Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Sichere und robuste Docker Images für .NET

Thorsten Hans
March 31, 2021
Technology
0
800

Sichere und robuste Docker Images für .NET

Anwendungen in Containern zu betreiben gehört nicht nur zum guten Ton. Bereits seit Jahren befinden sich Technologien wie Kubernetes und Docker auf einem Siegeszug der seines gleichen sucht. Doch bereits beim Erstellen von Docker Images gilt es auf viele kleine Dinge zu achten um Anwendungen auf lange Sicht professionell in Containern zu betreiben.

In diesem Webinar zeigt Azure MVP Thorsten Hans, wie auch Sie sichere und robuste Docker Images erstellen. Sämtliche Demos und Beispiele werden in diesem Webinar anhand einer .NET-WebAPI erläutert.

Thorsten Hans

March 31, 2021
Tweet

More Decks by Thorsten Hans

See All by Thorsten Hans
Hyper-Efficient Serverless Platforms on Azure Kubernetes Service with Fermyon Platform for Kubernetes
thorstenhans
0
60
Azure OpenAI & private Large Language Models sicher deployen mit Terraform
thorstenhans
0
210
Mega Mergers: Cloud-Native-Architekturen mit Containern und WebAssembly
thorstenhans
0
48
Cloud-Native Generative AI mit Fermyon Serverless AI
thorstenhans
0
40
BASTA 2023 - Cloud Native Workshop
thorstenhans
0
98
Cloud-Native in der Praxis: Moderne End-to-End-Architekturen
thorstenhans
0
42
Azure Container Apps: Endlich Serverless?!
thorstenhans
0
50
Cloud-Native für .NET-Entwickler: Moderne End-to-End-Architekturen
thorstenhans
0
46
Webinar: Logs. Traces, Metriken: Observability von .NET 7-Anwendungen
thorstenhans
0
200

Other Decks in Technology

See All in Technology
マルチモーダル / AI Agent / LLMOps 3つの技術トレンドで理解するLLMの今後の展望
hirosatogamo
37
13k
Application Development WG Intro at AppDeveloperCon
salaboy
0
200
EventHub Startup CTO of the year 2024 ピッチ資料
eventhub
0
130
Making your applications cross-environment - OSCG 2024 NA
salaboy
0
200
OCI Security サービス 概要
oracle4engineer
PRO
0
6.5k
CDCL による厳密解法を採用した MILP ソルバー
imai448
3
180
OCI Network Firewall 概要
oracle4engineer
PRO
0
4.2k
OCI Vault 概要
oracle4engineer
PRO
0
9.7k
複雑なState管理からの脱却
sansantech
PRO
1
160
ドメインの本質を掴む / Get the essence of the domain
sinsoku
2
160
インフラとバックエンドとフロントエンドをくまなく調べて遅いアプリを早くした件
tubone24
1
430
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
310

Featured

See All Featured
10 Git Anti Patterns You Should be Aware of
lemiorhan
655
59k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
93
16k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
900
For a Future-Friendly Web
brad_frost
175
9.4k
Adopting Sorbet at Scale
ufuk
73
9.1k
Site-Speed That Sticks
csswizardry
0
33
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
Optimising Largest Contentful Paint
csswizardry
33
2.9k
Why Our Code Smells
bkeepers
PRO
334
57k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
Imperfection Machines: The Place of Print at Facebook
scottboms
265
13k
A Modern Web Designer's Workflow
chriscoyier
693
190k

Transcript

  1. Sichere und robuste Docker Images Für .NET Thorsten Hans @ThorstenHans

    Consultant

  2. Consultant @ Thinktecture #Azure #Kubernetes #CloudNative #Terraform [email protected] thinktecture.com thorsten-hans.com

    @ThorstenHans Thorsten Hans

  3. What we will cover today • Docker Introduction • Hands

    On • Default .NET Docker Images • Container OS • .NET Restore, Build, Publish • Runtime Dependencies • Ensure Non-Root • Fix vulnerabilities • Recap Talking Points

  4. What we will cover today • Docker Introduction • Hands

    On • Default .NET Docker Images • Container OS • .NET Restore, Build, Publish • Runtime Dependencies • Ensure Non-Root • Fix vulnerabilities • Recap Talking Points

  5. Quick Introduction • Container Runtime • Written in Go •

    Available for all major operating systems • Most parts are Open Source • Can be leveraged at each point of software lifecycle • Develop, Test, Deploy, Operate Docker

  6. Architecture Docker Docker Engine Docker Client Docker Daemon

  7. Building Blocks • Containers are executed by Docker • Images

    are read-only artefacts created with Docker • Dockerfile is a blueprint for building Images • Tag is a (human readable) reference to a specific Image • Registry is a centralized public or private repository that stores Images Docker

  8. Architecture Docker provides a container format called libcontainer which consists

    of three essential building blocks: • Namespaces provide isolation for processes, network, filesystem • Control Groups limit resources for Containers on Linux systems • Union File System is a layered File System, used to create Images from thin layers Docker

  9. A layered approach Union File System

  10. What we will cover today • Docker Introduction • Hands

    On • Default .NET Docker Images • Container OS • .NET Restore, Build, Publish • Runtime Dependencies • Ensure Non-Root • Fix vulnerabilities • Recap Talking Points

  11. What we will cover today • Docker Introduction • Hands

    On • Default .NET Docker Images • Container OS • .NET Restore, Build, Publish • Runtime Dependencies • Ensure Non-Root • Fix vulnerabilities • Recap Talking Points

  12. Important aspects to keep in mind • Test each optimization

    using the following metrics • Vulnerabilities • Is the app working as expected • Image sizing • Layer sizing • Image build performance Recap

  13. Q&A If you have further questions: shoot me a mail

    at [email protected] / [email protected] or tweet at @ThorstenHans