SlideShare a Scribd company logo

Docker security introduction-task-2016

Ricardo Gerardi
Ricardo Gerardi

This document discusses Docker security. It begins by introducing Docker and containers, then covers securing Docker images through signing and scanning. It discusses how Docker uses namespaces and cgroups for isolation. It also addresses securing the Docker daemon and containers, as well as operational concerns around deployment, networking, monitoring, and logging of containers. It concludes by looking at future directions like unikernels and serverless architectures.

1 of 52
Downloaded 15 times
DOCKER SECURITY Fernando Montenegro, CISSP - Ricardo Gerardi - @fsmontenegro @ricardogerardi TASK Jan 27, 2016
WHYAREWEHERE? Google Trends: "Microservices"
Google Trends: "Docker"
Google Trends: "Kubernetes"
MICROSERVICES? (Source: F5)
MICROSERVICES "Many development teams have found the microservices architectural style to be a superior approach to a monolithic architecture. But other teams have found them to be a productivity-sapping burden. Like any architectural style, microservices bring costs and bene ts. To make a sensible choice you have to understand these and apply them to your speci c context."" Martin Fowler ( )http://martinfowler.com/articles/microservice-trade-o s.html
SIGNIFICANTBENEFITS Support CI/CD practices Easier to achieve scale Operational bene ts of "DevOps"
DATADOGCONTAINERSURVEY ( )https://www.datadoghq.com/docker-adoption/ Two schools of thought: Containers as up&down microservices Containers as "lightweight servers" that stay up
Docker security introduction-task-2016
Docker security introduction-task-2016
WHATWEFOUND
Docker security introduction-task-2016
ABOUTUS-FERNANDO @fsmontenegro Sales Engineer Online Fraud Network Security CompSci ’94 Greying hair Curious Finance (DIY) Economics (EMH, Behaviour) Data Science (Coursera)
ABOUTUS-RICARDO @ricardogerardi Senior IT Consultant Network Management/Monitoring IBM Netcool Certi ed Uncerti ed father (2x) Interests Linux/UNIX Emerging technologies Data Science
DOCKERINTRO
WHATISDOCKER? DOCKER,THEPLATFORM Docker is a container based platform used to package and run applications in a variety of systems DOCKER,THECOMPANY Docker Inc. (https://www.docker.com/company)
SOFTWAREPACKAGEAND DISTRIBUTIONCHALLENGE OLDWAY-HOSTEDAPPLICATIONS
VIRTUALMACHINES
ENTERTHECONTAINER
WHYDOCKER? Linux containers Around for a long time (Open VZ, LXC, etc) Not very "friendly" Docker streamlines the process and makes it very easy to create and use containers Speed (Development/Scalability) Portability Driver to DevOps and Microservices
WHATDOYOUNEEDTORUN DOCKER? Recent Linux Kernel (3.8+) Namespaces cGroups Network connection
DOCKERARCHITECTUREINA NUTSHELL Source: https://www.docker.com/what-docker
Source: https://docs.docker.com/engine/introduction/understanding-docker/
DOCKERDEMO
DOCKER SECURITY
FIRSTTHINGSFIRST... Containers vs. VMs? Containers not as isolated as VMs. but much more isolated than processes... cgroups & namespaces Containers are OS-dependant. Containers for multi-tenancy? Not so fast... Containers & VMs :-)
SECURITYFORDOCKER How to secure the Docker "pipeline" How to secure Docker containers themselves
