Container Technology Wiki Site Map

Kubernetes

Kubernetes 101

If you're getting started with Docker, or want to go in depth, we have you covered with comprehensive reviews of the most important topics concerning Docker engineers.

  • Kubernetes Architecture 101Learn about Service in Kubernetes, specifying pods, using services for external workloads, cluster federation, kubectl, and more.
  • 70 Best Kubernetes TutorialsValuable Kubernetes tutorials from multiple sources, classified into the following categories: Kubernetes AWS and Azure tutorials, networking tutorials, clustering and federation tutorials and more.
  • Kubernetes Deployment 101Get started with Kubernetes deployment: with common Kubernetes deployment tasks and deployment strategies including rolling updates, blue-green, and canary releases.
  • Kubernetes Services 101Learn about Service in Kubernetes, specifying pods, using services for external workloads, cluster federation, kubectl, and more.
  • Kubernetes on AWSLearn about Kubernetes Node Components, Kubernetes vs. ECS, deploying on AWS using Kops, Kubernetes EKS, launching Kubernetes on EC2 using Rancher, scheduling Resources using Terraform, and more.
  • Kubernetes Networking 101Learn about Kubernetes vs. Docker networking model, K8s networking implementations, how pods communicate, incoming traffic, DNS for services and pods, and more.
  • Kubernetes Helm 101Kubernetes Helm makes life a lot easier for Kubernetes developers - learn how to install application packages (charts) in one click, and work with templates, hooks and repos.

Kubernetes Architecture

The architecture of Kubernetes Guide provides a flexible, loosely-coupled mechanism for service discovery. Like most distributed computing platforms, a Kubernetes cluster consists of at least one master and multiple compute nodes. This page gathers resources about the Kubernetes architecture components like Kubernetes Nodes, Kubernetes Pods, Kubernetes Registry and more.

  • Kubernetes NodesA node is a worker machine in Kubernetes, previously known as a minion. A node may be a VM or physical machine, depending on the cluster. Each node has the services necessary to run pods and is managed by the master components. The services on a node include Docker, kubelet and kube-proxy. This page gathers resources about how to create and manage Kubernetes Guide Nodes.
  • Kubernetes PodsA pod is a group of one or more containers (such as Docker containers), with shared storage/network, and a specification for how to run the containers. A pod’s contents are always co-located and co-scheduled, and run in a shared context. This page gathers resources on what Kubernetes Pods are and how to create and manage them.
  • Kubernetes Controllers and Control PlaneKubernetes Guide runs a group of controllers that take care of routine tasks to ensure the desired state of the cluster matches the observed state. Basically, each controller is responsible for a particular resource in the Kubernetes world. This page gathers resources about the Kubernetes controllers including information about replication controllers, node controllers and the Kubernetes controller manager.
  • Kubernetes DaemonSetsAggregating service logs, collecting node metrics, or running a networked storage cluster all require a container to be replicated across all nodes. In Kubernetes, this is done with a DaemonSet. A DaemonSet ensures that an instance of a specific pod is running on all (or a selection of) nodes in a cluster. This page gathers resources on how to use and deploying a daemon to all nodes.
  • Container Runtime InterfaceThe Container Runtime Interface (CRI) is a plugin interface which enables kubelet to use a wide variety of container runtimes, without the need to recompile. CRI consists of a protocol buffers and gRPC API, and libraries, with additional specifications and tools under active development. This page gathers resources about how to use the container runtime interface and how to build Kubernetes cluster using the CRI.
  • Working with Containers in KubernetesContainer orchestration is most commonly used for clusters that consist of many nodes. It is mainly used to deploy and manage complex containerized applications. Container orchestration can also be employed for simple clusters or for individual containers. This page gathers resources about how to work and orchestrate containers with Kubernetes.
  • Working with Images in KubernetesThis page gathers resources about how to create and work with container images (such as Docker images) in Kubernetes Guide using different environments like Azure, OpenShift and more.
  • Workloads in KubernetesAs more and more enterprises adopt a container based architecture, a container orchestrator has become necessary in order to provide wide-ranging options to manage containerized workloads. Kubernetes provides many options to manage containerized workloads. This page gathers resources on how to run workloads in Kubernetes.
  • Kubernetes ServicesA Kubernetes Guide service is an abstraction which defines a logical set of Pods and a policy by which to access them - sometimes called a micro-service. The set of Pods targeted by a service is usually determined by a Label Selector. This page gathers resources about the Kubernetes service types and how to create and work with them.
  • Kubernetes JobsA Kubernetes  job is a supervisor for pods carrying out batch processes, that is, a process that runs for a certain time to completion, for example a calculation or a backup operation. This page gathers resources about Kubernetes Jobs, including an introduction, tutorials,examples and more.
  • Kubernetes and MicroservicesKubernetes supports a microservices architecture through the service construct. It allows developers to abstract away the functionality of a set of  Pods and expose it to other developers through a well-defined API. This page gathers resources about how to use Kubernetes to create a continuous delivery configuration for building microservices.

