How did you automate the process of implementing settings to protect the server? And can docker help with this?

M

mr-zherart2017-01-11 12:01:40

ubuntu

mr-zherart, 2017-01-11 12:01:40

Hello. Now I'm digging up information on protecting a web server (selinux, fail2ban, ssl nginx, iptables, etc.). The question is how to automate the process and not to drive in the protection settings on each server over and over again, but to have a blank.
I’m reading about docker, but I still can’t fully understand its essence and whether it is applicable in this matter.
Tell me, please:
1. What automation options are there for implementing server protection settings?
2. is it possible to do this with docker? Judging by the image, the docker and the OS host are different things, and you cannot configure the security settings for them simply by expanding the container with the settings.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

N

Nikita Pavlov, 2017-01-11
@mr-zherart

Probably ansible will suit you better, and there are already a lot of ready-made playbooks .

K

kazatchkoff, 2017-01-11
@kazatchkoff

Puppet?

https://ru.wikipedia.org/wiki/Puppet

K

kpa6uu, 2017-01-11
@kpa6uu

Might come in handy Where can I find a good docker security guide?