A fundamental component of application security is the ability to control network access, both inbound to and outbound from your applications. AWS provides EC2 security groups that provide such a capability, which you can apply on a per-network-interface basis to your EC2 instances. This mechanism works well for traditional applications that are deployed to EC2 instances, but historically has not been as effective for container applications, which often operate on shared EC2 instances that communicate via a shared host interface on the EC2 instance. For ECS, the approach until recently has been that you have two applied security groups that accommodate the network security requirements of all the containers you need to support running on a given ECS container instance, which reduces the effectiveness of your security rules, and for applications with high...
Docker on Amazon Web Services
By :
Docker on Amazon Web Services
By:
Overview of this book
Over the last few years, Docker has been the gold standard for building and distributing container applications. Amazon Web Services (AWS) is a leader in public cloud computing, and was the first to offer a managed container platform in the form of the Elastic Container Service (ECS).
Docker on Amazon Web Services starts with the basics of containers, Docker, and AWS, before teaching you how to install Docker on your local machine and establish access to your AWS account. You'll then dig deeper into the ECS, a native container management platform provided by AWS that simplifies management and operation of your Docker clusters and applications for no additional cost. Once you have got to grips with the basics, you'll solve key operational challenges, including secrets management and auto-scaling your infrastructure and applications. You'll explore alternative strategies for deploying and running your Docker applications on AWS, including Fargate and ECS Service Discovery, Elastic Beanstalk, Docker Swarm and Elastic Kubernetes Service (EKS). In addition to this, there will be a strong focus on adopting an Infrastructure as Code (IaC) approach using AWS CloudFormation.
By the end of this book, you'll not only understand how to run Docker on AWS, but also be able to build real-world, secure, and scalable container platforms in the cloud.
Table of Contents (20 chapters)
Preface
Free Chapter
Container and Docker Fundamentals
Building Applications Using Docker
Getting Started with AWS
Introduction to ECS
Publishing Docker Images Using ECR
Building Custom ECS Container Instances
Creating ECS Clusters
Deploying Applications Using ECS
Managing Secrets
Isolating Network Access
Managing ECS Infrastructure Life Cycle
ECS Auto Scaling
Continuously Delivering ECS Applications
Fargate and ECS Service Discovery
Elastic Beanstalk
Docker Swarm in AWS
Elastic Kubernetes Service
Assessments
Other Books You May Enjoy
How would like to rate this book
Customer Reviews
