In light of the recent COVID-19 pandemic - OPTASY would like to offer DRUPAL website support for any Healthcare, Government, Education and Non-Profit Organization(s) with critical crisis communication websites or organizations directly providing relief. Stay Safe and Stay Well.

Should I Use Docker in Production Environment? Is It Safe? 
Tips

Should I Use Docker in Production Environment? Is It Safe? 

by RADU SIMILEANU on Aug 31 2018

“Should I use Docker in production?” 

Are you "torn” between:

Docker's superpower as a container platform and all the security concerns related to the Docker model?

“Seduced” by the names of all those giant companies — Twitter, Google, Amazon, eBay, Netflix —  who're already using Docker containers in production? Yet, still skeptical and hesitant to run them in production environment considering all the signaled data management issues?                    

Now, instead of letting this question turn into a “haunting” dilemma, you'd better dug for some answers. Find out:

 

  • whether Docker is right for your own unique project, as well
  • how a container infrastructure works (compared to a traditional environment) 
  • what it takes to use Docker in production
  • which are the common misconceptions and issues with Docker in production

     

And, most of all: based on your own use case, should you be running Docker in production environment or not?

 

1. The One Question to Ask Yourself: “What Will I Do with Docker in Production?”

Before asking yourself:

 “Should I be using Docker in production? How safe is it?”

… you'd better answer one critical question:

“What will I do with Docker in production?”

And toying with the thought of using Docker containers does require a reevaluation of your system's whole infrastructure. From the ground up:

 

  • How will you monitor Docker containers in production?
  • How will things be deployed?
  • How will backups be performed?
  • What about updates? How will they be handled?

     

Also, while giving yourself some realistic and straightforward answers to all these questions, try to consider different attack vectors, as well:

 

  • What services will your Docker containers get access to?
  • Are you able to restrict their access to the host system?
  • And what kind of “privileges” will they get?

     

  

So many things to clarify before you can ask yourself:

“Should I use Docker in production?” 

 

2. Container Infrastructure vs Traditional Environments

How does a Docker container infrastructure work?

It's critical that you fully understand what sets it apart from a traditional environment before you can assess whether it's safe for production usage in your project or not.

Unlike traditional environments, where a sysadmin would normally run upgrades and restart services, in container infrastructures, containers are read-only, immutable... elements.

In other words: security upgrades won't happen inside your Docker containers; for these upgrades to run, you'll need to redeploy newly upgraded versions of your containers.

Note: since developers can push containers to your platform, you should define and enforce custom policies to limit the no. of privileges assigned to each one of the containers in your infrastructure.

 

3. 2 Most Common Misconceptions about Using Docker in Production

Since it hit the systems scene (2002) and quickly “stole the show”, Docker's generated a lot of misconceptions. And probably the most common one (that all the other ones stem from) is that:

"Docker's ridiculously easy to use; it's a “one size fits all projects/use cases/infrastructures...” type of technology."

Well, not quite...

Now, let's “bust some Docker-related myths” once and for all:

 

3.1. Running Docker in Multi-Host Production Environments Is (So) Simple

It's almost grown into a universal truth that:

Using Docker even in a multi-host production environment is... nothing but a child's play.

It is technically possible, indeed, yet, it's far from simple!

Before running Docker in a multi-host network —  in a robust and safe way, I mean —  you need to consider and to put in place the proper management of a whole lot of variables:

 

  • orchestrating container deploys with no downtime at all
  • managing container logs
  • ensuring that the private image repository's 100% secure
  • managing container logs
  • properly handling all container deploy roll-backs

     

And the list is almost a never-ending one...

See? Sure, big companies manage to use Docker in multi-host production environments and to successfully handle all the above variables, yet the process's anything but trivial.

 

3.2. It's OK to Blindly Jump into Docker, No Matter The Infrastructure

Tempted to go from “Should I use Docker in production?” to “I should/can definitely use it straight away!”?

And this is yet another misconception that has grown out of the general idea that using Docker requires zero preparations; zero planning and evaluation of your current infrastructure.

