Docker is an awesome technology, and it’s prevalent in nearly every software developer’s workflow. It is useful for creating identical environments and sharing them between development, testing, production, and others. It’s a great way to ship a reliable software environment between systems or even to customers. However, like with any technology, one must know how to be secure when using it.By default, Docker interacts with other Docker Containers via the Docker Network. Docker Compose makes it very easy to create Docker Networks and link them together – to mimic production environments where each service is isolated in its own network and only interacts via defined interfaces. For example, consider the following system:Application ADatabaseApplication APIApplication BDatabaseCache StoreApplication UIBy separating each into its own Docker Network, the systems remain isolated from each other. However, when Application B needs to talk to Application A, then the two networks must be linked together. This is achieved by telling Docker to give a network interface to the Application UI Container that also exists in the network for Application A. In this configuration, the Docker Containers involved remain as secure as the applications running within the containers. There are no ports exposed outside the Docker Networks.Now consider that the Application UI is *not* under a Docker Container, that this is entirely setup to help developers write the Application UI projects on their local system. Or consider that the system is being used to test out features. This might be done on a local laptop or desktop system, or it might even be done on a cloud server. To achieve ..
Support the originator by clicking the read the rest link below.
