Hybrid Cloud Hosting Blog

Top Tips for Supercharging Docker Containers

Feb 16

Posted February 29, 2016 by  Tim Pat Dufficy

Docker Containerisation Tips

Docker containers can give your applications a competitive edge, and these tips will help you get the most out of them.

There’s little doubt that containerisation is still a hot topic for SaaS and ISV hosting, and will continue to trend in 2016.

Platforms such as Docker give development teams an agile edge and operations teams that all-important control, while ensuring portability for applications across diverse infrastructure offerings. Ease of use is not the only issue - speed-to-market can be a source of significant competitive advantage in the early stages of a new product lifecycle.

Download our introduction to containerisation here for a comprehensive look at  this approach to virtualisation

Docker is probably the best known name in the container industry, pioneering Containerisation as a Service (CaaS). We’ve put together these tips on how to supercharge your experience with Docker to help you get ready to deploy.

Explore and Use Existing Resources

Docker has an extensive and expanding selection of curated official repositories, which all come with detailed guides for use, and comments for user feedback. The selection includes essential base OS repositories such as ubuntu and centOS that provide a starting point for most users, and set the standard for best practice.

When Docker release a new feature, they’ll update their documentation and, in some cases, even create a sandbox environment for you to test and configure features without impacting your production images.

The Docker community has forums, as well as meetups across the UK, to help you get the most out of the platform and its network of users.

Ensure Security

As with almost any platform, security is a vital consideration for Docker users and ensuring that it is effective can protect you from attacks that could cripple your application or even organisation. The same flexibility that allows organisations to execute multiple instances can mean that different containers have different levels of security. David Linthicum argues that IT should prioritise securing Docker for its organisation. Docker daemon requires root privileges, which can seem alarming to IT professionals, but an equally serious concern is the fact that the differences between containerisation and virtualisation are not always fully understood. Container solutions such as Docker are not as good at group management of multiple containers, meaning that containers are isolated, and IT pros need to consider their security in a similar way to other distributed systems.

Luckily there are tools that can help, such as Docker Content Trust, which allows you to verify the publisher of a Docker image, simultaneously providing protection against image forgery, replay attacks and key compromise. In addition, the Center for Internet Security has released a Docker benchmark which covers over 80 best practices for deploying Docker containers securely.

Keep things simple and consistent

Ultimately, getting the most out of your Docker set-up will come down to planning. As with almost any customisable toolset, it can be all too easy to overcomplicate your own workflows. Planning your use of tags, layers and packages will help you keep a clean environment.

To ensure scalability, it’s important to decompose and distribute your application into separate containers for services such as data storage, retrieval and integration. You can then link these together with the container linking feature. Of course, this will create additional complexity, so again, planning is crucial. DockerIgnore can also be helpful in excluding unnecessary files and directories, with the added benefit of speeding up load times.

With their scalability, disposability and portability, it’s clear that containers have a lot to offer developers. You can find out more about how they work, as well as some of the key benefits to using them in our guide to containerisation.

Introduction to containerisation

Topics: containerisation