Docker

8 Lessons Learned Using docker-compose

Nowadays when people setup and configure services, probably nobody will enjoy doing it in a manual way.

Here comes a new question. How do you automate the process, and make it fast and reliable?

Wrap up some ssh scripts? Leverage CM(configuration management tools) like chef, ansible, or pupet? Use docker run? It’s great that we now have many options. But, as you may guess, not all of them are equally good.

You want a headache-free solution, right? And you also want it real quick, do you? Then You Can Not Miss docker-compose! Here are some useful tips and lessons learned using docker-compose.

8 Lessons Learned Using docker-compose


(more…)

Verify Docker Images Build By Docker-In-Docker

Using Docker, deployments are more reliable and faster than ever. But how about the docker images build? Containers don’t have any silver bullets. It shifts installation instability from deployment cycle to image build cycle.

I would expect a general solution for the verification of all docker images build. And it should work across different projects. This means less time and effort. Certainly, save money!

Verfy Docker Image Build By Docker-In-Docker


(more…)

[Product Review] NeuVector, Build Run-Time Container Security

NeuVector is a startup company in Bay Area, focusing on run-time container security. In our previous post, we find docker-bench-security useful to avoid many common Docker pitfalls.

NeuVector helps to address some Docker security issues, which are not well resolved before. e.g, intelligently detect malicious traffic within servers of our critical envs, visualize network topology with large scale of docker envs, etc.

NeuVector, Build Run-Time Container Security


(more…)

docker-bench-security: Audit Well-Known Docker Vulnerabilities

docker-bench-security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
We use Docker to save effort, not the other way around. Try docker-bench-security to avoid common pitfalls using Docker. It’s provided by Docker, Inc. Totally free and constantly polished.

Enclosed is all you need to know, in order to understand and use the tool.

docker-bench-security: audit all known container vulnerabilities


(more…)