SECURITYFORDOCKERIMAGES Secure Registry/Mirror Access Getting trustworthy images trusted sources - docker hub, private registry building secure Docker Content Trust (1.8) [Notary] "only signed content in production" Yubico Keys
DOCKER'SPROJECTNAUTILUS Docker securing images on DockerHub Image security Component inventory/license management Image optimization Basic functional testing
CLAIRBYCOREOS Security scanning of images - Available on Quay Security Scanning Beta - https://coreos.com/blog/vulnerability-analysis-for- containers/ https://blog.quay.io/security- scanning-beta/
OTHERCONSIDERATIONS Containers are stateless Can mount additional volumes How to do Secrets Management? ENV variables - not recommended Key/Value Pair solutions Embedded in orchestration ( ) Vault & Keywhiz Kubernetes Custom solutions
SECURITYFROMDOCKER How to contain Docker & containers?
NAMESPACES&CGROUPS PID – process isolation Network – NICs, IPs, routing tabes et al. UTS – hostnames Mount – lesystem layouts/ properties IPC – interprocess communication User – users ("root" != root) Control groups: resource utilization (RAM, swap, CPU, IO, controls)
ADDITIONALFEATURES capabilities - add or drop capabilities seccomp - ltering of system calls network isolation via iptables limit inter-container communication
SECURITYBYDOCKER Leveraging Docker features for security
LEVERAGINGDOCKERFORSECURITY microservice -> reduced attack surface enforce content trust to protect production r/o FileSystems drop capabilities when possible seccomp - ltering system calls journaled changes
OPERATIONS ANDECOSYSTEM
WHERETODEPLOYDOCKER? ONPREMISES Baremetal (on Linux) Virtual Machines IaaS, OpenStack, etc
PUBLICCLOUDPROVIDERS
PAASPROVIDERS
ORCHESTRATION/ SCHEDULING
NETWORKING BASICNETWORKING
OVERLAYNETWORKING
MONITORING CHALLENGES Scalability (100s of containers in a single host) Host Monitoring x Container Monitoring Container instrumentation (1 process/container philosophy) API instability
CONTAINERMONITORINGSOLUTIONS Sysdig Cloud Weaveworks New relic Google cAdvisor
CONTAINERLOGMANAGEMENT ELK Stack Splunk
WRAPPINGUP
LOOKINGATTHEFUTURE Containers exist in a continuum of options. Unikernels one degree further compile kernel for application Undebuggable? Serverless Architecture? AWS Lambda Azure Service Fabric potentially bad idea?
Docker security introduction-task-2016
WRAPPINGUP Docker Security "Anti-Patterns" free-for-all (unrestricted containers in Prod) treating containers as servers Recommendations for Security Don't try to stop it!!! recognize massive potential for disruption no agents on containers watch for outbound tra c keep up to date (news!) rethink approach ("cattle, not pets")
DOCKERALLOVER Last few weeks of news: Docker buys Unikernel Arista announces Container support in EOS Citrix supports NetScaler as Container Amazon announces Docker 1.9 support
RESOURCES! Twitterfolk: - AWS architect, tons of Docker links - Docker Security - Tons of Container work - Pluralsight course - KeepingItClassless, TechFieldDay - WebScale @ Shopify - DevOps - Shmoocon 2016 preso and - Company & Conference - Kubernetes confab Websites: - Checklist - portal of all things "modern" stacks - Network-focused approach - Open Container Initiative @mattnowina @diogomonica @frazelledazzell @nigelpoulton @mierdin @Sirupsen @blinken_lichten @jaybeale @docker @dockercon @kubeconio DockerBench TheNewStack Packet Pushers RunC
Ad

