How to Securely Configure a Linux Host to Run Containers

This guide, as part of the Twistlock Container Security How-To Guides series, describes the concrete steps that you can follow to configure a Linux host to run Docker containers securely.

Key steps highlighted in this guide include:

  • How to start with a minimal installation of the OS and how to selectively add the services needed to run the Linux container applications
  • How to configure the host security settings to harden and protect it from unauthorized access
  • How to configure and install a Docker Engine with sensible default settings to minimize the attack surface
  • How to ensure that the host has the necessary integration with existing enterprise systems like SIEM and enterprise directories

Why we wrote this Twistlock Container Security guide:
Many DevOps and security professionals have asked us questions on how to configure a secure environment to run containers. Questions such as “how to set my server so it can run containers efficiently and securely?” “how do I configure my container images so they are robust and secure?”, “how do I ensure Kubernetes is working well with my containers?”, are fairly common across many users and companies.

We do this internally – our engineering shop is entirely DevOps and container-driven. Our developers and testers need to set up a Kubernetes cluster for our system, both for production and for testing. We went through the exercise of setting up servers and configure them to run containers in a secure fashion. Similarly, we went through the exercise of developing gold images and enforcing only those to be run on our servers, etc.
Enjoy!

Subscribe to the Developer Insider Newsletter

From the hottest programming languages to commentary on the Linux OS, get the developer and open source news and tips you need to know. Delivered Tuesdays and Thursdays

Subscribe to the Developer Insider Newsletter

From the hottest programming languages to commentary on the Linux OS, get the developer and open source news and tips you need to know. Delivered Tuesdays and Thursdays

Resource Details

Twistlock logo
Provided by:
Twistlock
Topic:
Software
Format:
PDF