Learning Docker networking : become a proficient Linux administrator by learning the art of container networking with elevated efficiency using Docker / Rajdeep Dua, Santosh Kumar Konduri, Vaibhav Kohli.

Description based on online resource; title from cover (Safari, viewed March 10, 2016).

Includes index.

Cover; Copyright; Credits; About the Authors; About the Reviewer; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Docker Networking Primer; Networking and Docker; Linux bridges; Open vSwitch; NAT; IPtables; AppArmor/SELinux; The docker0 bridge; The -- net default mode; The -- net=none mode; The -- net=container:container2 mode; The -- net=host mode; Port mapping in Docker container; Docker OVS; Unix domain socket; Linking Docker containers; Links; What's new in Docker networking?; Sandbox; Endpoint; Network; The Docker CNM model; Summary; Chapter 2: Docker Networking Internals

Configuring the IP stack for DockerIPv4 support; IPv6 support; Configuring a DNS server; Communication between containers and external networks; Restricting SSH access from one container to another; Configuring the Docker bridge; Overlay networks and underlay networks; Summary; Chapter 3: Building Your First Docker Network; Introduction to Pipework; Multiple containers over a single host; Weave your containers; Open vSwitch; Single host OVS; Creating an OVS bridge; Multiple host OVS; Networking with overlay networks -- Flannel; Summary; Chapter 4: Networking in a Docker Cluster

Docker SwarmDocker Swarm setup; Docker Swarm networking; Kubernetes; Deploying Kubernetes on AWS; Kubernetes networking and its differences to Docker networking; Deploying the Kubernetes pod; Mesosphere; Docker containers; Deploying a web app using Docker; Deploying Mesos on AWS using DCOS; Summary; Chapter 5: Security and QoS for Docker Containers; Filesystem restrictions; Read-only mount points; sysfs; procfs; /dev/pts; /sys/fs/cgroup; Copy-on-write; Linux capabilities; Securing containers in AWS ECS; Understanding Docker security I -- kernel namespaces; pid namespace; net namespace

User namespaceCreating a new user namespace; Understanding Docker security II -- cgroups; Defining cgroups; Why are cgroups required?; Creating a cgroup manually; Attaching processes to cgroups; Docker and cgroups; Using AppArmor to secure Docker containers; AppArmor and Docker; Docker security benchmark; Audit Docker daemon regularly; Create a user for the container; Do not mount sensitive host system directories on containers; Do not use privileged containers; Summary; Chapter 6: Next Generation Networking Stack for Docker: libnetwork; Goal; Design; CNM objects; Sandbox; Endpoint; Network

Network controllerCNM attributes; CNM lifecycle; Driver; Bridge driver; Overlay network driver; Using overlay network with Vagrant; Overlay network deployment Vagrant setup; Overlay network with Docker Machine and Docker Swarm; Prerequisites; Key-value store installation; Create a Swarm cluster with two nodes; Creating an overlay network; Creating containers using an overlay network; Container network interface; CNI plugin; Network configuration; IP allocation; IP address management interface; Project Calico's libnetwork driver; Summary; Index

eBooks on EBSCOhost EBSCO eBook Subscription Academic Collection - Worldwide