Kubernetes Advantages and Use Cases

Kubernetes Guide is a system developed by Google, for managing containerized applications in a clustered environment. It aims to provide better ways of managing related, distributed components across varied infrastructure. This page gathers resources about the advantages and common use cases of using Kubernetes.

Kubernetes Operations

Resources about the process of managing and maintaining production-grade, highly available Kubernetes clusters, including Kubernetes security, Kubernetes networking, Kubernetes load balancing and more.

  • Installing KubernetesThere are many ways to install Kubernetes Guide and the obvious starting point is the setup section, but the installation process can sometimes be a challenge. This page gathers resources about how to install Kubernetes on various environments like Ubuntu, Windows and CentOS.
  • Kubernetes ConfigurationKubernetes Guide reads YAML files to configure services, pods and replication controllers.This page gathers resources about working with the Kubernetes configuration to deploy containers.
  • Kubernetes MonitoringMonitoring Kubernetes effectively requires to rethink and reorient all monitoring strategies, especially if using traditional hosts such as VMs or physical machines. This page gathers resources about how to monitor Kubernetes cluster with tools like Prometheus and Datadog.
  • Kubernetes Debugging and TroubleshootingThis page gathers resources about how to troubleshoot problems that arise when creating and managing Kubernetes Guide pods, replication controllers, services, and containers.
  • Kubernetes Load BalancingLoad balancing is a relatively straightforward task in many non-container environments, but it involves a bit of special handling when it comes to containers. There are two different types of load balancing in Kubernetes - Internal load balancing across containers of the same type using a label, and external load balancing. This page gathers resources about how to configure and use the Kubernetes load balancer feature.
  • Kubernetes SecurityKubernetes Guide provides many controls that can improve application security. Configuring them requires intimate knowledge with Kubernetes and the deployment’s security requirements. This page gathers resources about security best practices for Kubernetes, including best practices for deployment, sharing data and network security.
  • Kubernetes NetworkingKubernetes does not provide any default network implementation, rather it only defines the model and leaves to other tools to implement it. There are many implementations nowadays like Flannel, Calico and Weave. This page gathers resources about how to set up highly available networked Kubernetes clusters.
  • Kubernetes Storage ManagementStorage is a critical part of running stateful containers, and Kubernetes offers powerful primitives for managing it. This page gathers resources about managing Kubernetes storage options and how to provision storage in Kubernetes.
  • Kubernetes in ProductionThe default configurations for Kubernetes Guide components are not designed for heavy and dynamic production workloads, characteristic of DevOps environments and micro-services based application deployments where containers are quickly created and destroyed. This page gathers resources about how to create a production-ready Kubernetes cluster, including examples and tutorials.
  • Working with Kubernetes IngressKubernetes ingress is a collection of routing rules that govern how external users access services running in a Kubernetes cluster.  This page will introduce general strategies in Kubernetes for ingress, tutorials on how to build and troubleshoot Kubernetes Ingress controller and more.
  • Kubernetes Security Best PracticesKubernetes deployments have opened up a new set of infrastructure security concerns for development and operations teams. This page gathers resources about things you need to know about securing your Kubernetes infrastructure.

Kubernetes Cluster

A Kubernetes Guide cluster is made of a master node and a set of worker nodes. In a production environment these run in a distributed setup on multiple nodes. Kubernetes has six main components that form a functioning cluster: API server, Scheduler, Controller manager, kubelet, kube-proxy, etcd. This page gathers resources about Kubernetes cluster procedures such as configuration, resource management and monitoring.

  • Kubernetes Cluster PoliciesFor enterprise production deployments of Kubernetes clusters, enforcing cluster-wide policies to restrict what a container is allowed to do is an extremely important requirement. This page gathers resources about Kubernetes Cluster Policies such as Pod Security Policies, Network Policies and Resource Quotas.
  • Kubernetes FederationKubernetes Federation gives you the ability to manage deployments and services across all the Kubernetes clusters located in different regions. This page gathers resources on how to set up a Kubernetes Cluster Federation, including tutorials and examples.
  • Kubernetes High Availability ClustersKubernetes clusters enable a higher level of abstraction to deploy and manage a group of containers that comprise the micro-services in a cloud-native application. This page gathers resources about high availability cluster components and how to set up a high availability Kubernetes cluster.
  • Kubernetes LoggingApplication and system logs can help you understand what is happening inside a cluster. Kubernetes  provides two logging end-points for applications and cluster logs: Stackdriver Logging for use with Google Cloud Platform and Elasticsearch. This page gathers resources about Kubernetes logging architecture including tutorials and examples.
  • Kubernetes ProxiesThere are several different proxies you may encounter when using Kubernetes: kubectl, apiserver proxy, kube-proxy, a proxy/load-balancer in front of apiserver and a cloud load balancer on external services. This page gathers resources about the different types of Kubernetes proxies.
  • Kubernetes ServerlessThe idea behind serverless computing is that it lets you, as a developer, focus only on writing your code. With serverless computing, you just upload the code somewhere, and it runs whenever you invoke it. Simply put, serverless computing frees you from the complexities of configuring and maintaining Kubernetes clusters. This page gathers resources about how to build a Serverless Kubernetes cluster.
  • Working with Kubernetes DashboardKubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself. This page gathers resources on how to install, access and secure Kubernetes dashboard.

