Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Docker Cookbook

You're reading from   Docker Cookbook Over 100 practical and insightful recipes to build distributed applications with Docker

Arrow left icon
Product type Paperback
Published in Aug 2018
Publisher
ISBN-13 9781788626866
Length 352 pages
Edition 2nd Edition
Tools
Arrow right icon
Authors (3):
Arrow left icon
Neependra K Khare Neependra K Khare
Author Profile Icon Neependra K Khare
Neependra K Khare
Ken Cochrane Ken Cochrane
Author Profile Icon Ken Cochrane
Ken Cochrane
Jeeva S. Chelladhurai Jeeva S. Chelladhurai
Author Profile Icon Jeeva S. Chelladhurai
Jeeva S. Chelladhurai
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Introduction and Installation 2. Working with Docker Containers FREE CHAPTER 3. Working with Docker Images 4. Network and Data Management for Containers 5. Docker Use Cases 6. Docker APIs and SDKs 7. Docker Performance 8. Docker Orchestration and Hosting a Platform 9. Docker Security 10. Getting Help and Tips and Tricks 11. Docker on the Cloud 12. Other Books You May Enjoy

Introduction

Docker containers, actually, are not Sandbox applications, which means they are not recommended to run random applications on the system as root with Docker. You should always treat a container running a service/process as a service/process running on the host system, and put all the security measures inside the container you put on the host system.

We saw in Chapter 1, Introduction and Installation, how Docker uses namespaces for isolation. The six namespaces that Docker uses are Process, Network, Mount, Hostname, Shared Memory, and User. Not everything in Linux is namespaced, for example, SELinux, Cgroups, Devices (/dev/mem, /dev/sd*), and Kernel Modules. Filesystems under /sys, /proc/sys, /proc/sysrq-trigger, /proc/irq, and /proc/bus are also not namespaced, but they are mounted as read-only by default with the containerD container runtime.

To make Docker...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image