Recommended

Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
Sreenivas Makam
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 Presentation
Sreenivas Makam
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production Overview
Delve Labs
 
Docker Security Paradigm
Docker Security ParadigmDocker Security Paradigm
Docker Security Paradigm
Anis LARGUEM
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notes
Sreenivas Makam
 
Devops in Networking
Devops in NetworkingDevops in Networking
Devops in Networking
Sreenivas Makam
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current Status
Sreenivas Makam
 
Veer's Container Security
Veer's Container SecurityVeer's Container Security
Veer's Container Security
Jim Barlow
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
Salman Baset
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker Security
Patrick Kleindienst
 
Docker London: Container Security
Docker London: Container SecurityDocker London: Container Security
Docker London: Container Security
Phil Estes
 
Docker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David LawrenceDocker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David Lawrence
Docker, Inc.
 
Docker Security - Continuous Container Security
Docker Security - Continuous Container SecurityDocker Security - Continuous Container Security
Docker Security - Continuous Container Security
Dieter Reuter
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driver
Sreenivas Makam
 
Introduction to docker security
Introduction to docker securityIntroduction to docker security
Introduction to docker security
Walid Ashraf
 
Docker Security: Are Your Containers Tightly Secured to the Ship?
Docker Security: Are Your Containers Tightly Secured to the Ship?Docker Security: Are Your Containers Tightly Secured to the Ship?
Docker Security: Are Your Containers Tightly Secured to the Ship?
Michael Boelen
 
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Docker, Inc.
 
dockerizing web application
dockerizing web applicationdockerizing web application
dockerizing web application
Walid Ashraf
 
Docker Security and Content Trust
Docker Security and Content TrustDocker Security and Content Trust
Docker Security and Content Trust
ehazlett
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
Sreenivas Makam
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarm
Mathieu Buffenoir
 
docker installation and basics
docker installation and basicsdocker installation and basics
docker installation and basics
Walid Ashraf
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Walid Ashraf
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm Mode
Ajeet Singh Raina
 
Introduction To Docker
Introduction To DockerIntroduction To Docker
Introduction To Docker
Dr. Syed Hassan Amin
 
Networking Overview for Docker Platform
Networking Overview for Docker PlatformNetworking Overview for Docker Platform
Networking Overview for Docker Platform
Aditya Patawari
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzureDevoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
Security For Humans
Security For HumansSecurity For Humans
Security For Humans
conjur_inc
 
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav Srivastav
 
Ad

More Related Content

What's hot (20)

A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
Salman Baset
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker Security
Patrick Kleindienst
 
Docker London: Container Security
Docker London: Container SecurityDocker London: Container Security
Docker London: Container Security
Phil Estes
 
Docker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David LawrenceDocker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David Lawrence
Docker, Inc.
 
Docker Security - Continuous Container Security
Docker Security - Continuous Container SecurityDocker Security - Continuous Container Security
Docker Security - Continuous Container Security
Dieter Reuter
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driver
Sreenivas Makam
 
Introduction to docker security
Introduction to docker securityIntroduction to docker security
Introduction to docker security
Walid Ashraf
 
Docker Security: Are Your Containers Tightly Secured to the Ship?
Docker Security: Are Your Containers Tightly Secured to the Ship?Docker Security: Are Your Containers Tightly Secured to the Ship?
Docker Security: Are Your Containers Tightly Secured to the Ship?
Michael Boelen
 
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Docker, Inc.
 
dockerizing web application
dockerizing web applicationdockerizing web application
dockerizing web application
Walid Ashraf
 
Docker Security and Content Trust
Docker Security and Content TrustDocker Security and Content Trust
Docker Security and Content Trust
ehazlett
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
Sreenivas Makam
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarm
Mathieu Buffenoir
 
docker installation and basics
docker installation and basicsdocker installation and basics
docker installation and basics
Walid Ashraf
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Walid Ashraf
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm Mode
Ajeet Singh Raina
 
Introduction To Docker
Introduction To DockerIntroduction To Docker
Introduction To Docker
Dr. Syed Hassan Amin
 
Networking Overview for Docker Platform
Networking Overview for Docker PlatformNetworking Overview for Docker Platform
Networking Overview for Docker Platform
Aditya Patawari
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzureDevoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
Salman Baset
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker Security
Patrick Kleindienst
 
Docker London: Container Security
Docker London: Container SecurityDocker London: Container Security
Docker London: Container Security
Phil Estes
 
Docker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David LawrenceDocker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David Lawrence
Docker, Inc.
 
