Running a Container as Non-root

Be default, the root user is logged in when a container starts. Being the root in the container means you get to do anything you want to the container’s file system. There are reasons why you may not want this to happen, both from a security, and application point of view. To be a non-root user […]

Docker User Namespaces

Update: Follow this tutorial from Docker to setting up User Namespaces in Docker CE: With the default settings of Docker daemon, it is possible for a “container breakout” – this means that the container gains root privileges on the host file system. This allows the container to do things like access another user’s files, install […]

Logging for Docker

When moving from a development to production environment, it becomes important to log commands issued to Docker for auditing purposes. Some reasons for doing so are: compliance to government requirements, auditing and tracing of issues, requirement of industry standards, client/end-user requirement, and so on. Docker offers two types of logging mechanisms – Containers, and Docker daemon. […]

Dockerizing a MVC Web Application

In this post, I will explain how I recently “Dockerized” a standard MVC web application. This is more of a “how-to Dockerize” than a “why Dockerize” post. For my web application, I have a Postgres database, with PostGIS extension, running as the data store layer, a Nodejs RESTful API layer as my controller, and a […]

Docker Swarm with Cent OS 7

Recently, I have been trying to set up a Swarm Cluster with Cent OS 7. However, I met with some connectivity issues between the Swarm Manager and the Consul service discovery container. Using docker logs on the Swarm Manager, I got the following error: level=error msg=”Discovery error: Get dial tcp getsockopt: no route to host” level=error msg=”Discovery error: […]