Docker with Dummies: Unorthodox Docker uses
What is docker/ How do i use docker?
Docker enables development teams to bite size their applications, share them with others, scale them, maintain them, etc.
One of the major argumentative points about docker is that it can be more effective than VMs when hosting applications. VMs, by nature, spin up a lot of unnecessary services when they are created/being run. In a container you can keep these to a minimum and have somewhere closer to 10+ services running, rather than 32+ on a traditional VM.
One of the other major points is that if the application experiences an error that requires the restart of the service, then you would have to restart the whole VM. With Docker you would just have to restart the container, which naturally spins up faster than a VM.
What is a container?
The technical breakdown would be that a Container is a lightweight and standalone environment that lets you stand up applications, and all necessary dependencies, in a isolated environment.
The less technical answer is that they are essentially bite size version of virtual machines. They are lighter, don't require as much overhead from the host, and instantiate a lot quick than a regular VM.
What is a docker registry?
Docker registries are basically just repositories for the images you create. They push very similarly to how you would push a git project.
The main registry (also the default) is Docker hub. Just like a regular git server, registries can be self hosted, and can even offer additional layers of protection against malicious containers.
---
The main key points that Docker tries to target are isolation, efficiency, and portability. Sticking to these key points, we will "re-engineer" a process flow, to cater to our specific use case. I can only provide examples of how to create workflows but it will be up to you to decide where docker fits into your work.
---
Before we get started, I would like to note that these containers should be treated similarly to securing VMs. When you have things running at their defaults, or as privileged users, you run the risk of container breakout into the host.
For development purposes it may be okay, especially if its a quick project, but keep that in the back of your mind while you develop these workflows.
I will also be linking some common container breakout tricks, that i will be releasing to the community, post event.
Development environments - Maldeving
Sandboxing - creating Malcore examination box
Pentesting - Removing MoTW
Blueprinting Docker files for portable tooling
Closing statements:
How can i scale this?
Next steps are experimenting with container orchestration. You can easily manage lots of containers with Kubernetes and Docker swarm. Please learn the pros and cons of both before you dive into one though.
Can you put this into an automated flow?
Ephemeral containers would allow you to add this to an automated VPS flow. Theoretically, you would be able to do something like create automated infrastructure within services like Linode and DigitalOcean. Then you can automate it so your "testing" containers spin up inside the infastructure, perform the tasks you need, return the data, then dump the infrastructure.
Need help brainstorming? Feel free to reach out! I love doing this stuff, and am more than happy to help you develop some ideas.
Additional Resources:
Last updated