Kubernetes as a Service

Kubernetes as a Service is the method how your team should organize, or service, pods and the policy by which your team accesses them. Often called a microservice, this organization depends on a variety of unique variables. This Page gathers resources about managed Kubernetes platforms like Amazon EKS, Azure container service and GKE.

Container Basics

Container Architecture

Resources on building blocks of a container architecture, and architectural options organizations face when using containers for application development.

  • What is a ContainerContainers are a method of virtualization that packages an application's code, configurations, and dependencies into building blocks for consistency, efficiency, productivity, and version control. This page gathers resources about containers, including technical definitions and comparisons.
  • What is a Container ImageA container image is a self-contained piece of software that has everything in it needed to run – code, tools, and resources. This page gathers resources about container images, including tutorials and container-related conferences.
  • What is a Container Image RepositoryA container image repository is a collection of related container images, usually providing different versions of the same application or service. This page gathers resources about image repositories, including tutorials and specific environments in which image repositories are used.
  • Container Image RegistriesA container image registry is a service that stores container images, and is hosted either by a third-party or as a public/private registry such as Docker Hub, Quay, and so on. This page gathers resources about container image registries, including tutorials and specific technologies or tools related to container image registries.
  • Containers and Agile DevelopmentAgile software development and delivery via containerization are tightly related. This page includes resources about the benefits of using containers in the agile development cycle.
  • Containers and DevOpsDevOps is a set of cultural practices that emphasize collaboration between all parts of the IT organization and the “continuous delivery” of software. This page gathers resources about how containers fit into the DevOps ecosystem and how to implement DevOps with containerization.
  • Containers vs Virtual MachinesA virtual machine (VM) is an operating system or application environment installed on software, which imitates dedicated hardware. This page gathers resources about the containers vs virtual machines comparison, including a comparison of strengths and weaknesses, application portability, security and isolation, and more.
    • Containers vs UnikernelsUnikernels are application sized virtualization like a container but use a unique kernel and OS like with a virtual machine. They are an image that contains a library operating system that can be directly be run on a hypervisor. This page gathers resources about containers and virtual machines, including a review of their differences.
  • Containers vs Traditional Application ModelThe traditional application model is a model in which applications are executed directly on virtual machines or on bare-metal servers. This page gathers resources about the difference between containerized infrastructure and the traditional application model.
  • Containers and MicroservicesMicroservices or microservices architecture describes a particular way of designing software applications as suites of independently deployable services. This page gathers resources about using containers to build a microservices architecture and the benefits of combining microservices with containers.
  • Service MeshA service mesh is a configurable infrastructure layer for a microservices application. It makes communication between service instances flexible, reliable, and fast. This page gathers resources on service mesh architecture, examples an the Istio project.
    • Azure Service FabricAzure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. This page gathers resources about build a microservice with Service Fabric.
    • IstioIstio makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, without any changes in service code.  This page gathers resources about Istio and how it fits in the service mesh architecture .

Advantages of Containers

Resources about the advantages of containers for developers and ops, including immutability, utilization, portability, performance and scalability.

  • Container ImmutabilityThe principle of container immutability regards an image unchangeable once it is built, and requires creating a new image if changes need to be made. This page gathers resources about the container immutability principle, its benefits and implications.
  • Container Resource UtilizationContainer resource utilization refers to the process of making the most of the computing resources like CPU and memory, available in order to achieve the best container performance. This page gathers resources about how to manage resources to get the optimal container performance.
  • Container PortabilityContainer portability means the ability to move an application, in other words, port it from one host environment to another. The new host environment could be a different kind of operating system, different version of the same operating system or a different type of hardware platform. This page gathers resources about the benefits of container portability.
  • Container PerformanceContainer performance refers to speed-related factors such as container startup time, resource distribution, and redundancy (duplication of components), and how these affect the software delivery pipeline. This page gathers resources about container performance, including best practices, performance analysis, and academic papers.
  • Container ScalabilityContainer scalability is the trait where a container application can handle increased loads of work. This can be achieved by reconfiguring the existing architecture of a single machine to increase available resources or by provisioning additional containers within a cluster of distributed machines. This page gathers resources about how to orchestrate container applications for high scalability.
  • Container Operating CostsContainer's benefits are not just technical. Containers can also reduce costs - which is the big reason why companies are now adopting them. This page gathers resources about container operating costs and their influence on overall system costs.
  • Containers as a ServiceContainer as a Service (CaaS) is a business model whereby cloud computing service providers offer container-based virtualization services as a scalable online service. This allows users to use container services without having the necessary infrastructure. This Page gathers resources about the popularity and the advantages of CaaS.

