Build resilient systems at scale
28–30 October 2015 • Amsterdam, The Netherlands

Using Docker safely

Adrian Mouat (Container Solutions)
16:10–16:50 Friday, 30/10/2015
Location: G106/107
Average rating: ****.
(4.32, 19 ratings)
Slides:   1-PDF 

Prerequisite Knowledge

Some basic knowledge of Docker and containers in general. Most advice will be straightforward, sometimes advice rather than tool-driven, although it will touch on more advanced topics such as SELinux. Anyone who knows what Docker is and has basic Linux skills should be able to follow the talk, but it will appeal more to people with intermediate Docker skills.

Description

The security of containers has been a hotly discussed topic in recent months. This talk will explain the main concerns around container security, and offer some best practices and guidance for addressing them. The guiding philosophy will be “defence in depth”; no one layer or tool should be relied upon to provide complete security.

The topics covered will include:

  • The isolation guarantees of containers
  • Making sure your images haven’t been tampered with
  • How to limit the resources that containers can access
  • How to audit and monitor containers
  • Using VMs and containers together to maximise security and efficiency
  • How to safely share secrets (API keys, passwords) with containers
Photo of Adrian Mouat

Adrian Mouat

Container Solutions

Adrian Mouat is the chief scientist for Container Solutions, a pan-European services company that specializes in Docker and Mesos. Adrian has recently developed a Docker-based PaaS solution for a hosting company. He has written several successful blogs on Docker and is the author of the O’Reilly book Using Docker: Developing and Deploying Software with Containers. Adrian is a member of the Docker Captains program.