Docker Security - Continuous Container Security
Docker Security - Continuous Container SecurityDocker Security - Continuous Container Security
Docker Security - Continuous Container Security
Dieter Reuter
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driver
Sreenivas Makam
 
Introduction to docker security
Introduction to docker securityIntroduction to docker security
Introduction to docker security
Walid Ashraf
 
Docker Security: Are Your Containers Tightly Secured to the Ship?
Docker Security: Are Your Containers Tightly Secured to the Ship?Docker Security: Are Your Containers Tightly Secured to the Ship?
Docker Security: Are Your Containers Tightly Secured to the Ship?
Michael Boelen
 
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Docker, Inc.
 
dockerizing web application
dockerizing web applicationdockerizing web application
dockerizing web application
Walid Ashraf
 
Docker Security and Content Trust
Docker Security and Content TrustDocker Security and Content Trust
Docker Security and Content Trust
ehazlett
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
Sreenivas Makam
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarm
Mathieu Buffenoir
 
docker installation and basics
docker installation and basicsdocker installation and basics
docker installation and basics
Walid Ashraf
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Walid Ashraf
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm Mode
Ajeet Singh Raina
 
Introduction To Docker
Introduction To DockerIntroduction To Docker
Introduction To Docker
Dr. Syed Hassan Amin
 
Networking Overview for Docker Platform
Networking Overview for Docker PlatformNetworking Overview for Docker Platform
Networking Overview for Docker Platform
Aditya Patawari
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzureDevoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 

Viewers also liked (20)

Security For Humans
Security For HumansSecurity For Humans
Security For Humans
conjur_inc
 
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav Srivastav
 
Een Gezond Gebit2
Een Gezond Gebit2Een Gezond Gebit2
Een Gezond Gebit2
guest031320
 
Java standards in WCM
Java standards in WCMJava standards in WCM
Java standards in WCM
Paolo Mottadelli
 
CloudStack EU user group - Trillian
CloudStack EU user group - TrillianCloudStack EU user group - Trillian
CloudStack EU user group - Trillian
ShapeBlue
 
Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...
Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...
Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...
Precisely
 
Application Deployment at UC Riverside
Application Deployment at UC RiversideApplication Deployment at UC Riverside
Application Deployment at UC Riverside
Michael Kennedy
 
What does "monitoring" mean? (FOSDEM 2017)
What does "monitoring" mean? (FOSDEM 2017)What does "monitoring" mean? (FOSDEM 2017)
What does "monitoring" mean? (FOSDEM 2017)
Brian Brazil
 
Aws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic ScaleAws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic Scale
Puppet
 
You know, for search
You know, for searchYou know, for search
You know, for search
Peter van der Weerd
 
Neuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & CoNeuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & Co
Arne Krueger
 
Verwondering...
Verwondering...Verwondering...
Verwondering...
Sterrenvereniging Astra Alteria
 
AWS + Puppet = Dynamic Scale
AWS + Puppet = Dynamic ScaleAWS + Puppet = Dynamic Scale
AWS + Puppet = Dynamic Scale
Shiva Narayanaswamy
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cohesive Networks
 
Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...
Bhakti Mehta
 
Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced
OPNFV
 
Introduction to smpc
Introduction to smpc Introduction to smpc
Introduction to smpc
Cysinfo Cyber Security Community
 
Kelompok 2
Kelompok 2Kelompok 2
Kelompok 2
University of Andalas
 
Platform - Technical architecture
Platform - Technical architecturePlatform - Technical architecture
Platform - Technical architecture
David Rundle
 
Reversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasicsReversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasics
Cysinfo Cyber Security Community
 
Security For Humans
Security For HumansSecurity For Humans
Security For Humans
conjur_inc
 
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav Srivastav
 
Een Gezond Gebit2
Een Gezond Gebit2Een Gezond Gebit2
Een Gezond Gebit2
guest031320
 
Java standards in WCM
Java standards in WCMJava standards in WCM
Java standards in WCM
Paolo Mottadelli
 
CloudStack EU user group - Trillian
CloudStack EU user group - TrillianCloudStack EU user group - Trillian
CloudStack EU user group - Trillian
ShapeBlue
 
Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...
Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...
Machine Learning & IT Service Intelligence for the Enterprise: The Future is ...
Precisely
 
Application Deployment at UC Riverside
Application Deployment at UC RiversideApplication Deployment at UC Riverside
Application Deployment at UC Riverside
Michael Kennedy
 
