Docker in Action, Second Edition
Jeff Nickoloff and Stephen Kuenzli
Foreword by Bret Fisher
  • October 2019
  • ISBN 9781617294761
  • 336 pages
  • printed in black & white
free previous edition eBook included
An eBook copy of the previous edition of this book is included at no additional cost. It will be automatically added to your Manning Bookshelf within 24 hours of purchase.

Jeff and Stephen took their battle-hardened experience and updated this already great book with new details and examples.

From the Foreword by Bret Fisher, Docker Captain and Container Consultant

Docker in Action, Second Edition teaches you the skills and knowledge you need to create, deploy, and manage applications hosted in Docker containers. This bestseller has been fully updated with new examples, best practices, and a number of entirely new chapters.

About the Technology

The idea behind Docker is simple—package just your application and its dependencies into a lightweight, isolated virtual environment called a container. Applications running inside containers are easy to install, manage, and remove. This simple idea is used in everything from creating safe, portable development environments to streamlining deployment and scaling for microservices. In short, Docker is everywhere.

About the book

Docker in Action, Second Edition teaches you to create, deploy, and manage applications hosted in Docker containers running on Linux. Fully updated, with four new chapters and revised best practices and examples, this second edition begins with a clear explanation of the Docker model. Then, you go hands-on with packaging applications, testing, installing, running programs securely, and deploying them across a cluster of hosts. With examples showing how Docker benefits the whole dev lifecycle, you’ll discover techniques for everything from dev-and-test machines to full-scale cloud deployments.

Table of Contents detailed table of contents

1 Welcome to Docker

1.1 What is Docker?

1.1.1 “Hello, World”

