Collaborating Authors

Deploying Machine Learning Models โ€“ pt. 2: Docker & TensorFlow Serving


To install Docker follow instructions provided on this page. Docker comes with the UI, which we will not consider in this article. We utilize only docker CLI, which comes with this installation as well. There are three important Docker components that you should be aware of: Docker container Image, Dockerfile and Docker Engine. Docker container image is a lightweight file-system that includes everything that the application needs to run.

The Top 20 Essential Docker Container Security Practices


Docker security has been long associated with containerization and the fundamental requirements for building new secure container-based applications stemming from Docker security are still applied to newer platforms today. This guide will provide the 20 essential Docker/container security practices to help users build their own secure containers. To reduce weaknesses within a Docker run environment, both the Docker Engine and the underlying host operating system running Docker must be updated regularly. The Docker client communicates with the Docker daemon through a local UNIX socket โ€“ /var/run/docker.sock. It is owned by the root user, but if it is exposed then anyone who accesses it will have permissions equivalent to root access to the host.

Exposed Docker hosts can be exploited for cryptojacking attacks


Researchers have uncovered thousands of Docker containers exposed online and ripe for attack for the purposes of illicit cryptocurrency mining. Docker containers are forms of virtualization technology which can be used to package up code and dependencies for use across different computing environments and operating systems. As containers can be used to streamline IT environments and app testing lifecycles, their use has increased in recent years, with an estimated 3.5 million applications now being used in container environments across the enterprise. It is possible to interact with Docker via terminals or remote application programming interfaces (APIs). However, if these control mechanisms are exposed, this can lead to the compromise of the container and potentially the applications contained within.

Podman and Buildah for Docker users - Red Hat Developer


I was asked recently on Twitter to better explain Podman and Buildah for someone familiar with Docker. Though there are many blogs and tutorials out there, which I will list later, we in the community have not centralized an explanation of how Docker users move from Docker to Podman and Buildah. Also what role does Buildah play? Is Podman deficient in some way that we need both Podman and Buildah to replace Docker? This article answers those questions and shows how to migrate to Podman.

How to Check If the Docker Daemon or a Container Is Running


Docker uses a daemon-based architecture where the CLI connects to a long-lived process running separately on your machine or a remote host. CLI commands won't work and your containers will usually go offline if the daemon stops. Here's how to check whether Docker's daemon is up so you can diagnose issues with containers and the docker command. When the daemon's not running, you'll see a "can't connect to Docker daemon" message each time you use the docker CLI. You can check Docker's status with systemctl on distributions that use Systemd for service management.