1

I want to create web services that will be distributed as docker containers on my platform.

Running Docker on a physical machine is faster in comparison to running it in a VPS, as there is no overhead from a virtual OS layer. However, a VPS is more maintainable when the software in the environment crashes the system.

I am wondering what will happen if the environment in a Docker container gets hacked, or corrupts the OS because of either bugs/exceptions or external attacks. Can it influence the host system, and cause the entire machine to become either corrupted or crash?

Would you recommend running Docker physically or within a virtual machine?

RoyB
  • 3,104
  • 1
  • 16
  • 37

1 Answers1

0

The Docker guest shares the kernel with the host. As a result any kernel exploits/corruption would affect the host.

Docker security seems complicated though. I'd recommend reading this http://docs.docker.com/articles/security/ and being very careful about the users you use in your containers.

Tom Hennen
  • 4,746
  • 7
  • 34
  • 45