1.1.2 Containers

1.1.3 Containers are not virtualization

1.1.4 Running software in containers for isolation

1.1.5 Shipping containers

1.2 What problems does Docker solve?

1.2.1 Getting organized

1.2.2 Improving portability

1.2.3 Protecting your computer

1.3 Why is Docker important?

1.4 Where and when to use Docker

1.5 Docker in the Larger Ecosystem

1.6 Getting help with the Docker command line


Part 1: Process isolation and environment-independent computing

2 Running software in containers

2.1 Controlling containers: building a website monitor

2.1.1 Creating and starting a new container

2.1.2 Running interactive containers

2.1.3 Listing, stopping, restarting, and viewing output of containers

2.2 Solved problems and the PID namespace

2.3 Eliminating metaconflicts: Building a website farm

2.3.1 Flexible container identification

2.3.2 Container state and dependencies

2.4 Building environment-agnostic systems

2.4.1 Read-only file systems

2.4.2 Environment variable injection

2.5 Building durable containers

2.5.1 Automatically restarting containers

2.5.2 PID 1 and init systems

2.6 Cleaning up


3 Software installation simplified

3.1 Identifying software

3.1.1 What is a named repository?

3.1.2 Using tags

3.2 Finding and installing software

3.2.1 Working with Docker registries from the command line

3.2.2 Using alternative registries

3.2.3 Images as files

3.2.4 Installing from a Dockerfile

3.2.5 Docker Hub from the website

3.3 Installation files and isolation

3.3.1 Image layers in action

3.3.2 Layer relationships

3.3.3 Container file system abstraction and isolation

3.3.4 Benefits of this toolset and file system structure

3.3.5 Weaknesses of union file systems


4 Working with storage and volumes

4.1 File trees and mount points

4.2 Bind mounts

4.3 In-memory storage

4.4 Docker volumes

4.4.1 Volumes provide container-independent data management

4.4.2 Using volumes with a NoSQL database

4.5 Shared mount points and sharing files

4.5.1 Anonymous volumes and the volumes-from flag

4.6 Cleaning up volumes

4.7 Advanced storage with volume plugins


5 Single-host networking

5.1 Networking background (for beginners)

5.1.1 Basics: protocols, interfaces, and ports

5.1.2 Bigger picture: networks, NAT, and port forwarding

5.2 Docker container networking

5.2.1 Creating a user-defined bridge network

5.2.2 Exploring a bridge network

5.2.3 Beyond bridge networks

5.3 Special container networks: host and none

5.4 Handling inbound traffic with NodePort publishing

5.5 Container networking caveats and customizations

5.5.1 No firewalls or network policies

5.5.2 Custom DNS configuration

5.5.3 Externalizing network management


6 Limiting risk with resource controls

6.1 Setting resource allowances

6.1.1 Memory limits

6.1.2 CPU

6.1.3 Access to devices

6.2 Sharing memory

6.2.1 Sharing IPC primitives between containers

6.3 Understanding users

6.3.1 Working with the run-as user

6.3.2 Users and volumes

6.3.3 Introduction to the Linux user namespace and uid remapping

6.4 Adjusting OS feature access with capabilities

6.5 Running a container with full privileges

6.6 Strengthening containers with enhanced tools

6.6.1 Specifying additional security options

6.7 Building use-case-appropriate containers

6.7.1 Applications

6.7.2 High-level system services

6.7.3 Low-level system services


Part 2: Packaging software for distribution

7 Packaging software in images

7.1 Building Docker images from a container

7.1.1 Packaging Hello World

7.1.2 Preparing packaging for Git

7.1.3 Reviewing file system changes

7.1.4 Committing a new image

7.1.5 Configurable image attributes

7.2 Going deep on Docker images and layers

7.2.1 An exploration of union file systems

7.2.2 Reintroducing images, layers, repositories, and tags

7.2.3 Managing image size and layer limits

7.3 Exporting and importing flat filesystems

7.4 Versioning best practices


8 Building images automatically with Dockerfiles

8.1 Packaging Git with a Dockerfile

8.2 A Dockerfile primer

8.2.1 Metadata instructions

8.2.2 File system instructions

8.3 Injecting downstream build-time behavior

8.4 Creating maintainable Dockerfiles

8.5 Using startup scripts and multiprocess containers

8.5.1 Environmental preconditions validation

8.5.2 Initialization processes

8.5.3 The Purpose and Use of Health Checks

8.6 Building hardened application images

8.6.1 Content addressable image identifiers

8.6.2 User permissions

8.6.3 SUID and SGID permissions


9 Public and private software distribution

9.1 Choosing a distribution method

9.1.1 A distribution spectrum

9.1.2 Selection criteria

9.2 Publishing with hosted registries

9.2.1 Publishing with public repositories: Hello World via Docker Hub

9.2.2 Private hosted repositories

9.3 Introducing private registries

9.3.1 Using the registry image

9.3.2 Consuming images from your registry

9.4 Manual image publishing and distribution

9.4.1 A sample distribution infrastructure using the File Transfer Protocol

9.5 Image source-distribution workflows

9.5.1 Distributing a project with Dockerfile on GitHub


10 Image Pipelines

10.1 Goals of an image build pipeline

10.2 Patterns for building images

10.2.1 All-in-one images

10.2.2 Separate build and runtime images

10.2.3 Create variations of application runtime image using multi-stage builds

10.3 Record metadata at image build time

10.3.1 Orchestrating the build with make

10.4 Testing images in a build pipeline

10.5 Patterns for tagging images

10.5.1 Background

10.5.2 Continuous Delivery with Unique Tags

10.5.3 Configuration image per deployment stage

10.5.4 Semantic Versioning


Part 3: Higher-level abstractions and orchestration

11 Services with Docker and Compose

11.1 A Service “Hello, World!”

11.1.1 Automated resurrection and replication

11.1.2 Automated Rollout

11.1.3 Service health and rollback

11.2 Declarative Service Environments with Compose V3

11.2.1 A YAML Primer

11.2.2 Collections of Services with Compose V3

11.3 Stateful services and preserving data

11.4 Load balancing, service discovery, and networks with Compose


12 First-class configuration abstractions

12.1 Configuration distribution and management

12.2 Separating application and configuration

12.2.1 The Config Resource

12.2.2 Deploy the application

12.2.3 Managing Config Resources Directly

12.3 Secrets—​A special kind of configuration

12.3.1 Using Docker Secrets


13 Orchestrating services on a cluster of Docker hosts with Swarm

13.1 Clustering with Docker Swarm

13.1.1 Introducing Docker Swarm Mode

13.1.2 Deploying a Swarm Cluster

13.2 Deploying an application to a Swarm cluster

13.2.1 Introducing Docker Swarm Cluster Resource Types

13.2.2 Define an Application and its Dependencies Using Docker Services Service

13.2.3 Deploy the Application

13.3 Communicating with services running on a Swarm cluster

13.3.1 Routing Client Requests to Services Using the Swarm Routing Mesh

13.3.2 Overlay Networks

13.3.3 Discovering Services on an Overlay Network

13.3.4 Isolating Service-Service Communication with Overlay Networks

13.3.5 Load Balancing

13.4 Placing service tasks on the cluster

13.4.1 Replicated Services

13.4.2 Constraining Where Tasks Run

13.4.3 Global Services for One Task per Node

13.4.4 Deployment of Real Applications Onto Real Clusters


What's inside

  • Running software in containers
  • Packaging software for deployment
  • Securing and distributing containerized applications

About the reader

Written for developers with experience working with Linux.

About the authors

Jeff Nickoloff and Stephen Kuenzli have designed, built, deployed, and operated highly available, scalable software systems for nearly 20 years.

placing your order...

Don't refresh or navigate away from the page.
print book $29.99 $49.99 pBook + eBook + liveBook
includes previous edition eBook
Additional shipping charges may apply
Docker in Action, Second Edition (print book) added to cart
continue shopping
go to cart

eBook $31.99 $39.99 3 formats + liveBook
includes previous edition eBook
Docker in Action, Second Edition (eBook) added to cart
continue shopping
go to cart

Prices displayed in rupees will be charged in USD when you check out.
customers also reading

This book 1-hop 2-hops 3-hops

FREE domestic shipping on three or more pBooks