NeuVector helps to address some Docker security issues, which are not well resolved before. e.g, intelligently detect malicious traffic within servers of our critical envs, visualize network topology with large scale of docker envs, etc.
docker-bench-security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
We use Docker to save effort, not the other way around. Try docker-bench-security to avoid common pitfalls using Docker. It’s provided by Docker, Inc. Totally free and constantly polished.
Enclosed is all you need to know, in order to understand and use the tool.
Running daemon services in foreground helps for trouble shooting. Also a very useful trick for container environments.
Here is the general practice. And some real examples of popular services, like Apache, MySQL and Jenkins.
We have changed daily CI tests from VM to Docker, ever since early last year. It is just awesome! Way too fast and cost-effective.
But one annoying thing keeps dragging us slow. The Docker daemon server runs into low disk capacity quite often.
Nowadays people are happy to use community Docker images. It’s super fast and easy to setup infrastructure, compared to old black days. But watch out security risks hidding inside!
Ignoring them could result in serious damages sooner or later. How to easily identity security holes inside docker images?