Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Docker for Developers Why subscribe? Contributors About the authors About the reviewer Packt is searching for authors like you Preface
Who this book is for What this book covers To get the most out of this book Download the example code files Code in Action Download the color images Conventions used Get in touch Reviews
Section 1: An Introduction to Docker – Containers and Local Development Chapter 1: Introduction to Docker
The drivers for Docker
Co-located hosting Self-hosting Data centers
Using virtualization to economize resource usage Addressing the increasing power requirements Using containers to further optimize data center resources Summary Further reading
Chapter 2: Using VirtualBox and Docker Containers for Development
Technical requirements Host filesystem pollution problem Using VirtualBox for virtual machines
Introduction to virtualization Creating a virtual machine Guest additions Installing VirtualBox
Using Docker containers
Introduction to containers Using Docker for development
Getting started with Docker
Automating Docker commands via sh scripts
Summary Further reading
Chapter 3: Sharing Containers Using Docker Hub
Technical requirements Introducing Docker Hub
Interacting with Docker Hub from the command line Using the Docker Hub website
Implementing a MongoDB container for our application
Running a shell within a container
Introducing the microservices architecture
Scalability Inter-container communication
Implementing a sample microservices application Sharing your containers on Docker Hub Summary Further reading
Chapter 4: Composing Systems Using Containers
Technical requirements Introduction to Docker Compose
The problem with .sh scripts Docker Compose configuration files Inheritance using multiple configuration files The depends_on option Adding port bindings using overrides
Using Docker local networking
Networking using .sh scripts Networking with Docker Compose
Binding a host filesystem within containers
Optimizing our container size Using the build.sh script
Other composition tools
Docker Swarm Kubernetes Packer
Summary Further reading
Section 2: Running Docker in Production Chapter 5: Alternatives for Deploying and Running Containers in Production
Technical requirements Example application – ShipIt Clicker Running Docker in production – many paths, choose wisely What is the minimum realistic production environment?
Bare minimum – run Docker and Docker Compose on one host Docker support Problems with single-host deployment
Managed cloud services
Google Kubernetes Engine AWS Elastic Beanstalk AWS ECS and Fargate AWS EKS Microsoft Azure Kubernetes Service Digital Ocean Docker Swarm
Running your own Kubernetes cluster – from bare metal to OpenStack Deciding on the right Docker production setup
Exercise – join the ShipIt Clicker team Exercise – choosing from reasonable deployment alternatives Exercise – Dockerfile and docker-compose.yml evaluation
Summary
Chapter 6: Deploying Applications with Docker Compose
Technical requirements
Example application – ShipIt Clicker v2
Selecting a host and operating system for single-host deployment
Requirements for single-host deployment
Preparing the host for Docker and Docker Compose
Using operating system packages to install Docker and Git
Deploying using configuration files and support scripts
Re-examining the initial Dockerfile Re-examining the initial docker-compose.yml file Preparing the production .env file Supporting scripts Exercise – keeping builds off the production server Exercise – planning to secure the production site
Monitoring small deployments – logging and alerting Limitations of single-host deployment
No automatic failover Inability to scale horizontally to accept more load Tracking down unstable behavior based on incorrect host tuning Loss of single host could be disastrous – backups are essential Case study – migrating from CoreOS and Digital Ocean to CentOS 7 and AWS
Summary Further reading
Chapter 7: Continuous Deployment with Jenkins
Technical requirements
Example application – ShipIt Clicker v3
Using Jenkins to facilitate continuous deployment
Avoid these traps Using an existing Jenkins server Setting up a new Jenkins server How Jenkins can support continuous deployment
The Jenkinsfile and host connectivity
Testing Jenkins and Docker with a pipeline script
Driving configuration changes through Jenkins
Using Git and GitHub to store your Jenkinsfile Changing the origin of all checked out repositories Creating Jenkins environment variables for production support Building Docker containers and pushing them to Docker Hub Pushing to Docker Hub and triggering a production deployment
Deploying to multiple environments through multiple branches
Creating a staging environment Creating Jenkins environment variables for staging support Deploying by force-pushing to the staging branch
Complexity and limits to scaling deployments through Jenkins
Managing multiple hosts The complexity of build scripts How do you know when you have hit the limit?