Container Challenges

Containers are quickly becoming popular as a way to speed and simplify application deployment. However, while developers often find it fast and easy to deploy containerized applications, experts say that enterprises sometimes run into unexpected challenges when deploying containers in production. This page gathers resources about some of the major challenges in container adoption and how to overcome them.

  • Container Storage Best PracticesWhile a container keeps its bundle of software and dependencies wherever it goes, it doesn’t store data so it can maintain a light footprint. If a process stops or the container is rebooted, all the data associated with any applications within is lost. This page gathers resources about how to overcome this challenge and achieve persistent storage for containers. 
  • Container Networking Best PracticesContainer systems need networking functionality in order to function properly and to connect distributed applications across the cloud. This page gathers resources about container networking best practices including, challenges and concepts of container networking.
  • Security
  • Monitoring
  • Containers and OS CompatibilityMost major operating systems have some sort of container compatibility and since the launch of Docker, there has been an explosion of new container-centric operating systems, including CoreOS, Ubuntu Snappy, RancherOS. This page gathers resources about the challenges in hosting containers on different operating systems.

Containers and IT Infrastructure

Information technology infrastructure is composed of physical and virtual resources that support the flow, storage, processing and analysis of data. This page gathers resources about the combination of containers and IT Infrastructure like hybrid clouds, private clouds, data center and more.

  • Containers and Hybrid CloudsThe growing number of hybrid cloud deployments is accelerating the demand for enterprise container infrastructure as companies seek a consistent application development environment. This page gathers resources about the combination of containers and hybrid clouds including benefits of this combination and tutorials on how to get started.
  • Containers and Private CloudsPrivate cloud is a type of cloud computing that delivers similar advantages to public cloud, including scalability and self-service, but through a proprietary architecture. This page gathers resources about the combination of containers and private clouds and how they can serve as a container management environment.
  • Containers in The Data CenterContainers are being adopted in the data center in a rapid pace. Infrastructure managers must embrace this change to address the demands of bimodal IT, but in a controlled and tactical manner. This page gathers resources about the role of containers in data centers and the implications that container adoption will have for data center operators.
  • Containers and VirtualizationAs virtualization continues to increase in importance, containers will increasingly take center stage. This page gathers resources about running containers on virtual machines.
  • Containers and Serverless ComputingServerless computing is a cloud computing execution model in which the cloud provider dynamically manages the allocation of machine resources. This page gathers resources about containers and serverless computing, the benefits and disadvantages of each one and their impact on application deployment.
  • Containers and HyperconvergenceHyperconvergence is an IT framework that combines storage, computing and networking into a single system in an effort to reduce data center complexity and increase scalability. This page gathers resources about how the combination of containers and hyperconvergence can help IT to achieve greater efficiency at all layers.
  • Containers and Big DataUntil a short while ago, data analysts concentrated on algorithms, and containers were merely there to help. However in the era of Big Data, the choice of data containers is critical. This page gathers resources about how can containers contribute to improving Big Data.

Containers Ops

Container Security Management

Securing containers requires a different approach. Since containers run on a shared host and typically use multiple components to deliver a complete solution, there are many considerations that are required to secure container environment. This page gathers resources about managing security in containers including security considerations, security best practices and more.

Container Deployment

Container-based deployments have become the preferred approach for managing the build and release of complex applications. Popular container technologies such as Docker enable developer velocity by providing a robust environment closely resembling production that can be constructed in minutes. This page gathers resources about container-based deployments, including overviews, tutorials and more.

Container Monitoring

Container monitoring is the activity of monitoring the performance of microservice containers in different environments. Monitoring is the first step towards optimizing and improving performance. This page gathers resources about the container monitoring process, tools and important metrics to watch during the process.

Container Automation

Software development groups realize that the only way they can make the development and tooling processes work at scale is by automating as much as possible to reduce the scope of manual process. This page gathers resources about how containers integrate in different aspects of automation like automated builds, automated tests and more.

Container Multitenancy

Multi-tenancy is an architecture in which a single instance of a software application serves multiple customers. Each customer is called a tenant. This page gathers resources about the importance of multitenancy in containerize apps delivery.

Container Backup and Disaster Recovery

Containers are like any other data source that needs to be protected. As your organization comes to rely on Docker containerization technology for critical IT functions, you need to ensure appropriate safeguards are in place to minimize disruptions to your business operations. This page gathers resources about container backup and disaster recovery methods, tools and guides on how to set it up.

Prometheus Monitoring

Prometheus is a systems and service monitoring system. It collects metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some condition is observed to be true. This Page gathers resources about Prometheus’ architecture, pros and cons, Installing Prometheus and more.


Docker Containers

Docker 101

If you're getting started with Docker, or want to go in depth, we have you covered with comprehensive reviews of the most important topics concerning Docker engineers.