That it's conveniently easy to use and it fits all use cases.

Wrong! 

You need to take a whole lot of aspects into account before using Docker in production:

It requires a robust, stable foundation/infrastructure!

In other words, if your current system does not have:

 

  • an automated system setup 
  • a fully secured least-privilege type of access
  • automated deploys
  • easy-to-be-restored and 100% secure database backups
  • and more

     

... you should reconsider using Docker in production ASAP. Or at least postpone your plan till you've filled in all those cracks in your systems' infrastructure...

 

4. Choosing the Right Path From Test Environment to Production Environment

The very first step to take for “leveling up” from running Docker in your test environment to using it in production is: choosing the right path.

This can be either:

 

  • predetermined by your own project's particularities (project-specific constraints such as a specific cloud service or datacenter) 
  • DIY
  • a rented cloud service
  • a pre-made platform

     

Choose your path wisely!

 

5. 3 Key Aspects to Take into Account For a Smooth Production Usage of Docker

 

5.1. The Docker Engine: Tweaking Its Default Settings Is a Must

As I've been trying to stress out here:

Running Docker in production does require certain preparations and considerations.

For instance, once you install the Docker engine to your distribution of choice (Ubuntu or Red Hat or... another one), you shouldn't stick to its default settings.

They're not suitable for production usage!

Therefore, it will require some tweaking so that your Docker engine can handle the load once in production environment.

Moreover, your engine will be in charge of running the containers and nothing more. When it comes to:

 

  • cleaning up containers
  • … volumes
  • … logs

     

these are all your configuration's responsibility.

And 2 more words of caution/pieces of advice:

 

  • keep in mind to check the graph driver (go for Overlay2 if it's the latest version of kernel that you're using)
  • keep both your Docker engine and the kernel safely up-to-date 

     

5.2. A Well-Built CI/CD Pipeline Can Save Your Life

And it's just partly an exaggeration...

For once you run your Docker containers in production and you need to handle a complex infrastructure of services, having a reliable pipeline in place can do wonders.

In short: if you don't automate the process of moving your containers across all the 3 stages of production — build phase, test phase, deployment phase — you'll go nuts...

Tip: remember to script everything; also, to version control each and every script and configuration.

 

5.3. Security: Handle It Properly, Right from the Testing Environment

In other words: no matter how tempted you might be to overlook this aspect once you finally have Docker running properly in production, don't underrate the security issue.

Moreover, you should give it due consideration right from the testing environment...

Once you deploy your Docker containers in production environment, be 101% cautious and vigilant to detect any network vulnerabilities threatening your data.

 

6. “Should I Use Docker in Production?” Is It Safe? Is It Efficient?

Back to our initial question:

“Is it safe to run Docker in production environment?”

My answer to you is:

It is, as long as you take into account all the above-mentioned technical aspects and variables and as long as you adopt the best practices for using Docker in production.

Meaning:

 

  • applying updates
  • running your CI tests
  • automating... everything
  • closely monitoring your Docker containers once in production
  • using the available tools
  • running only current versions
  • running only one process per container 
  • “supercharging” your orchestration tool with all the appropriate security measures (Kubernetes, Swarm, Titus, DCOS etc.) 
  • etc.

     

In short: Docker is only as safe as its users' implemented safety measures.

Technically, it can be used in production. 

When it comes to safety, Docker's come a (really) long way since its early days. 

With:

 

... Docker's once glaring security flaws (e.g. less isolation of containers as compared to virtual machines) now seem like a bad memory from its old “experimenty” stage.

Yet, to your “Should I use Docker in production?” type of question I can only answer:

“You should, if you don't do it blindly and you commit yourself to following the best practices”

 

7. In Conclusion...

If I was to sum up, into a “shortlist of commandments”, all the recommendations, words of caution, clarifications, and explanations here-above, it would go something like this:

 

  1. don't jump blindly into Docker; take your time to think through all the involved aspects
  2. keep in mind that it's far more unlikely for an attacker to exploit an insecure Docker container in your system than to... tap into social engineering for getting his hands on the password
  3. Docker's an extremely powerful tool, so running it on top of an unstable infrastructure is pretty much like driving a sports car on a pothole-riddled road
Development

We do Web development

Go to our Web development page!

