下载示例代码

  • 示例代码下载(flask + redis healthcheck) [本节源码](https://dockertips.readthedocs.io/en/latest/_downloads/529c888c2faf46a0906548ed7510d12b/compose-healthcheck-redis.zip)

    解压后创建.evn文件

    1. [vagrant@swarm-manager ~]$ sudo unzip compose-healthcheck-redis.zip
    2. Archive:  compose-healthcheck-redis.zip
    3.  creating: compose-healthcheck-redis/
    4. inflating: compose-healthcheck-redis/.dockerignore
    5. extracting: compose-healthcheck-redis/.env
    6. extracting: compose-healthcheck-redis/.gitignore
    7. inflating: compose-healthcheck-redis/docker-compose.yml
    8.  creating: compose-healthcheck-redis/flask/
    9. inflating: compose-healthcheck-redis/flask/app.py
    10. inflating: compose-healthcheck-redis/flask/Dockerfile
    11.  creating: compose-healthcheck-redis/nginx/
    12. inflating: compose-healthcheck-redis/nginx/nginx.conf
    13. inflating: compose-healthcheck-redis/README.md
    14. [vagrant@swarm-manager compose-healthcheck-redis]$ more .env
    15. REDIS_PASSWORD=ABC123

    构建镜像并启动

    1. docker-compose pull
    2. docker-compose up -d

    二、容器安全-Docker运行环境检查 - 图1

    Docker 配置扫描

  • Docker Bench for Security
    https://github.com/docker/docker-bench-security
    将安全软件clone到服务器然后运行sudo ./docker-bench-security.sh即可扫描docker环境
    二、容器安全-Docker运行环境检查 - 图2
    二、容器安全-Docker运行环境检查 - 图3