  • Docker Containers vs. Virtual MachinesDocker containers provide many capabilities of VMs, with added advantages. In this page, we define Docker, provide a Docker vs. VMs/Docker vs. VMware comparison, and more.
  • 100 Best Docker TutorialsLearn everything about Docker in this mega compilation of tutorials from the very basics to advanced topics like Docker Swarm, running and using databases in Docker, Docker and data science and more.
  • Docker ArchitectureLearn about components making up Docker architecture.
  • Docker Registries 101Learn Docker Registry concepts and basic usage, and go in depth with tutorials and videos from the community.
  • Docker Images 101Learn about Docker images, running images, image registries, common docker image operations, best practices, and more.
  • Docker Security - Risks, Benefits and 8 Best PracticesLearn about unique security risks affecting Docker users, and 8 security best practices from Aqua's container security experts.
  • Docker ToolsLearn about Docker alternatives, how each alternative differs from Docker, and discover the road ahead for Docker alternatives.
  • Docker Alternatives - Rkt, LXD, OpenVZ, Linux VServer, Windows ContainersLearn about Docker alternatives, how each alternative differs from Docker, and discover the road ahead for Docker alternatives.
  • Docker Swarm 101Learn Docker Swarm concepts, architecture and basic usage, and go in depth with tutorials and videos from the community.
  • Docker vs. Kubernetes - 8 Industry OpinionsDocker Swarm and Kubernetes are two popular choices for container orchestration. We collected 8 industry opinions on which orchestration tool is better and which is more useful for different use cases.
  • Docker Networking 101Learn about Docker network types, how containers communicate, common networking operations, and more.
  • Docker in the CloudLearn about alternatives for running Docker in the cloud: Docker Cloud, AWS, AKS, and GKE.
  • Docker in ProductionLearn about running Docker in a production environment: strategies for scaling up, selecting a cloud-host vendor, orchestrating multiple clusters of containers, and more.
  • Docker DeploymentLearn about using deploying Docker: microservices architecture, orchestration tools such as Kubernetes, Service Mesh for networking, security concerns, and more.

Basic Docker Operations

Resources about the basic docker operations such as running docker containers, working with dockerfiles, creating and sharing docker images, storing data within containers and more.

  • Docker Image RepositoriesA Docker Image repository is a place where Docker Images are actually stored, compared to the image registry which is a collection of pointers to this images. This page gathers resources about public repositories like the Docker hub and private repositories and how to set up and manage Docker repositories.
  • Working With DockerfilesThe Dockerfile is essentially the build instructions to build the Docker image. The advantage of a Dockerfile over just storing the binary image is that the automatic builds will ensure you have the latest version available. This page gathers resources about working with Dockerfiles including best practices, Dockerfile commands, how to create Docker images with a Dockerfile and more.
  • Running Docker ContainersAll docker containers run one main process. After that process is complete the container stops running. This page gathers resources about how to run docker containers on different operating systems, including useful docker commands.
  • Working With Docker HubDocker Hub is a cloud-based repository in which Docker users and partners create, test, store and distribute container images. Through Docker Hub, a user can access public, open source image repositories, as well as use a space to create their own private repositories, automated build functions, and work groups. This page gathers resources about Docker Hub and how to push and pull container images to and from Docker Hub.
  • Docker Container ManagementThe true power of Docker container technology lies in its ability to perform complex tasks with minimal resources. If not managed properly they will bloat, bogging down the environment and reducing the capabilities they were designed to deliver. This page gathers resources about how to effectively manage Docker, how to pick the right management tool including a list of recomended tools.
  • Storing Data Within ContainersIt is possible to store data within the writable layer of a container. Docker offers three different ways to mount data into a container from the Docker host: volumes, bind mounts, or tmpfs volumes. This page gathers resources about various to store data with containers, the downsides like the persistent storage and information on how to manage data in Docker.

Docker Administration

Resources about the Docker administrative procedures such as Docker configuration, collecting Docker metrics, Docker logging and more.

  • Docker ConfigurationAfter installing Docker and starting Docker, the dockerd daemon runs with its default configuration. This page gathers resources on how to customize the configuration, start the daemon manually, and troubleshoot and debug the daemon if run into issues.
  • Collecting Docker MetricsIn order to get as much efficiency out of Docker as possible, we need to track Docker metrics. Monitoring metrics is also important for troubleshooting problems. This page gathers resources on how to collect Docker metrics with tools like Prometheus, Grafana, InfluxDB and more.
  • Starting and Restarting Docker Containers AutomaticallyDocker provides restart policies to control whether your containers start automatically when they exit, or when Docker restarts. Restart policies ensure that linked containers are started in the correct order. This page gathers resources about how to automatically start Docker containers on boot or after server crash.
  • Managing Container ResourcesResource management for Docker containers is a huge requirement for production users. It is necessary for running multiple containers on a single host in an efficient way and to ensure that one container does not starve the others in terms of cpu, memory, io, or networking. This page gathers resources about how to improve Docker performance by managing it's resources.
  • Controlling Docker With systemdSystemd provides a standard process for controlling programs and processes on Linux hosts. One of the nice things about systemd is that it is a single command that can be used to manage almost all aspects of a process. This page gathers resources about how to use systemd with Docker daemon service.
  • Docker CLI CommandsThere are a large number of Docker client CLI commands, which provide information relating to various Docker objects on a given Docker host or Swarm cluster. Generally, this output is provided in a tabular format. This page gathers resources about how the Docker CLI Work, CLI Tips and Tricks and basic Docker CLI commands.
  • Docker LoggingLogs tell the full story of what is happening, or what happened at every layer of the stack. Whether it’s the application layer, the networking layer, the infrastructure layer, or storage, logs have all the answers. This page gathers resources about working with Docker logs, how to manage and implement Docker logs and more.
  • Troubleshooting Docker EngineDocker makes everything easier. But even with the easiest platforms, sometimes you run into problems. This page gathers resources about  how to diagnose and troubleshoot problems, send logs, and communicate with the Docker Engine.
  • Docker Orchestration - Tools and OptionsTo get the full benefit of Docker containers, you need software to move containers around in response to auto-scaling events, a failure of the backing host, and deployment updates. This is container orchestration. This page gathers resources about Docker orchestration tools, fundamentals and best practices.