Visit page!

Recommended Stories

DrupalDrupal 8Tips
Acquia Maintenance Services for Drupal Enterprise

Acquia Maintenance Services for Drupal Enterprise

  Acquia Cloud Enterprise is a fully managed cloud service that provides the infrastructure, tools, and services to run your site on the Acquia Platform. Acquia for Drupal Enterprise is an enterprise-ready version of Acquia's award-winning platform for building and running websites with Drupal 8. It includes all of the features you need to build, manage, and scale a modern website. It also comes with preconfigured modules, themes, and other content so you can get started quickly. What makes Acquia the right Drupal hosting provider? Acquia Cloud Platform offers secure and compliant web hosting services built exclusively for Drupal. You can use them to host your site and develop your content using Drupal 8, Drupal 7, or any other version of Drupal. They offer fully managed Drupal hosting, as well as a range of development tools. Their enterprise-grade security features include SSL certificates and access control lists (ACLs). They also provide world-class customer service. The following are some of the key benefits of choosing Acquia: Fully managed hosting - No servers to install, configure, maintain, upgrade, patch, or monitor. All you have to do is deploy Drupal. Focus on innovation - Having a fully managed Drupal hosting solution allows you to create digital experiences that focus on what matters most: the customer. Highly scalable - Acquia’s cloud architecture scales from small sites to large global deployments. Built for performance - Acquia has built its hardware and software solutions to ensure that your site performs at peak levels. Streamline compliance - Compliance requirements such as GDPR, PCI DSS, HIPAA, and more are easily met through Acquia’s robust data protection practices.   Top features of Acquia web hosting for Drupal Drupal 8 support. Acquia supports Drupal 8 out of the box. This means you can start developing and deploying your next great project immediately. Built-in security. Acquia includes strong authentication and firewall controls. Robust developer tools that provide automated testing for development, staging, and production environments.  Real-time monitoring tools (Acquia Insight) that measure and report on application health. Add-ons. Acquia offers hundreds of add-on modules and themes to help you customize and deliver cutting-edge experiences. Best Practices for Acquia Setup & Maintenance  In order to optimize the performance and functionality of your site, we recommend the following best practices when setting up and maintaining your site on Acquia. Set up the environment before starting work. The first step in getting started with Acquia is creating an account and installing Drupal. Once your site is live, it’s important to keep it running smoothly by regularly updating core, contributed modules, and third-party extensions. Use the Acquia Dashboard. The Acquia dashboard provides a single place where you can view all of your settings, including installed modules, configuration options, and user roles. It's also where you can manage users, groups, and ACL permissions. Keep your database clean. As part of regular maintenance, make sure your database tables are properly maintained. For example, if you have many content types or custom fields, consider using the Field Permissions module to prevent orphaned records. Keep your database optimized. If you use the MySQL Query Cache feature, it will be automatically enabled. To ensure optimal performance, disable caching whenever possible. Optimize your codebase. Use the built-in Drush command line tool to perform updates and upgrades to Drupal core and other modules. Optimize your site architecture. Make sure your site has a clear separation between presentation logic and business logic. This helps separate concerns and makes it easier to maintain your site as its complexity grows. Make sure your site has a clean separation between presentation logic and data access logic. This helps separate responsibilities and makes it easier to update your site when new features are added. Test your site thoroughly. Test your site from multiple devices and browsers. You should test on mobile phones, tablets, laptops, and desktop.    FAQs about Drupal hosting How does Acquia compare to other Drupal hosts? Acquia is one of the few companies offering truly integrated Drupal hosting. The brand has combined its expertise in both technology and business management to make it easy for users to launch and grow their online presence. What is the difference between Acquia Hosting and Acquia Cloud Platform? With Acquia Hosting, customers get all the benefits of a full-featured, managed Drupal platform without having to manage servers themselves. With Acquia Cloud Platform, customers get all the advantages of a private cloud infrastructure with the convenience of a shared environment. Both options allow you to build, test, and deploy websites quickly and efficiently. Is there a free trial available for Acquia Hosting? Yes. You can try our services completely risk-free by signing up for a 30-day free trial. After the trial period ends, you will be billed $9.99 per month. Can I host my website using Acquia Hosting if I am not interested in running an enterprise-level site? Absolutely. Acquia Hosting is designed to work well with any type of website. It comes with everything you need to launch your new or existing website, including: A powerful Content Management System (CMS). An intuitive user interface. Easily scalable resources. Advanced security. Access to thousands of premium WordPress themes and plugins. Support for multiple languages and currencies   To learn more about Acquia Drupal, check out this page.          Photo credit: Unsplash.... Read more
Raluca Olariu / Apr 29'2022
DrupalDrupal 8Tips
How to Find the Best Drupal Developer for Your Needs

