DevOps Hunter Security Automation

Understanding  Docker Volumes in-depth with real-time scenarios. Where the MongoDB is the backend tier Database and frontend web application using - Mongo-Express container. Use Case 1: MongoDB container without volume observe what happens to the data. Use Case 2: After attaching volume = persistence - confirm re-create containers data persist  Use Case 3: Database containerversion changes does not impacts the Data persisted Let's start the experiment on data persistance. Docker Volume deep dive - MongoDB persistant  To share the sensitive data we use network isolation, which is already discussed in Docker Networks  post. # Create Network docker network create mynet Now let's use this mynet throughout all our use-case examples. MongoDB Connect to Mongo-express which is a member in the same network so that it can access the database Use Case 1: MongoDB Without any volume - Non Persistence MongoDB Container without any persistance storage : docker run -d --...

 In this, we will discuss an experiment on Docker Container Network port exposed or published. A Netcat command utility will be used to make an echo server. which will be read the message on one socket and the other end sends the message to the terminal. Understanding Port forwarding in Docker Containers Background on Docker Port Docker container ports by default mapping to host ports. The -P option will bind the container exposed ports (EXPOSE command in Dockerfile) to random available ports of the host. We can bind any port of the container even though it is not pre-defined with EXPOSE ones. For this, you can use -p (lower case) with host port followed by a colon (:) container port  Note: This experiment can be successful on ubuntu:14.04 image only. Because other than that ubuntu images don't support nc and host.docker.internal to look into the docker network. Here we have four use cases: Two ports open to run the echo server  Container access host network Dynamically...

Hello Guys, DevSecOps team members, In this post I would like to integrate Jenkins with SonarQube.  SonarQube is an open-source product for continuous inspection of code quality.   The main objective of SonarQube to check Code Quality and provide the Code Security. SonarQube empowers and ensure all developers to write cleaner and safer code.  In this experiment we will be running the SonarQube on a Docker Engine. Prerequisites We must have following pre-requisites to do this experiment SonarQube Server installed, up and running state Jenkins installed and Master is up and running Sonar Scanner installed on same machine(container) where Jenkins build job executes Important URLs  The following links are very helpful while dealing with the SonarQube and its integration with Jenkins. Docker play-ground :  Sonar Scanner Link   SonarQube on DockerHub     Step 1: Preparing SonarQube on the Docker You could installed Docker and it is Up and runn...