Secure your applications and development environments with Docker and Kubernetes
â— Introducing Container platforms (Docker, Kubernetes, Swarm, OpenShift)
â— Discover how to manage high availability with Docker Swarm and Kubernetes
â— Learn how Docker can manage the security in images and containers
â— Discover how Docker can be integrated into development workflows in applications
â— Discover vulnerabilities in the Docker containers and images with practical examples to secure your container-based applications
â— Discover tools for monitoring and administration Docker and Kubernetes applications
Through this book, we will introduce the DevOps tools ecosystem and the main containers orchestration tools through an introduction to some platforms such as Kubernetes, Docker Swarm, and OpenShift.
Among other topics, both good practices will be addressed when constructing the Docker images as well as best security practices to be applied at the level of the host in which those containers are executed, from Docker's own daemon to the rest of the components that make up its technological stack.
We will review the topics such as static analysis of vulnerabilities on Docker images, the signing of images with Docker Content Trust and their subsequent publication in a Docker Registry will be addressed. Also, we will review the security state in Kubernetes.
In the last section, we will review container management and administration open source tools for IT organizations that need to manage and monitor container-based applications, reviewing topics such as monitoring, administration, and networking in Docker.
What will you learn
â— Learn fundamental DevOps skills and tools, starting with the basic components and concepts of Docker.
â— Learn about Docker as a platform for the deployment of containers and Docker images taking into account the security of applications.
â— Learn about tools that allow us to audit the security of the machine where we execute Docker images, finding out how to secure your Docker host.
â— Learn how to secure your Docker environment and discover vulnerabilities and threats in Docker images.
â— Learn about creating and deploying containers in a security way with Docker and Kubernetes.
â— Learn about monitoring and administration in Docker with tools such as cadvisor, sysdig, portainer, and Rancher.
Who this book is for
This book covers different techniques to help developers improve DevOps and container security skills and can be useful for people who are involved in software development and want to learn how Docker works from a security point of view. It is recommended that readers have the knowledge about UNIX commands and they work with commands terminal.
Table of Contents
1. Getting started with DevOps
2. Container platforms
3. Managing Containers and Docker images
4. Getting started with Docker security
5. Docker host security
6. Docker images security
7. Auditing and analyzing vulnerabilities in Docker containers
8. Kubernetes security
9. Docker container networking
10. Docker container monitoring
11. Docker container administration