How to Find the Best Drupal Developer for Your Needs

  Building a robust Drupal development project that supports your business objectives can be challenging and time-consuming. But with the right Drupal partner that has the experience and expertise needed to help you build a website that will meet all of your needs, you will find this process a lot easier. This article talks about the competitive advantages of hiring Drupal developers and how you can find the best fit that meets your Drupal project needs.  The benefits of hiring Drupal developers Hiring a Drupal developer is an investment in your company's success as it provides plenty of competitive benefits that set you apart from the competition. These advantages include: Building highly-personalized Drupal projects that boost your brand awareness and increase sales. Designing and developing custom Drupal features and functionalities that suit your project requirements. Dedicated support for your Drupal project throughout its lifecycle from content migration and system integration to API design and web accessibility. Having access to ongoing updates and continuous maintenance and support. Reduced costs and increased ROI by having a dedicated team working on your project. What are some of the challenges of hiring Drupal developers? Hiring a Drupal developer or a Drupal development team may not always be easy because there are many factors involved when choosing a Drupal developer. Some of these factors include: Finding a good match between your skillset and their technical knowledge. Choosing a Drupal developer who understands your business goals and objectives. Finding a reliable Drupal partner at a price that fits your budget allowance.     How to spot the right Drupal partner for your business requirements There are several things you should consider before hiring a Drupal developer. Here are some tips to help you identify the right Drupal developer for your project: Do your research first and gain a good understanding of what a Drupal developer is and what are their responsibilities.  A Drupal developer has plenty of duties like conducting research and installing Drupal modules that best fit your needs, extending existing modules so their functionality increases, managing how your website looks and works for high-quality user experiences, migrating existing websites and content, architecting  Drupal projects and web infrastructures, etc.   Also, a Drupal developer can have three main roles that you should pay attention to: Drupal Front-End Developer. A front-end developer is responsible for designing and building the interface of your site using HTML, CSS, JavaScript, jQuery, Bootstrap, Foundation or any other framework. This includes elements such as buttons, forms, navigation menus, or tables and also includes how your page looks. Drupal Back-End Developer. A back-end developer is responsible for programming the logic behind your site's functions and processes. This includes writing code that handles database queries, creates pages, manages users, and more. Drupal Theme Developer. A theme developer is responsible for styling the look and feel of the entire website including the layout, colors, fonts, images, and anything else that makes up the overall appearance. They will work with the front-end developer to ensure that everything on the site matches and flows well together.        2. Identify and examine your project needs.  Now that you know in more detail what a Drupal developer does, it's time to understand your project needs and what you require from a developer's services. Key questions to ask at this stage are: Do you need a back-end expert or a full-stack developer? Do you only need Drupal maintenance? Do you need a whole new enterprise-grade Drupal solution? Would you like to hire a freelance developer or a contract-to-hire? Do you just have a rough idea of what you’d like him/them to develop? What type of experience do you want them to have? How much time would you be willing to spend working with them? How many hours per week would you be able to dedicate to the project?       