You're reading from Mastering Docker, Fourth Edition Enhance your containerization and DevOps skills to deliver production-ready applications

Product type Paperback

Published in Oct 2020

Publisher Packt

ISBN-13 9781839216572

Length 568 pages

Edition 4th Edition

Tools

Docker

Concepts

Containerization

Author (1):

Russ McKendrick

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Getting Up and Running with Docker

2. Chapter 1: Docker Overview FREE CHAPTER

3. Chapter 2: Building Container Images

4. Chapter 3: Storing and Distributing Images

5. Chapter 4: Managing Containers

6. Chapter 5: Docker Compose

7. Chapter 6: Docker Machine, Vagrant, and Multipass

8. Section 2: Clusters and Clouds

9. Chapter 7: Moving from Linux to Windows Containers

10. Chapter 8: Clustering with Docker Swarm

11. Chapter 9: Portainer – A GUI for Docker

12. Chapter 10: Running Docker in Public Clouds

13. Chapter 11: Docker and Kubernetes

14. Chapter 12: Discovering other Kubernetes options

15. Chapter 13: Running Kubernetes in Public Clouds

16. Section 3: Best Practices

17. Chapter 14: Docker Security

18. Chapter 15: Docker Workflows

19. Chapter 16: Next Steps with Docker

20. Assessments

21. Other Books You May Enjoy

Leave a review - let other readers know what you think

Best practices

In this section, we will look at best practices when it comes to Docker. Some of these we have already mentioned in previous chapters. We will then discuss the Center for Internet Security guide, which documents how to properly secure all aspects of your Docker environment.

Docker best practices

Before we dive into the Center for Internet Security guide, let's go over some of the best practices for using Docker, as follows:

Only launch one application per container: Docker was built for this, and it makes everything easier, at the end of the day. The isolation that we discussed earlier is where this is key.
Only install what you need: As we already covered in previous chapters, if you have to install more services to support the one process your container should be running, I would recommend that you review the reasons why. This not only keeps your images small and portable, but it also reduces the potential attack surface.
Review who has access...