This article originally appeared on LinkedIn.
In a traditional IT environment, teams create lengthy deployment guides based on environment variables or configuration files. Often these deployments guides are out of date or require the release manager to pull the latest configuration from a SharePoint site or Excel file. I can’t tell you home many times I have been on deployment conference calls trying to debug issues only to find out that an environment or configuration variable was improperly set. These types of situations have become standard practice in all too many IT environments.
Docker is one of the hottest technologies in the IT market. Docker 1.12 introduced Swarm Mode, the ability to orchestrate containers using the Docker Engine natively. Docker 1.13 added Secrets Management, the ability for administrators to store certificates, passwords, URLs, API Keys, and more in a highly available and encrypted format. These secrets are dynamically associated at runtime to containers using a memory based mount point known as TMPFS.
Using Docker Secrets Management, IT administrators can create a standard ontology across all of their environments. Developers can build their containers against this common ontology just like an agreed upon programming interface. By using a standard interface across all environments, administrators can update the configuration variables in a single location and restart all of the dependent applications to update the variable rather than updating each application manually. Security teams can rotate SSL certificates, update API keys, rotate encryption keys, and cycle passwords in a single place.
- Agreed upon interface for accessing key configuration variables (Single Sign-On information, Data Warehouse Credentials, Database Credentials)
- Programmatic access to application configuration variables.
- A single location to manage common configuration variables across all applications within the environment.
- Streamlined interface for updating global configuration parameters.
- Automate the rotation of SSL certificates, encryption keys, passwords across all applications.
- Secrets are encrypted at rest and only stored in clear text in memory.
Ultimately, secrets management enables IT organizations to streamline their development, deployment, and security operations while delivering business value fast and securely. By utilizing secrets management from Docker Swarm Mode and deploying applications within containers the business has a phenomenal security baseline.
If you are interested in learning more about deploying Docker Swarm Mode in the public or private cloud and using Docker Secrets Management inside your company reach out to us.