Strictly from the perspective of security – had these questions: Which is better, running Docker on a VM or running or an actual machine? Are there security risks when running on a VM that are not present when running on actual, real hardware? Does the OS of the VM or actual hardware matter with respect […]
I am using Docker to add mongodb 2.6.5 to a host that already had 2.4.9 installed and I am sharing the data directory. When I run the 2.6.5 (in container) I get permission issues apparently due to changes in 2.6: http://docs.mongodb.org/manual/tutorial/add-user-to-database/ But when I try to add a user with role roleAdminAnyDatabase I get “No […]
If I add my private SSH key to my Docker image, how can I hide it without leaving the trace, so no one (except me) can access it?
I’m trying to identify the most efficient and quickest way to scan multiple Docker images in my environment to determine if specific directory structures exist with each image. Obviously I can exec into each image on an individual basis and manually check but I’m looking to automate this process. I cannot think of a way […]
I am running several docker containers for a very small web app: nginx, node, and redis. These containers are all linked together using the legacy methods (not a network) with the pattern nginx –proxies-> node –uses-> redis My nginx proxy is set up to use HTTPS but my node server (using hapi.js) is not. Is […]
So when you docker pull an image, it by default looks to the Docker Hub registry to find the image. Is there any way that I can make it so when I docker pull, it by default looks into my private registry?
Most of the doubt/risk concerning docker I can read on internet concern the potential isolation security. On the docker documentation, I understand their is two things to take care of: The docker daemon needs root it self. This means that anyone with access to the daemon could potentially mess with the whole system. While I […]
I am planning on installing Linux on a high end PC with a GPU in my lab, with the intention of allowing students and other researchers to run Docker containers when they need a bit of extra performance. I do not want each of these users to have root access (which, as far as I […]
I try to create a Docker Image running the “Hadoop Distributed File System” as a non-privileged user. But I fail so far to build such an image. In general it is recommended to use non-privileged users inside a docker container. Normally I do this by creating a new user in my dockerfile like this: RUN […]
I am developing a set of RESTful APIs for providing some data analytics. When calling the API, the client will also be able to pass script functions as additional parameters (and the functions will be executed during the analytics pipeline). The data itself will be retrieved from various sources such as Amazon S3, The client’s […]