3. Know where to look for talented Drupal developers. Top channels to consider for passive searches: job portals like LinkedIn, Monster, Glassdoor, Indeed online Drupal (or PHP) communities freelance platforms like Upwork, Toptal, Scalable Path Top channels for your active searches: social media Drupal groups local IT communities LinkedIn (when you start analyzing particular profiles on LinkedIn your passive search becomes active) Drupal.org (select the top Drupal profiles there and start evaluating them against your own requirements) developer communities like GitHub, Stack Overflow       4. Ask the right questions. Among the most important questions to ask potential Drupal partners are: How long have you been working with Drupal development solutions? What Drupal experience do you have? Are you familiar with my business model? Can you provide references? What Drupal skills do you possess? What Drupal technologies do you use?       5. Evaluate your potential Drupal partner carefully. Essential things to consider are: How experienced they are in working with different Drupal versions What their technical expertise is / How skilled they are at Drupal module development Their GitHub Profile (how much time they spent on different projects, samples of their written code, details on their contributions) Their involvement with the Drupal community What past clients say about working with them   Optasy's team of experienced Drupal developers is here to help you We are a development company and we are ready to leverage and to "fuel" your project with all that Drupal expertise that we've been gaining as a Drupal firm during these +10 years: whether it's custom module development, Drupal migration, AI implementation, or any type of new feature integration with Drupal that you need us to do. We're web developers, but with a mobile-first approach to our website development projects, in fact: we commit to helping you deliver the message to your users in an intuitive, effective, and nonetheless appealing way, on all devices.  We'll be in for the long run: our Drupal development services include 24/7/365 support & ongoing maintenance, which means much more than just rolling out patches and updates; we'll ensure that your OPTASY solution (be it Drupal, Laravel, WordPress, Magento, React or Angular-based) keeps meeting your goals, that it continues to remain relevant in the context of future technology changes. From structure planning, to Drupal website development, all the way to maintenance and long-term support, we've got your back; stay assured: full-cycle projects are our specialty as a Drupal 8 agency. As a development company in Toronto we have the experience and the expertise to handle your most specific requirements:   back-end development: we design and develop the custom features and functionalities that suit your project requirements front-end development: from custom themes to user-friendly Uis, to user experience design, to designing responsive layouts content migration system integration API design and development web accessibility  website maintenance: pass over the maintenance burden on our shoulders; we provide ongoing updates and continuous maintenance and support   For more information on how our talented Drupal experts can help you build a robust project for your web development needs, contact us.    Photo credit: Unsplash.... Read more
Raluca Olariu / Jan 21'2022
TipsWeb Design
The Benefits Of Interactive Websites and How to Create Them

