DevOps and Containers Security (eBook)

Secure your applications and development environments with Docker and Kubernetes Key Featuresa- Introducing Container platforms (Docker, Kubernetes, Swarm, OpenShift)a- Discover how to manage high availability with Docker Swarm and Kubernetesa- Learn how Docker can manage the security in images and containersa- Discover how Docker can be integrated into development workflows in applicationsa- Discover vulnerabilities in the Docker containers and images with practical examples to secure your container-based applicationsa- Discover tools for monitoring and administration Docker and Kubernetes applicationsDescriptionThrough this book, we will introduce the DevOps tools ecosystem and the main containers orchestration tools through an introduction to some platforms such as Kubernetes, Docker Swarm, and OpenShift.Among other topics, both good practices will be addressed when constructing the Docker images as well as best security practices to be applied at the level of the host in which those containers are executed, from Docker's own daemon to the rest of the components that make up its technological stack.We will review the topics such as static analysis of vulnerabilities on Docker images, the signing of images with Docker Content Trust and their subsequent publication in a Docker Registry will be addressed. Also, we will review the security state in Kubernetes.In the last section, we will review container management and administration open source tools for IT organizations that need to manage and monitor container-based applications, reviewing topics such as monitoring, administration, and networking in Docker.What will you learna- Learn fundamental DevOps skills and tools, starting with the basic components and concepts of Docker.a- Learn about Docker as a platform for the deployment of containers and Docker images taking into account the security of applications.a- Learn about tools that allow us to audit the security of the machine where we execute Docker images, finding out how to secure your Docker host.a- Learn how to secure your Docker environment and discover vulnerabilities and threats in Docker images.a- Learn about creating and deploying containers in a security way with Docker and Kubernetes.a- Learn about monitoring and administration in Docker with tools such as cadvisor, sysdig, portainer, and Rancher.Who this book is forThis book covers different techniques to help developers improve DevOps and container security skills and can be useful for people who are involved in software development and want to learn how Docker works from a security point of view. It is recommended that readers have the knowledge about UNIX commands and they work with commands terminal. Table of Contents1. Getting started with DevOps2. Container platforms3. Managing Containers and Docker images4. Getting started with Docker security5. Docker host security6. Docker images security7. Auditing and analyzing vulnerabilities in Docker containers8. Kubernetes security9. Docker container networking10. Docker container monitoring11. Docker container administrationAbout the AuthorJose Manuel Ortega is a software engineer and security researcher with a special focus on new technologies, open source, security and testing. In recent years, he is interested in security development, especially with Python and security best practices with Docker and Kubernetes. Conferences and talks related with python, security and docker are available on his personal website http://jmortega.github.io.Your Blog links: http://jmortega.github.io/Your LinkedIn Profile:https://www.linkedin.com/in/jmortega1/