You're reading from The Ultimate Docker Container Book Build, test, ship, and run containers with Docker and Kubernetes

Product type Paperback

Published in Aug 2023

Publisher Packt

ISBN-13 9781804613986

Length 626 pages

Edition 3rd Edition

Tools

Docker

Concepts

DevOps

Author (1):

Dr. Gabriel N. Schenker

View More author details

Table of Contents (26) Chapters

Preface

1. Part 1:Introduction

2. Chapter 1: What Are Containers and Why Should I Use Them? FREE CHAPTER

3. Chapter 2: Setting Up a Working Environment

4. Part 2:Containerization Fundamentals

5. Chapter 3: Mastering Containers

6. Chapter 4: Creating and Managing Container Images

7. Chapter 5: Data Volumes and Configuration

8. Chapter 6: Debugging Code Running in Containers

9. Chapter 7: Testing Applications Running in Containers

10. Chapter 8: Increasing Productivity with Docker Tips and Tricks

11. Part 3:Orchestration Fundamentals

12. Chapter 9: Learning about Distributed Application Architecture

13. Chapter 10: Using Single-Host Networking

14. Chapter 11: Managing Containers with Docker Compose

15. Chapter 12: Shipping Logs and Monitoring Containers

16. Chapter 13: Introducing Container Orchestration

17. Chapter 14: Introducing Docker Swarm

18. Chapter 15: Deploying and Running a Distributed Application on Docker Swarm

19. Part 4:Docker, Kubernetes, and the Cloud

20. Chapter 16: Introducing Kubernetes

21. Chapter 17: Deploying, Updating, and Securing an Application with Kubernetes

22. Chapter 18: Running a Containerized Application in the Cloud

23. Chapter 19: Monitoring and Troubleshooting an Application Running in Production

24. Index

Why subscribe?

25. Other Books You May Enjoy

Why are containers important?

These days, the time between new releases of an application becomes shorter and shorter, yet the software itself does not become any simpler. On the contrary, software projects increase in complexity. Thus, we need a way to tame the beast and simplify the software supply chain. Also, every day, we hear that cyber-attacks are on the rise. Many well-known companies are and have been affected by security breaches. Highly sensitive customer data gets stolen during such events, such as social security numbers, credit card information, health-related information, and more. But not only is customer data compromised – sensitive company secrets are stolen too. Containers can help in many ways. In a published report, Gartner found that applications running in a container are more secure than their counterparts not running in a container. Containers use Linux security primitives such as Linux kernel namespaces to sandbox different applications running on the same computers and control groups (cgroups) to avoid the noisy-neighbor problem, where one bad application uses all the available resources of a server and starves all other applications. Since container images are immutable, as we will learn later, it is easy to have them scanned for common vulnerabilities and exposures (CVEs), and in doing so, increase the overall security of our applications. Another way to make our software supply chain more secure is to have our containers use content trust. Content trust ensures that the author of a container image is who they say they are and that the consumer of the container image has a guarantee that the image has not been tampered with in transit. The latter is known as a man-in-the-middle (MITM) attack.

Everything I have just said is, of course, technically also possible without using containers, but since containers introduce a globally accepted standard, they make it so much easier to implement these best practices and enforce them. OK, but security is not the only reason containers are important. There are other reasons too. One is the fact that containers make it easy to simulate a production-like environment, even on a developer’s laptop. If we can containerize any application, then we can also containerize, say, a database such as Oracle, PostgreSQL, or MS SQL Server. Now, everyone who has ever had to install an Oracle database on a computer knows that this is not the easiest thing to do, and it takes up a lot of precious space on your computer. You would not want to do that to your development laptop just to test whether the application you developed really works end to end. With containers to hand, we can run a full-blown relational database in a container as easily as saying 1, 2, 3. And when we are done with testing, we can just stop and delete the container and the database will be gone, without leaving a single trace on our computer. Since containers are very lean compared to VMs, it is common to have many containers running at the same time on a developer’s laptop without overwhelming the laptop. A third reason containers are important is that operators can finally concentrate on what they are good at – provisioning the infrastructure and running and monitoring applications in production. When the applications they must run on a production system are all containerized, then operators can start to standardize their infrastructure. Every server becomes just another Docker host. No special libraries or frameworks need to be installed on those servers – just an OS and a container runtime such as Docker. Furthermore, operators do not have to have intimate knowledge of the internals of applications anymore, since those applications run self-contained in containers that ought to look like black boxes to them like how shipping containers look to personnel in the transportation industry.