Docker in Action, Second Edition
Jeff Nickoloff and Stephen Kuenzli
  • MEAP began June 2018
  • Publication in August 2019 (estimated)
  • ISBN 9781617294761
  • 350 pages (estimated)
  • printed in black & white
free previous edition included

A great book for those looking to get started with, or expand their use of, Docker.

Paul Brown
Even small applications have dozens of components. Large applications may have thousands, which makes them challenging to install, maintain, and remove. Docker bundles all application components into a package called a container that keeps things tidy and helps manage any dependencies on other applications or infrastructure. Used by everyone from small start-ups to eBay and Lyft, Docker has changed development for the better. If you’re looking to join the container revolution, Docker in Action, Second Edition will get you started.
Table of Contents detailed table of contents

Part 1: Process Isolation and Environment-Independent Computing

1 Welcome to Docker

1.1 What is Docker?

1.1.1 “Hello, World”

1.1.2 Containers

1.1.3 Containers are not virtualization

1.1.4 Running software in containers for isolation

1.1.5 Shipping containers

1.2 What problems does Docker solve?

1.2.1 Getting organized

1.2.2 Improving portability

1.2.3 Protecting your computer

1.3 Why is Docker important?

1.4 Where and when to use Docker

1.5 Docker in the Larger Ecosystem

1.6 Getting help with the Docker command line

1.7 Summary

2 Running software in containers

2.1 Controlling containers: building a website monitor

2.1.1 Creating and starting a new container

2.1.2 Running interactive containers

2.1.3 Listing, stopping, restarting, and viewing output of containers

2.2 Solved problems and the PID namespace

2.3 Eliminating metaconflicts: building a website farm

2.3.1 Flexible container identification

2.3.2 Container state and dependencies

2.4 Building environment-agnostic systems

2.4.1 Read-only file systems

2.4.2 Environment variable injection

2.5 Building durable containers

2.5.1 Automatically restarting containers

2.5.2 PID 1 and init systems

2.6 Cleaning up

2.7 Summary

3 Software installation simplified

3.1 Identifying software

3.1.1 What is a named repository?

3.1.2 Using tags

3.2 Finding and installing software

3.2.1 Working with Docker registries from the command line

3.2.2 Using alternative registries

3.2.3 Images as files

3.2.4 Installing from a Dockerfile

3.2.5 Docker Hub from the website

3.3 Installation files and isolation

3.3.1 Image layers in action

3.3.2 Layer relationships

3.3.3 Container file system abstraction and isolation

3.3.4 Benefits of this toolset and file system structure

3.3.5 Weaknesses of union file systems

3.4 Summary

4 Working with storage and volumes

4.1 File trees and mount points

4.2 Bind mounts

4.3 In-memory storage

4.4 Docker volumes

4.4.1 Volumes provide container-independent data management

4.4.2 Using volumes with a NoSQL database

4.5 Shared mount points and sharing files

4.5.1 Anonymous volumes and the volumes-from flag

4.6 Cleaning up volumes

4.7 Advanced storage with volume plugins

4.8 Summary

5 Single Host Networking

5.1 Networking background (for beginners)

5.1.1 Basics: protocols, interfaces, and ports

5.1.2 Bigger picture: networks, NAT, and port forwarding

5.2 Docker container networking

5.2.1 Creating a user-defined bridge network

5.2.2 Exploring a bridge network

5.2.3 Beyond bridge networks

5.3 Special container networks: host and none

5.4 Handling inbound traffic with NodePort publishing

5.5 Container Networking Caveats and Customizations

5.5.1 No firewalls or network policies

5.5.2 Custom DNS configuration

5.5.3 Externalizing network management

5.6 Summary

6 Limiting risk with resource controls

6.1 Resource allowances

6.1.1 Memory limits

6.1.2 CPU

6.1.3 Access to devices

6.2 Shared memory

6.2.1 Sharing IPC primitives between containers

6.3 Understanding users

6.3.1 Working with the run-as user

6.3.2 Users and volumes

6.3.3 Introduction to the Linux user namespace and uid remapping

6.4 Adjusting OS feature access with capabilities

6.5 Running a container with full privileges

6.6 Stronger containers with enhanced tools

6.6.1 Specifying additional security options

6.7 Build use-case-appropriate containers

6.7.1 Applications

6.7.2 High-level system services

6.7.3 Low-level system services

6.8 Summary

Part 2: Packaging Software for Distribution

7 Packaging software in images

7.1 Building Docker images from a container

7.1.1 Packaging Hello World

7.1.2 Preparing packaging for Git

7.1.3 Reviewing file system changes

7.1.4 Committing a new image

7.1.5 Configurable image attributes

7.2 Going deep on Docker images and layers

7.2.1 An exploration of union file systems

7.2.2 Reintroducing images, layers, repositories, and tags

7.2.3 Managing image size and layer limits

7.3 Exporting and importing flat file systems

7.4 Versioning best practices

7.5 Summary

8 Building images automatically with Dockerfiles

8.1 Packaging Git with a Dockerfile

