Revision as of 13:36, 15 August 2020

Docker Repositories

Setting up a DTR or Docker Hub?

Single User vs Organization?

Layout of a Docker-enabled Project

Base/Composed Images

Which ones we can use? Which repos/organizations do we trust?

Dockerfile

Use Metadata Labels

Define the Maintainers

Which Users inside the Image

Define the App Name

Define the WORKDIR

Use COPY instead of ADD

Sensitive Information

Never add passwords, hostnames, externals paths, tokens, and keys into images. Use a .dockerignore file to avoid a hazardous COPY instruction, which pulls in sensitive information from the build context.

Minimize the Image Size

Build the Image

Tags/SHAs

Use fixed tags for immutability.

Automate

Push

Test the Images

Document How to launch the Containers

Maintain the Images

Find, Fix and Monitor for Image Vulnerabilities

Scheduled (Monthly) Patching

@@ Line 1: / Line 1: @@
 = Docker Repositories =
 Setting up a DTR or Docker Hub?
+* https://hub.docker.com/u/gcube
+* https://hub.docker.com/u/d4science
 Single User vs Organization?
 = Layout of a Docker-enabled Project =
-= Dockerfile =
+= Base/Composed Images =
-== Where to keep the Dockerfile ==
-== Base/Composed Images ==
 Which ones we can use? Which repos/organizations do we trust?
+= Dockerfile =
 == Use Metadata Labels ==
@@ Line 31: / Line 33: @@
 = Build the Image =
-== Tags ==
+== Tags/SHAs ==
 Use fixed tags for immutability.
@@ Line 42: / Line 44: @@
 = Document How to launch the Containers =
-= Find, Fix and Monitor for Image Vulnerabilities =
+= Maintain the Images =
+== Find, Fix and Monitor for Image Vulnerabilities ==
+== Scheduled (Monthly) Patching ==

Difference between revisions of "Docker Best Practices"

Revision as of 13:36, 15 August 2020

Contents