What does "monitoring" mean? (FOSDEM 2017)
What does "monitoring" mean? (FOSDEM 2017)What does "monitoring" mean? (FOSDEM 2017)
What does "monitoring" mean? (FOSDEM 2017)
Brian Brazil
 
Aws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic ScaleAws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic Scale
Puppet
 
You know, for search
You know, for searchYou know, for search
You know, for search
Peter van der Weerd
 
Neuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & CoNeuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & Co
Arne Krueger
 
Verwondering...
Verwondering...Verwondering...
Verwondering...
Sterrenvereniging Astra Alteria
 
AWS + Puppet = Dynamic Scale
AWS + Puppet = Dynamic ScaleAWS + Puppet = Dynamic Scale
AWS + Puppet = Dynamic Scale
Shiva Narayanaswamy
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cohesive Networks
 
Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...
Bhakti Mehta
 
Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced
OPNFV
 
Introduction to smpc
Introduction to smpc Introduction to smpc
Introduction to smpc
Cysinfo Cyber Security Community
 
Kelompok 2
Kelompok 2Kelompok 2
Kelompok 2
University of Andalas
 
Platform - Technical architecture
Platform - Technical architecturePlatform - Technical architecture
Platform - Technical architecture
David Rundle
 
Reversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasicsReversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasics
Cysinfo Cyber Security Community
 
Ad

Similar to Docker security introduction-task-2016 (20)

Yet Another Session about Docker and Containers​
Yet Another Session about Docker and Containers​Yet Another Session about Docker and Containers​
Yet Another Session about Docker and Containers​
Pedro Sousa
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
Docker training
Docker trainingDocker training
Docker training
Kiran Kumar
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017
Arjen Wassink
 
Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017
Kyle Bassett
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
Patrick Chanezon
 
AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?
Phil Estes
 
Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...
Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...
Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...
Kangaroot
 
Microservices and containers for the unitiated
Microservices and containers for the unitiatedMicroservices and containers for the unitiated
Microservices and containers for the unitiated
Kevin Lee
 
Dockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx CasablancaDockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx Casablanca
Michel Courtine
 
IAU workshop 2018 day one
IAU workshop 2018 day oneIAU workshop 2018 day one
IAU workshop 2018 day one
Walid Shaari
 
Docker-PPT.pdf for presentation and other
Docker-PPT.pdf for presentation and otherDocker-PPT.pdf for presentation and other
Docker-PPT.pdf for presentation and other
adarsh20cs004
 
Microservices in the Enterprise
Microservices in the Enterprise Microservices in the Enterprise
Microservices in the Enterprise
Jesus Rodriguez
 
Docker en kernel security
Docker en kernel securityDocker en kernel security
Docker en kernel security
smart_bit
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Patrick Chanezon
 
Docker Devoxx UK - Never mind the bollocks here's the Linux Containers
Docker Devoxx UK - Never mind the bollocks here's the Linux ContainersDocker Devoxx UK - Never mind the bollocks here's the Linux Containers
Docker Devoxx UK - Never mind the bollocks here's the Linux Containers
Patrick Chanezon
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
Patrick Chanezon
 
MinIO January 2020 Briefing
MinIO January 2020 BriefingMinIO January 2020 Briefing
MinIO January 2020 Briefing
Jonathan Symonds
 
The New Stack Container Summit Talk
The New Stack Container Summit TalkThe New Stack Container Summit Talk
The New Stack Container Summit Talk
The New Stack
 
Yet Another Session about Docker and Containers​
Yet Another Session about Docker and Containers​Yet Another Session about Docker and Containers​
Yet Another Session about Docker and Containers​
Pedro Sousa
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
Docker training
Docker trainingDocker training
Docker training
Kiran Kumar
 
Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017Microservices at scale with docker and kubernetes - AMS JUG 2017
Microservices at scale with docker and kubernetes - AMS JUG 2017
Arjen Wassink
 
Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017
Kyle Bassett
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
Patrick Chanezon
 
AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?
Phil Estes
 
Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...
Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...
Red Hat OpenShift & CoreOS by Ludovic Aelbrecht, Senior Solution Architect at...
Kangaroot
 