Docker Security Resources

Resources about the the basic security considerations of running an application within a Docker container, including security best practices, Docker trusted images, isolating Docker containers and more.

  • Docker Security BasicsDocker offers a lot of advantages, simplifying both development and production environments, but there is still uncertainty around the security of containers. This page gathers resources about the Docker Security model, its limitations, and how to maximize Docker's security.
  • Docker Repository Security and CertificatesDocker runs via a non-networked Unix socket and TLS must be enabled in order to have the Docker client and the daemon communicate securely over HTTPS. This page gathers resources about how to ensure the traffic between the Docker registry and the Docker daemon is encrypted and a properly authenticated using certificate-based client-server authentication.
  • Docker Trusted Image RegistryDocker Trusted Registry (DTR) is the enterprise-grade image storage solution from Docker. It is installed behind a firewall so that Docker images can be securely stored and managed. This page gathers resources about the benefits of Docker trusted registry and how to work with it.
  • Docker AppArmor Security ProfilesAppArmor (Application Armor) is a Linux security module that protects an operating system and its applications from security threats. To use it, a system administrator associates an AppArmor security profile with each program. Docker expects to find an AppArmor policy loaded and enforced. This page gathers resources about Docker AppArmor security profiles and how to use them to enhance container security.
  • Isolating Docker ContainersDocker container technology increases the default security by creating isolation layers between applications and between the application and host and reducing the host surface area which protects both the host and the co-located containers by restricting access to the host.

Docker OS Interaction

Resources about the interaction between Docker and legacy operating systems such as Windows, Linux, Mac and more.

  • Docker on WindowsThere is a general misconception of Windows' support for containers, generally characterized as support for Docker running in Linux VMs. That's not true, Windows has its own container technologies, building on Docker but giving it a uniquely Microsoft spin. This page gathers resources about Docker on Windows native app and more. 
  • Docker on UbuntuUbuntu is a complete Linux operating system, freely available with both community and professional support. This Page gathers resources about the installation and basic usage of Docker on Ubuntu.
  • Docker on MacThis page gathers resources about Docker for Mac - a complete development environment deeply integrated with the MacOS Hypervisor framework, networking and filesystem. Docker for Mac is the fastest and most reliable way to run Docker on Mac.
  • Docker on AlpineDocker is heavily using Alpine as a base image for official Docker images, every official Docker image has a tag for Alpine. This page gathers resources about the benefits of using Alpine over Ubuntu, tutorials on installing and running Docker in Alpine and more.
  • Docker on DebianDebian is a popular and freely-available computer operating system that uses the Linux kernel and other program components obtained from the GNU project. This page gathers resources on how to install and use Docker on Debian.

Docker With Other Tools

Resources about using Docker containers with tools, services and environments like NGINX, Jenkins, PosgreSQL, ElasticSearch and more.

  • Using Docker with NGINXNGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. This page gathers resources about how to load balance dockerized applications and how to use NGINX as a reverse proxy to Docker applications.
  • Using Docker with JenkinsJenkins is one of the most popular, if not the most popular, continuous integration and continuous deployment tool available. This process could become even more efficient using Docker and containers. This page gathers resources on why Docker is a good option when it comes to continuous deployment with Jenkins.
  • Using Docker with ElasticSearchElasticsearch is a powerful open source search and analytics engine that makes data easy to explore. This page gathers resources about how to use Docker with ElasticSearch, Kibana and Logstash for monitoring, log analysis and more.
  • Using Docker with MongoDBMongoDB is a free and open-source cross-platform document-oriented database program. This page gathers resources about the challenges in running and orchestrating MongoDB in Docker containers,  running MongoDB as a replica set in Docker and more.
  • Using Docker with PosgreSQLPostgres, is an object-relational database management system with an emphasis on extensibility and standards compliance. This page gathers resources on some basic performance metrics for PostgreSQL when they are run as containers.
  • Using Docker with PythonPython packaging is awkward and confusing. Docker is a collection of various Linux features - namespaces, cgroups, union file-system - put together in such a way that you can package and distribute software in a language-agnostic container. Docker is a great way to skirt the pain of Python packaging.
  • Docker vs. VagrantVagrant is a tool focused on providing a consistent development environment workflow across multiple operation systems. Docker is a container management that can consistently run software as long as a containerization system exists. This page compares their features, pros and cons to see which is better and if they can work together.

