Replicated With Less Privileges

When deploying a secure system it is important to ensure that each component only has access to the lowest level of privileges needed to perform its task. This concept should apply to any access in a system, including the user account and file system permissions need to spawn processes successfully.…

First Look at Docker SwarmKit

I was planning to deploy a test environment for a new application today, then the release of Docker SwarmKit came. I saw this as the perfect opportunity to spend part of the day giving SwarmKit a try. This post is a very early look at my experience installing SwarmKit on…

Announcing FROM:latest

For the past year or so, we’ve been deploying Docker containers behind the firewall and have watched Docker change and mature a lot. The ecosystem has moved crazy-fast to produce a lot of good ideas about what makes a great Dockerfile. But there’s a lot to ingest and…

Refactoring a Dockerfile for Image Size

Update Since this post, Docker has released improved support for writing complex and still maintainable Dockerfiles. Check out our blog post on multi-stage Docker builds. Original Post There’s been a welcome focus in the Docker community recently around image size. Smaller image sizes are being championed by Docker and…