Packt+ | Advance your knowledge in tech

You're reading from Learn Docker - Fundamentals of Docker 18.x Everything you need to know about containerizing your applications and running them in production

Product type Paperback

Published in Apr 2018

Publisher Packt

ISBN-13 9781788997027

Length 398 pages

Edition 1st Edition

Tools

Docker

Concepts

Containerization

Author (1):

Dr. Gabriel N. Schenker

View More author details

Table of Contents (21) Chapters

Title Page

Packt Upsell

Contributors

Preface

1. What Are Containers and Why Should I Use Them? FREE CHAPTER

2. Setting up a Working Environment

3. Working with Containers

4. Creating and Managing Container Images

5. Data Volumes and System Management

6. Distributed Application Architecture

7. Single-Host Networking

8. Docker Compose

9. Orchestrators

10. Introduction to Docker Swarm

11. Zero Downtime Deployments and Secrets

12. Introduction to Kubernetes

13. Deploying, Updating, and Securing an Application with Kubernetes

14. Running a Containerized App in the Cloud

1. Assessment

2. Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Secrets

Secrets are used to work with confidential data in a secure way. Swarm secrets are secure at rest and in transit. That is, when a new secret is created on a manager node, and it can only be created on a manager node, its value is encrypted and stored in the raft consensus storage. This is why it is secure at rest. If a service gets a secret assigned to it, then the manager reads the secret from storage, decrypts it, and forwards it to all the containers who are instances of the Swarm service that requests the secret. Since the node-to-node communication in swarm is using mutual transport layer security (TLS), the secret value, although decrypted, is still secure in transit. The manager forwards the secret only to the worker nodes on which a service instance is running. Secrets are then mounted as files into the target container. Each secret corresponds to a file. The name of the secret will be the name of the file inside the container, and the value of the secret is the content of...