Docker API

Docker provides an API for interacting with the Docker daemon (called the Docker Engine API), as well as SDKs for Go and Python. This page gathers resources about the Docker remote API, using the Docker API in different environments like Python, Node.js and Java.

Docker Compose

Docker Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.

Container Security

Container Security Best Practices

When containerization is implemented with good security practices, containers can offer better application security rather than a VM only solution. This page gathers resources about basic tips and best practices as to how to secure containers.

Containers for DevSecOps

DevSecOps is an extension of the DevOps concept that emphasizes the integration of security teams into continuous delivery workflows. This page gathers resources about how DevSecOps makes for a more efficient and secure containers. 

Container Vulnerabilities and Threats

While containers are driving evolution in the management of network applications, which, although self-contained, are still vulnerable. This page gathers resources about container vulnerabilities like 'Dirty Cow' and 'Escape Vulnerability' including tips on how to secure containers from cyber threats.

Container Vulnerability Scanning

A big part of any organization’s risk assessment process is to be aware of and gain visibility into vulnerabilities in the software being used. This page gathers resources about the the importance of container vulnerability scanning including Docker vulnerability scanning and information on various vulnerability scanners.

Container Secrets Management

In computing as in real life, a secret is information you want kept private, outside of the people and systems you want or need to share it with. In the application security realm, common examples of secrets are passwords, tokens, and private keys. This page gathers resources about managing secrets in containers including Docker containers, Amazon Elastic Container Service, Kubernetes and more.

Container Access Control

The wide adoption of containers and the ability to retrieve images from different sources impose strict security constraints. Containers leverage Linux kernel security facilities, such as namespaces, cgroups and Mandatory Access Control. This page gathers resources about container access control - deciding and enforcing who gets access to which container resources.

Container Audits and Compliance

Security and compliance are top of mind for IT organizations. In a technology-first era rife with cyber threats, it is important for enterprises to have the ability to deploy applications on a platform that adheres to stringent security baselines. This page gathers resources about audits and compliance of containers and their relationship to security.

The Shift Left Principle and DevOps

The move to Agile and DevSecOps development processes has fostered a lot of attention on the need to shift security testing left in the development cycle. Moving security testing into the realm of the developer makes security testing faster, easier, more effective and less expensive. The page gathers resources about how shifting left improves DevOps and security.

Application Whitelisting

Whitelisting is the practice of specifying an index of approved applications that are permitted to be present and active. There are several characteristics of containers that lend themselves to intent-based security, which, in effect, is whitelisting. This page gathers resources about whitelisting in Kubertenes and other platforms.

Container Community and Events

Container Platforms

Containers and Cloud Computing

Containers changed the adoption of public and private clouds. With a container image, a common package format can be run on premises as well as on every major cloud provider. This page gathers resources about how containers changed the world of cloud computing and how to run them in the cloud.

