5. In computing, virtualization refers
to the act of creating a virtual
(rather than actual) version of
something, including virtual computer
hardware platforms, storage devices,
and computer network resources.
Wikipedia
11. The Benefits Of
Containers
- Application level isolation
- Faster to set up and scale than VM
- Takes less memory and space than VM
- Faster communication between containers
- Improves application deployment and
maintenance due to self-contained container
images.
- Reduces time to deliver the application
22. Client
• Docker runs as a root-privileged daemon process
• The daemon listens on a Unix socket
• We can specify multiple bindings
• User interfaces: Docker, Portainer, Shipyard.
27. Docker Security
•Just use Docker in default settings
•Scan your hosts for proper Docker config (DBS)
•Don't run apps in containers as root
•App and OS dependency scanning (CVE)
•Don't expose the Docker TCP socket
•Enable "user namespaces"
•Runtime Bad Behavior Monitoring (Sysdig Falco)
•Content Trust
•Check AppArmor, SELinux, Seccomp
•Docker root-less
38. • Simple architecture
• No auto scaling
• Easy to start a cluster
• Limited API capabilities
• Auto load balancing
• No GUI
• No auto rollbacks
• Third party mon. and log.
• Only 10-20 cont. in prod
• Complex architecture
• Auto scaling
• Hard to start a cluster
• Advanced API capabilities
• Manually load balancing
• Has GUI
• Auto rollbacks in failure
• Monitoring and logging
• 100-1000 cont. in prod
Docker Swarm Kubernetes