Container Best Known Methods(BKM):
1. Package a single application per container
2. Properly handle PID 1, signal handling, and zombie processes
3. Optimize for the Docker build cache
4. Remove unnecessary tools
5. Build the smallest image possible
6. Properly tag your images
7. Carefully consider whether to use a public image
Container Security is paramount in container deployments:
ref:
Container Best practices -
Docker development best practices - https://docs.docker.com/develop/dev-best-practices/
1. Package a single application per container
2. Properly handle PID 1, signal handling, and zombie processes
3. Optimize for the Docker build cache
4. Remove unnecessary tools
5. Build the smallest image possible
6. Properly tag your images
7. Carefully consider whether to use a public image
Container Security is paramount in container deployments:
- Do not run containers as root user
- Deploy containers with signed images
- Patch vulnerabilities by deploying new container versions
- Encrypt traffic between containers
- Do not store credentials in containers
- Update base operating systems regularly
- Ensure containers access only needed resources
ref:
Container Best practices -
- https://cloud.google.com/solutions/best-practices-for-building-containers
- https://cloud.google.com/blog/products/gcp/7-best-practices-for-building-containers
- https://containerjournal.com/2018/10/16/9-pillars-of-containers-best-practices/
Docker development best practices - https://docs.docker.com/develop/dev-best-practices/