Get started Bring yourself up to speed with our introductory content.

Cloud security considerations for Docker hosting

Docker hosting in the cloud is growing in popularity. Expert Dave Shackleford explains how Docker works and what security troubles enterprises should watch out for.

Docker is an open platform for distributed applications for developers and system administrators. Docker's goal...

is to quickly allow developers and platform engineering teams to put together apps from components and ease the tension between development, quality assurance and production from inconsistent application performance and functionality.

Docker is comprised of two pieces. The first is the Docker Engine, a lightweight runtime and packaging tool based on the Linux kernel that allows for isolation and kernel sharing between Docker "containers"; the second is Docker Hub, a cloud service for sharing applications and automating workflows. While there are many potential benefits of Docker for developers and administrators, there are also a number of potential security issues and risks.

In this tip, we'll look at how Docker works and what security risks it could pose for enterprises using it to develop cloud applications.

How it works

In many ways, Docker containers could help to limit exposure and improve security.

The Docker Engine is tied in many ways to classic virtualization technology -- abstracting application components, binaries and system libraries into an isolated container that shares kernel resources on the installed system with other containers and natively installed applications. Docker Engine relies on Linux Containers (LXC) that isolate assets using cgroups for resource isolation (CPU, memory, etc.) and namespace isolation to limit access to the system process tree, network, users and file system.

The cloud model for Docker -- the Docker Hub -- is a number of things: a hosted environment for Docker-enabled containers, a sharing environment for creating hybrid clouds between organizations and different application and platform builds, and also a marketplace for new components and tools designed to help organizations build and promote applications.

Security considerations

Running the Docker daemon requires root privileges on the Linux host or kernel installation. This can have some significant security consequences if poorly managed since the Docker application can be used to share underlying system resources with any containers, and can potentially allow the containers to modify files and attributes of the host OS. Under certain circumstances, a malicious user could even leverage APIs to cause Docker to create entirely new containers. Docker modified its REST API to use traditional UNIX sockets, allowing users to take advantage of standard UNIX permissions to limit access and control over Docker actions.

On the other hand, Docker recommends severely limiting privileged use within containers since many of the normal root capabilities are handled outside the containers by the Docker daemon and components. In many ways, Docker containers could help to limit exposure and improve security if permissions and privilege limitation are implemented properly.

The Docker host should also be locked down in traditional ways. Docker recommends limiting the services running, except for minimal administrative tools needed for access and management of the system. Linux hardening and mandatory access control tools like AppArmor and SELinux work well with Docker, which can help prevent excessive privileged use or illicit access from a poorly configured container.

In the Docker Hub cloud environment, many of the traditional security concerns for SaaS providers still apply. The security of the underlying host systems will be critical, as well as repository monitoring to ensure no private container data is exposed or account and authentication data available.

In June 2014, a security researcher posted proof-of-concept code that allowed Docker containers to access and manipulate the Docker host file system, acting as a simplified version of a virtual machine escape exploit. While this exploit was only applicable to some versions of Docker, it did raise concerns about how containers and applications are being deployed. The Docker team maintains that Docker containers are not as secure as virtual machines, and recommends against deploying highly sensitive data or privileged applications. Aside from this, the Linux security controls within the Docker host and affiliated with the Docker Engine can be used to control and restrict access.

Conclusion

With the rapid evolution in DevOps and hybrid cloud architecture, the need for fast, simple and consistent application development and deployment workflow becomes more paramount than ever before. Since Google supports Docker with App Engine integration, it seems Docker is here to stay, and hopefully security controls for Docker will continue to improve as its popularity grows.

About the author:
Dave Shackleford is the owner and principal consultant of Voodoo Security LLC; lead faculty at IANS; and a SANS analyst, senior instructor and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. 

Next Steps

Want more information on Docker networking? Here's how Linux containers will change your network.

London’s Orchard and Fig join Docker

This was last published in September 2014

Dig Deeper on Hybrid and Private Cloud Computing Security

Join the conversation

4 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Is your enterprise considering Docker hosting?
Cancel
We are currently using Docker for both our automated test machines and for our development environments. It's an interesting model and one that requires you to think less of individual machines and how they play together with each other. It still feels strange to go into a container and realize that I'm a level removed from the actual components that make up the current machine.
Cancel
The philosophy of Docker perfectly fits with Cloud for the continuous integration. However, some CIOs we met believe that with containers there is no need of Puppet, Chef, Ansible and other orchestration tools, which raise the question, are they moving in the right direction with container technology? 
Cancel
I don’t see the use of containers negating the need for orchestration tools like Puppet and Chef. On the contrary, they prove exceptionally useful when your container space starts to rapidly expand.
Cancel

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close