Chapter 14. Docker and security

This chapter covers
  • The security Docker offers out of the box
  • What Docker has done to help make it more secure
  • What other parties are doing about it
  • What other steps can be taken to ameliorate security concerns
  • How to manage user Docker permissions with an aPaaS, potentially in a multi-tenant environment

As Docker makes clear in its documentation, access to the Docker API implies access to root privileges, which is why Docker must often be run with sudo, or the user must be added to a user group (which might be called “docker”, or “dockerroot”) that allows access to the Docker API.

In this chapter we’re going to look at the issue of security in Docker.

14.1. Docker access and what it ...

Get Docker in Practice, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.