The Benefits Of Interactive Websites and How to Create Them

  Today, the digital world is getting increasingly competitive. To stay relevant, you need to build personalized user experiences and engage your audience in a meaningful way. What makes a website interactive? An interactive website is one that communicates efficiently and provides interactive web user experiences. It can be used to create an online presence for your business, or it could also be used as part of the marketing strategy for your company. The main goal of any website should always be to provide users with the information they need in order to make informed decisions about their purchases. This means providing them with all relevant information on products and services offered by you and/or your competitors. An effective way to do this would be through the use of graphics, videos, animations, etc., which are known collectively as "web 2.0" technologies. These types of websites allow users to interact directly with content without having to navigate away from the page first. They're often referred to as being more engaging than traditional static sites because they encourage interaction between visitors and the site's owner. In addition, these types of websites tend to have higher conversion rates compared to other forms of advertising. The Benefits of Creating Interactive Websites Interactivity is a key element in the success of any website. It can be as simple as adding an interactive map to your business directory, or it could involve creating a complex database-driven application that allows users to search for products and services by category, price range, location, etc. The main benefits of interactive websites are: Increased engagement. Users will spend longer periods of time browsing your site if there are multiple ways for them to engage with what they see. For example, if you offer a product comparison tool, then people who want to compare prices may find themselves spending hours looking at different options before making a purchase decision. Higher conversions. People like interacting with things that interest them. If you've ever been to a museum, you know how much fun it is to look around exhibits and learn new facts while doing so. You'll probably end up buying something after visiting such places. So why not take advantage of this fact when designing your own website? More targeted traffic. When someone visits your website, they have already made some sort of connection with you. By offering them additional opportunities to connect with you further, you increase the chances of converting that visitor into a customer. Better SEO rankings. Search engines prefer websites that contain lots of valuable data. An interactive website gives you many more opportunities to include keywords within its pages, thus improving your ranking in searches related to those terms. Better user experience (UX). A good UX makes life easier for both customers and employees. Customers might not mind navigating complicated interfaces; however, they hate slow ones. Employees dislike working with systems that require too much training. Both groups appreciate easy navigation and intuitive designs.   How to make your website interactive There is a wide variety of tools and website features available today that help you build interactive websites. The most popular elements and features for making websites interactive are: Simple software tools that relate to your business like tax calculators, quizzes, or surveys. These types of applications allow visitors to interact directly with your content without having to leave your page. They also provide valuable feedback about your audience's interests and preferences. An eCommerce solution that integrates payment processing, shipping, inventory management, order tracking, and other functions needed to run a successful online store. Social media widgets that let you embed social sharing buttons on your website. This lets your audience share information about your company via their favorite networks. Videos on web pages make great examples of how to create interactive websites. The best part about using videos is that it doesn't need to be fancy -- just get creative! Visual designs tend to attract and engage more users. User-generated content can add value to any type of site. It helps people feel connected to what you're saying by giving them an opportunity to contribute ideas and opinions. A blog allows users to comment on posts as well as read others' comments. Blogs often have polls where readers vote on topics. Interactivity isn't limited to these five categories. There are plenty of ways to incorporate interaction into your website. For instance, if you sell products, you could offer free samples so that potential buyers can try them before buying. If you want to promote your brand, you could ask followers to submit photos of themselves wearing your product. You could even use Twitter hashtags to encourage conversation around certain subjects. You can get creative when it comes to interactive content on your site and use the following interactive elements that, as simple as they might look, can engage more users: Google Maps is a very useful interactive element to introduce on your site because it helps users save time and energy. Live polling gives users the ability to respond in real-time to questions asked through live chat. Search functionalities that make the user navigation more straightforward and effective. Feedback forms give users the chance to express their opinion about something specific and offer a feeling of connection with the brand. Making your website interactive strongly supports your digital marketing efforts An interactive website design and functionality can significantly improve the customer experience, which will most likely increase engagement among your target audiences. Your digital marketing strategies can greatly benefit from an interactive design layout and functionality. According to a study, "the average person spends more than two hours per day consuming digital media." An interactive website design and functionality give businesses the chance to engage with consumers at all times. How interactive elements affect SEO The more interactive experiences you provide on your website, the better they'll perform when it comes to search engine optimization. In fact, Google has stated that sites with rich user interactions tend to rank higher in its results pages. Google uses many signals to determine whether a webpage should appear high up in its rankings. One of those factors includes how much attention users pay to each element on a given page. For example, if someone clicks on one particular link within a post, then this action indicates interest in that specific topic. Therefore, engaging your audience as much as possible through interactive features and elements will help boost your organic traffic and help you rank higher on SERPs. Interactive websites as part of a strong online presence Successful modern businesses provide valuable interactive website examples as they leverage the potential of interactive websites to create stronger connections between customers and companies. They understand the power that lies behind creating a positive impression on visitors by providing them with relevant information and making sure they feel valued. What tools or features do you use to make your website more interactive?   Photo credit: John Schnobrich on Unsplash. ... Read more
Raluca Olariu / Oct 13'2021

Need a new Project?

Dare us to shape and boost your idea(s)!

Start a Project

(416) 243-2431

Contact

(416) 243-2431

Toronto Downtown

First Canadian Place,
100 King St. W. Suite 5700, Toronto

Toronto West

2275 Upper Middle
Rd. E, Suite 101
Toronto

New York

1177 Avenue of the
Americas, 5th Floor,
New York