Framework to Secure Docker Containers

摘要

Docker is one the key component for application deployment using CI/CD pipelines. Wherever containers are going ot be used, Docker engine is always the first choice but on other hand security of the Docker images using which application is going to be deployed is always a concern. In cloud computing, validation of the Docker images security is a paramount. Containers virtualization which is based on operating system virtualization is not secure as hypervisor virtualization. In this paper we are proposing a framework which uses an architecture including plugins, CI/CD pipeline to deploy the application to ensure the security of application bundled as a Docker image. It is going to be referred from the starting of application development till the deployment including plugin for Docker build, bundling the application in form of images along with required libraries, pushing the images to Docker registry. Jenkin jobs are going to be used for getting the build and then for deployment. For validation, we came up with vulnerable Docker images and validated against our architecture having proposed model to compare the results. In later sections, we have also considered the containers security measures.