8.2 A Dockerfile primer

8.2.1 Metadata instructions

8.2.2 File system instructions

8.3 Injecting downstream build-time behavior

8.4 Creating maintainable Dockerfiles

8.5 Using startup scripts and multiprocess containers

8.5.1 Environmental preconditions validation

8.5.2 Initialization processes

8.5.3 The Purpose and Use of Health Checks

8.6 Building hardened application images

8.6.1 Content addressable image identifiers

8.6.2 User permissions

8.6.3 SUID and SGID permissions

8.7 Summary

9 Public and private software distribution

9.1 Choosing a distribution method

9.1.1 A distribution spectrum

9.1.2 Selection criteria

9.2 Publishing with hosted registries

9.2.1 Publishing with public repositories: Hello World via Docker Hub

9.2.2 Private hosted repositories

9.3 Introducing private registries

9.3.1 Using the registry image

9.3.2 Consuming images from your registry

9.4 Manual image publishing and distribution

9.4.1 A sample distribution infrastructure using the File Transfer Protocol

9.5 Image source distribution workflows

9.5.1 Distributing a project with Dockerfile on GitHub

9.6 Summary

10 Image Pipelines

10.1 Goals of an image build pipeline

10.2 Patterns for building images

10.2.1 All-in-one images

10.2.2 Separate build and runtime images

10.2.3 Create variations of application runtime image using multi-stage builds

10.3 Record metadata at image build time

10.3.1 Orchestrating the build with make

10.4 Testing images in a build pipeline

10.5 Patterns for tagging images

10.5.1 Background

10.5.2 Continuous Delivery with Unique Tags

10.5.3 Configuration image per deployment stage

10.5.4 Semantic Versioning

10.6 Summary

Part 3: Higher-Level Abstractions and Orchestration

11 Services with Docker and Compose

11.1 A Service "Hello, World!"

11.1.1 Automated resurrection and replication

11.1.2 Automated Rollout

11.1.3 Service health and rollback

11.2 Declarative Service Environments with Compose V3

11.2.1 A YAML Primer

11.2.2 Collections of Services with Compose V3

11.3 Stateful services and preserving data

11.4 Load balancing, service discovery, and networks with Compose

11.5 Summary

12 First-Class Configuration Abstractions

12.1 Configuration Distribution and Management

12.1.1 Application configuration lifecycles

12.2 Separating Application & Configuration

12.2.1 The Config Resource

12.2.2 Deploy the application

12.2.3 Managing Config Resources Directly

12.3 Secrets - A special kind of Configuration

12.3.1 Using Docker Secrets

12.4 Summary

13 Orchestrate Services on a Cluster of Docker Hosts with Swarm


Appendix A: Clusters with Docker Machine and Swarm v1

About the Technology

The idea behind Docker is simple. Create a tiny virtual environment called a container that holds just your application and its dependencies. The Docker engine uses the host operating system to keep track of your containers. Applications running inside containers share resources, making their footprints small. They are easy to install, manage, and remove.

About the book

Docker in Action, Second Edition teaches you the skills and knowledge you need to create, deploy, and manage applications hosted in Docker containers. This bestseller has been fully updated with new examples, best practices, and entirely new chapters. You’ll start with a clear explanation of the Docker model and learn how to package applications in containers, including techniques for testing and distributing applications. You’ll also learn how to run programs securely and how to manage shared resources. Using carefully designed examples, the book teaches you how to orchestrate containers and applications from installation to removal. Along the way, you'll discover techniques for using Docker on systems ranging from dev-and-test machines to full-scale cloud deployments.

What's inside

  • How to run software in containers
  • Features of the container lifecycle
  • Packaging your software for deployment
  • Distributing and deploying containerized applications

About the reader

Written for developers with experience working with Linux. No prior knowledge or experience of Docker is needed.

About the authors

Jeff Nickoloff runs Topple where he builds large scale services, writes about technology, and help people achieve their goals. Jeff’s experience includes work with numerous startups,, Limelight Networks, Arizona State University, and as a consultant for Fortune 100 companies. Stephen Kuenzli has designed, built, deployed, and operated highly-available, scalable software systems in high tech manufacturing, banking, and ecommerce systems for nearly 20 years.

Manning Early Access Program (MEAP) Read chapters as they are written, get the finished eBook as soon as it’s ready, and receive the pBook long before it's in bookstores.
MEAP combo $49.99 pBook + eBook + liveBook
includes previous edition
MEAP eBook $39.99 pdf + ePub + kindle + liveBook
includes previous edition

placing your order...

Don't refresh or navigate away from the page.

FREE domestic shipping on three or more pBooks