  • Containers on AWSThis page gathers resources about how to choose a container environment on AWS. AWS offers two fully managed control planes to choose between: Amazon ECS and Amazon EKS. In order to run containers on AWS you need an underlying pool of resources that the control plane can use to launch your containers. There are two options for doing this: Amazon ECS Container Instances or AWS Fargate, which is a service for running containers without needing to manage the underlying infrastructure.
    • Amazon Elastic Container ServiceAmazon Elastic Container Service (Amazon ECS) is a highly scalable, fast, container management service that makes it easy to run, stop, and manage Docker containers on a cluster. This page gathers resources about how to set up and run container images on Amazon EC2 Container Service.
    • AWS FargateAWS Fargate is a technology for Amazon ECS and EKS that allows to run containers without having to manage servers or clusters. With AWS Fargate, you no longer have to provision, configure, and scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale clusters, or optimize cluster packing. This page gathers resources about the advantages and key features of AWS Fargate.
    • Amazon EKSAmazon Elastic Container Service for Kubernetes (Amazon EKS) is a managed service that makes it easy for you to run Kubernetes Guide on AWS without needing to install, operate, and maintain your own Kubernetes clusters.
  • Containers on AzureAzure provides a lot of options to run containers in the cloud, each with their own features, pricing and complexity. You can run containers (such as Docker) on Azure in Azure Container Service, Azure Container Instances, Azure Service Fabric and Web App for Containers. This page gathers resources about all the container services of Azure and how to deploy and manage containers with these services.
    • Azure Container ServiceAzure Container Service (ACS) provided by Azure helps to simplify the management of Docker clusters for running containerized applications. ACS supports 3 Orchestrators: DC/OS with Marathon, Docker Swarm, and Kubernetes. This page gathers resources about how to deploy an orchestrator cluster in Azure Container Service.
    • Azure Container Instances - ACIAzure Container Instances makes it easy to create and manage containers in Azure, without having to provision virtual machines or adopt a higher-level service. This page gathers resources about the advantages of Azure Container Instances, including tutorials and examples.
    • Kubernetes on AzureWith Kubernetes exploding in popularity worldwide, it’s no surprise that Kubernetes usage on Azure has grown more than 10x over the last year. This page gathers resources on how to create, run and monitor Kubernetes applications on Azure.
  • Containers on Google Cloud PlatformGoogle Cloud Platform (GCP) provides multiple ways to run container workloads in the cloud depending on how much infrastructure management is desired. This page gathers resources about the different ways to run a container on Google Cloud Platform.
    • Google Container EngineGoogle Container Engine (GKE) is a management and orchestration system for Docker container  and container clusters that run within Google's public cloud services. Google Container Engine is based on Kubernetes, Google's open source container management system. This page gathers resources about how to get started and run containers on GKE.
  • IBM Cloud Container ServiceIBM Cloud Container Service provides a native Kubernetes Guide experience that is secure and easy to use. The service removes the distractions that are related to managing your clusters and extends the power of your apps with IBM Watson and other cloud services by binding them with Kubernetes secrets. It applies pervasive security intelligence to your entire DevOps pipeline by automatically scanning Docker images for vulnerabilities and malware.
  • Docker on OpenStackOne of the key features of the OpenStack platform is the ability to run applications, and quickly scale them, using containers. OpenStack is an ideal platform for containers because it provides all of the resources and services for containers to run in a distributed, massively scalable cloud infrastructure.
  • OpenStack vs. KubernetesContainers can be aligned with OpenStack, providing infrastructure, allowing them to share networking and storage with other types of computer resources in rich environments. This page gathers resources about the differences of using OpenStack vs. Kubernetes.
  • Container as a ServiceContainers as a service (CaaS) is a cloud service that allows software developers to upload, organize, run, scale, manage and stop containers by using a provider's API calls or a web portal interface. This page gathers resources about the advantages of CaaS over Paas and a comparison of different CaaS providers.
  • Cloud-Native ApplicationsCloud-native is an approach to building and running applications that exploits the advantages of the cloud computing delivery model. Organizations require a platform for building and operating cloud-native applications and services that automates and integrates the concepts of DevOps, continuous delivery, microservices, and containers. This page gathers resources about the cloud-native basic concepts, architecture and how to develop cloud-native apps.
  • Cloud Native SecurityBusinesses are increasingly reliant on cloud-native applications despite the strong, broad perception that use of the cloud will drive security risks. This page gathers resources about the security gaps of cloud-native applications and which issues are top of mind?
  • Cloud Native Computing FoundationThe Cloud Native Computing Foundation builds sustainable ecosystems and fosters a community around a constellation of high-quality projects that orchestrate containers as part of a microservices architecture.
  • Cloud Workload ProtectionA cloud workload is a discrete capability or amount of work you’d like to run on a Cloud instance. It can be a web server or a container. Cloud Workload Protection mitigates container security risks, so you get the full benefit of the business agility and operational efficiencies they offer. This page gathers resources about workload protection in AWS, Azure and other cloud platforms.

Container Operating Systems

Since containers package so many of the libraries and subsystems that once were part of the operating system into the container, there’s increasingly less need for traditional server operating systems. In their place have sprung up a bevy of lightweight operating systems that significantly reduce the footprint of the operating system. This page gathers resources about lightweight container operating systems such as CoreOS, Rancher OS, Atomic and more.

Pivotal Cloud Foundry Containers

Running containers at enterprise scale is complex. Cloud Foundry enables enterprises to reap the benefits of containers, support cloud architectures and continue to build a DevOps culture.

Multi-Cloud Strategy

Multi-cloud is the use of multiple cloud computing and storage services in a single heterogeneous architecture. This page gathers resources about the benefits, challenges and best practices of multi-cloud adoption.

Other Container Engines

Containerd

Containerd is an industry-standard core container runtime with an emphasis on simplicity, robustness and portability. This page gathers resources about containerd basics, how to use it and a comparison to other platforms.

CRI-O

CRI-O, a lightweight alternative to using Docker, allows you to run containers directly from Kubernetes, without any unnecessary code or tooling. This page gathers resources about running CRI-O on Kubernetes and a comparison between CRI-O and Containerd.

RunC

runC, a lightweight universal container runtime, is a command-line tool for spawning and running containers according to the Open Container Initiative (OCI) specification.  This page gathers resources about managing containers in runC.

Other Container Orchestrators

Kubernetes vs Mesos vs Swarm

Kubernetes, Docker Swarm, and Apache Mesos are 3 modern choices for container and data center orchestration. Mesos is more ambitious, as Kubernetes equates to just a single node of Mesos’ entire solution.

Red Hat Openshift

OpenShift is an open source container application platform by Red Hat based on top of Docker containers and the Kubernetes container cluster manager for enterprise app development and deployment. This page gathers resources about the benefits of OpenShift, different types of deployments in AWS and Azure and more.

  • No labels