Microservices and containers for the unitiated
Microservices and containers for the unitiatedMicroservices and containers for the unitiated
Microservices and containers for the unitiated
Kevin Lee
 
Dockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx CasablancaDockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx Casablanca
Michel Courtine
 
IAU workshop 2018 day one
IAU workshop 2018 day oneIAU workshop 2018 day one
IAU workshop 2018 day one
Walid Shaari
 
Docker-PPT.pdf for presentation and other
Docker-PPT.pdf for presentation and otherDocker-PPT.pdf for presentation and other
Docker-PPT.pdf for presentation and other
adarsh20cs004
 
Microservices in the Enterprise
Microservices in the Enterprise Microservices in the Enterprise
Microservices in the Enterprise
Jesus Rodriguez
 
Docker en kernel security
Docker en kernel securityDocker en kernel security
Docker en kernel security
smart_bit
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Patrick Chanezon
 
Docker Devoxx UK - Never mind the bollocks here's the Linux Containers
Docker Devoxx UK - Never mind the bollocks here's the Linux ContainersDocker Devoxx UK - Never mind the bollocks here's the Linux Containers
Docker Devoxx UK - Never mind the bollocks here's the Linux Containers
Patrick Chanezon
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
Patrick Chanezon
 
MinIO January 2020 Briefing
MinIO January 2020 BriefingMinIO January 2020 Briefing
MinIO January 2020 Briefing
Jonathan Symonds
 
The New Stack Container Summit Talk
The New Stack Container Summit TalkThe New Stack Container Summit Talk
The New Stack Container Summit Talk
The New Stack
 
Ad

Recently uploaded (19)

(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security
aluacharya169
 
Perguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolhaPerguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolha
socaslev
 
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC
 
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry SweetserAPNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC
 
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
DataProvider1
 
OSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description fOSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description f
cbr49917
 
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 SupportReliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
steve198109
 
Understanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep WebUnderstanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep Web
nabilajabin35
 
5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx
andani26
 
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation TemplateSmart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
yojeari421237
 
Determining Glass is mechanical textile
Determining Glass is mechanical textileDetermining Glass is mechanical textile
Determining Glass is mechanical textile
Azizul Hakim
 
Best web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you businessBest web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you business
steve198109
 
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingTop Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
steve198109
 
IT Services Workflow From Request to Resolution
IT Services Workflow From Request to ResolutionIT Services Workflow From Request to Resolution
IT Services Workflow From Request to Resolution
mzmziiskd
 
project_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptxproject_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptx
redzuriel13
 
DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)
APNIC
 
White and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptxWhite and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptx
canumatown
 
Computers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers NetworksComputers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers Networks
Tito208863
 
highend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptxhighend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptx
elhadjcheikhdiop
 
(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security
aluacharya169
 
Perguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolhaPerguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolha
socaslev
 
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC
 
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry SweetserAPNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC
 
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
DataProvider1
 
OSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description fOSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description f
cbr49917
 
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 SupportReliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
steve198109
 
Understanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep WebUnderstanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep Web
nabilajabin35
 
5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx
andani26
 
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation TemplateSmart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
yojeari421237
 
Determining Glass is mechanical textile
Determining Glass is mechanical textileDetermining Glass is mechanical textile
Determining Glass is mechanical textile
Azizul Hakim
 
Best web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you businessBest web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you business
steve198109
 
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingTop Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
steve198109
 
IT Services Workflow From Request to Resolution
IT Services Workflow From Request to ResolutionIT Services Workflow From Request to Resolution
IT Services Workflow From Request to Resolution
mzmziiskd
 
project_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptxproject_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptx
redzuriel13
 
DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)
APNIC
 
White and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptxWhite and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptx
canumatown
 
Computers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers NetworksComputers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers Networks
Tito208863
 
highend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptxhighend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptx
elhadjcheikhdiop
 

Docker security introduction-task-2016