Using Docker safely

Speaker: Adrian Mouat

Abstract

From "containers don't contain" to a "systemic failure of all logic related to image security" and "[Docker] gives apps root access", we've heard a lot negativity about container security, from big players such as Red Hat and newcomers such as CoreOS who have launched their own container engine. In this talk I'll try to explain the main concerns around container security and offer some best practices and guidance for using Docker safely.

In particular, I'll look at the problems with image provenance and how to make sure your images haven't been tampered with, how Rocket handles security issues differently to Docker and how desktop Linux apps gain/lose from being bundled with Docker. I'll end with some advice and best practices for mitigating the risks of container exploits.

Slides

Biography

Adrian Mouat is Chief Scientist at Container Solutions. He is currently writing a book for O'Reilly Media entitled "Using Docker: Developing and Deploying Software with Containers". Adrian has been a professional software developer for over 10 years, working on a wide range of projects from small webapps to large data mining platforms.