Overview
Learn how to create secure production environments using Docker in this 25-minute conference talk from EuroPython 2016. Explore Docker's functionality, understand main security risks, and discover best practices for creating and maintaining secure images. Delve into container defense strategies, risk mitigation techniques, and optimal container deployment methods. Gain insights on Docker's architecture, including cgroups, namespaces, and Linux kernel capabilities. Examine topics such as Docker daemon security, capability management, AppArmor implementation, and user definition. Discover the concept of immutable containers and learn to verify software and establish image provenance. Master the art of writing efficient Dockerfiles and leverage minimal base images like Alpine. Access valuable guides and resources to enhance your Docker security knowledge and implementation skills.
Syllabus
Intro
Content
How Docker Works
cgroups
Namespaces
Linux kernel Capabilities
Default Capabilities
Docker Daemon
Escaping
Drop capabilities
Enable AppArmor
Define an user
Inmutable containers
Image provenance
Verify software
Writing better Dockerfiles
Use minimal base images
Using Alpine
Guides and resources
Taught by
EuroPython Conference