Summary Further reading
Chapter 8: Deploying Docker Apps to Kubernetes
Technical requirements Options for Kubernetes local installation
Minikube Verifying that your Kubernetes installation works
Deploying a sample application – ShipIt Clicker v4
Deploying the NGINX Ingress Controller and ShipIt Clicker locally
Choosing a Kubernetes distribution
Google Kubernetes Engine AWS EKS Microsoft Azure Kubernetes Service Reviewing other relevant options Objects ConfigMaps Pods Nodes Services Ingress Controllers Secrets Namespaces
Spinning up AWS EKS with CloudFormation
Introducing the AWS EKS Quick Start CloudFormation templates Preparing an AWS account Launching the AWS EKS Quick Start CloudFormation templates Configuring the EKS cluster
Deploying an application with resource limits to Kubernetes on AWS EKS
Annotating ShipIt Clicker to use the ALB Ingress Controller
Using AWS Elastic Container Registry with AWS EKS
Creating an ECR repository Local example – labeled environments in the default namespace Staged environments – Dev, QA, staging, and production
Summary
Chapter 9: Cloud-Native Continuous Deployment Using Spinnaker
Technical requirements Improving your setup for Kubernetes application maintenance
Managing the EKS cluster from your local workstation Troubleshooting kubectl connection failures Switching between local and cluster contexts Verifying that you have a working ALB Ingress Controller Preparing a Route 53 domain and certificate Building and deploying ShipIt Clicker v5
Spinnaker – when and why you might need more sophisticated deployments
Introduction to Spinnaker
Setting up Spinnaker in an AWS EKS cluster using Helm
Connecting to Spinnaker through the kubectl proxy Exposing Spinnaker via ALB Ingress Controllers Configuring Spinnaker using Halyard Connecting Spinnaker to Jenkins Setting up Jenkins to integrate with both Spinnaker and ECR Connecting Spinnaker to GitHub Connecting Spinnaker to Docker Hub Troubleshooting Spinnaker issues
Deploying ShipIt Clicker with a simple deployment strategy in Spinnaker
Adding a Spinnaker application Adding a Spinnaker pipeline Setting up a DNS entry for the Ingress Controller
Surveying Spinnaker's deployment and testing features
Canary deployments Red/black deployments Rolling back Testing with Spinnaker
Summary Further reading
Chapter 10: Monitoring Docker Using Prometheus, Grafana, and Jaeger
Technical requirements
Setting up a demo application – ShipIt Clicker v7
Docker logging and container runtime logging
Understanding Kubernetes container logging Ideal characteristics for a log management system Troubleshooting Kubernetes control plane issues with logs Storing logs with CloudWatch Logs Storing logs for the long term with AWS S3 Analyzing logs stored in S3 with AWS Athena
Using the liveness, readiness, and startup probes in Kubernetes
Using a liveness probe to see whether a container can respond Changing ShipIt Clicker to support separate liveness and readiness probes Exercise – forcing ShipIt Clicker to fail the readiness check
Gathering metrics and sending alerts with Prometheus
Prometheus' history Exploring Prometheus through its query and graph web interface Adding Prometheus metrics to an application Querying Prometheus for a custom metric Configuring Prometheus alerts Sending notifications with the Prometheus Alertmanager Exploring Prometheus queries and external monitoring in-depth
Visualizing operational data with Grafana
Gaining access to Grafana Adding a community-provided dashboard Adding a new dashboard with a custom query
Application performance monitoring with Jaeger
Understanding the OpenTracing API Introduction to Jaeger Exploring the Jaeger client with ShipIt Clicker Installing the Jaeger Operator
Summary Further reading
Chapter 11: Scaling and Load Testing Docker Applications
Technical requirements
Using the updated ShipIt Clicker v8
Scaling your Kubernetes cluster
Scaling the cluster manually Scaling the cluster dynamically (autoscaling)
What is Envoy, and why might I need it?
Network traffic management with an Envoy service mesh Setting up Envoy
Testing scalability and performance with k6
Recording and replaying network sessions Hand-crafting a more realistic load test Running a stress test
Summary Further reading
Section 3: Docker Security – Securing Your Containers Chapter 12: Introduction to Container Security
Technical requirements Virtualization and hypervisor security models
Virtualization and protection rings Docker and protection rings
Container security models Docker Engine and containerd – Linux security features
PID namespaces MNT namespaces NET namespaces IPC namespaces UTS namespaces USER namespaces
A note on cgroups An overview of best practices
Keeping Docker patched Securing the Docker daemon socket Docker won't fix bad code Always set an unprivileged user
Summary
Chapter 13: Docker Security Fundamentals and Best Practices
Technical requirements Docker image security
Image verification Using minimal base images Restricting privileges Avoiding data leakages from your image
Security around Docker commands
COPY versus ADD – what's the story? Recursive COPY – use with caution
Security around the build process
Using multi-stage builds
Limiting resources and capabilities when deploying your builds
Limiting resources Dropping capabilities
Summary
Chapter 14: Advanced Docker Security – Secrets, Secret Commands, Tagging, and Labels
Technical requirements Securely storing secrets in Docker
The Raft log
Adding, inspecting, and removing secrets
Creating Inspecting Deleting
Secrets in action – examples Docker tags for security Using labels for metadata application Summary
Chapter 15: Scanning, Monitoring, and Using Third-Party Tools
Technical requirements Scanning and monitoring – cloud and DevOps security for containers
Scanning using Anchore Engine A brief mention of Chef InSpec Native monitoring locally using Docker stats Aggregating monitoring data in the cloud with Datadog
Securing your containers using AWS
Security alerts for AWS with GuardDuty
Securing your containers using Azure
Container monitoring in Azure Using Security Center to secure your containers in Azure
Securing your containers using GCP
Container Analysis and Binary Authorization in GCP Understanding your attack surface with Security Command Center
Summary Further reading
Chapter 16: Conclusion – End of the Road, but not the Journey
Technical requirements Wrapping up – let's get started What we learned about development
Going deeper – design patterns
Next steps for taking your DevOps knowledge further
Chaos engineering and building resilient production systems
A summary on security and where to go next
Metasploit – container-based penetration testing
Summary
Other Books You May Enjoy
Leave a review - let other readers know what you think
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion