configuration Management
Deployment
Orchestration
3. Example - Bare Bones Environment
Keeping the Pieces Simple
Keeping The Processes Simple
Systems in Detail
Leveraging systemd
Cluster-wide, common and local configurations
Deploying services
Support services
Discussion
Future
Summary
4. Example - Web Environment
Orchestration
Getting Docker on the server ready to run containers
Getting the containers running
Networking
Data storage
Logging
Monitoring
No worries about new dependencies
Zero downtime
Service rollbacks
Conclusion
5. Example - Beanstalk Environment
Process to build containers
Process to deploy/update containers
Logging
Monitoring
Security
Summary
6. Security
Threat models
Containers and security
Kernel updates
Container updates
suid and guid binaries
root in containers
Capabilities
seccomp
Kernel security frameworks
Resource limits and cgroups
ulimit
User namespaces
Image verification
Running the docker daemon securely
Monitoring
Devices
Mount points
ssh
Secret distribution
Location
7. Building Images
Not your father’s images
Copy on Write and Efficient Image Storage and Distribution
Docker leverage of Copy-on-Write
Image building fundamentals
Layered File Systems and Preserving Space
Start small
Keeping images small
Making images reusable
Configuring via Environment Variables
Making an image configurable via environment variables when the process is not
Using Template files
Mounting The Configuration files
Make images that reconfigure themselves when Docker changes
Trust and Images
Make your images immutable
Summary
8. Storing Docker Images
Getting up and running with storing Docker images
Automated builds
Private repository
Scaling the Private registry
S3
Local storage
Load balancing the registry
Maintenance
Making your private repository secure
SSL
Authentication
Save/Load
Minimizing your image sizes
Other Image repository solutions
9. CI/CD
Let everyone just build and push containers!
Build all images with a build system
Suggest or don’t allow the use of non standard practices
Use a standard base image
Integration testing with Docker
Summary
10. Configuration Management
Configuration Management versus Containers
Configuration Management for Containers
Chef
Ansible
Salt Stack
Puppet
Summary
11. Docker Storage Drivers
AUFS
DeviceMapper
btrfs
overlay
vfs
Summary
12. Docker Networking
Networking basics
IP address allocation
Port allocation
Domain name resolution
Service discovery
Advanced Docker networking
Network security
Multihost inter-container communication
Network namespace sharing
IPv6
Summary
13. Scheduling
What is scheduling?
Strategies
Mesos
Kubernetes
OpenShift
Thoughts from Clayton Coleman at RedHat
14. Service Discovery
DNS service discovery
DNS servers reinvented
Zookeeper
Service discovery with Zookeeper
etcd
Service discovery with etcd
consul
Service discovery with consul
registrator
Eureka
Service discovery with Eureka
Smartstack
Service discovery with Smartstack
Nerve
Synapse
nsqlookupd
Summary
15. Logging and Monitoring
Logging
Native Docker logging
Attaching to Docker containers
Exporting logs to host
Sending logs to a centralized logging system
Side mounting logs from another container
Monitoring
Host based monitoring
Docker deamon based monitoring
Container based monitoring
Summary
← Prev
Back
Next →
← Prev
Back
Next →