Developing Docker and Docker-Compose Specifications: A Developers’ Survey

Reis, David; Piedade, Bruno; Correia, Filipe Figueiredo; Dias, Jorge; Aguiar, Ademar

doi:10.1109/access.2021.3137671

Cited by 32 publications

(16 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Typically, if a developer creates a Docker environment [28], the workflow is convoluted and most of the time relies on a trial-and-error process. Editing a specification (e.g., a Docker file), building it into an image, instantiating the image in a container, understanding whether it works as expected or not, identifying the cause(s) of a fault, and returning to the first step to improve the specification are all steps in creating a Docker container.…”

Section: Build Toolsmentioning

confidence: 99%

Method for Continuous Integration and Deployment Using a Pipeline Generator for Agile Software Projects

Donca

Stan

Misaros

et al. 2022

Sensors

View full text Add to dashboard Cite

Lately, the software development industry is going through a slow but real transformation. Software is increasingly a part of everything, and, software developers, are trying to cope with this exploding demand through more automation. The pipelining technique of continuous integration (CI) and continuous delivery (CD) has developed considerably due to the overwhelming demand for the deployment and deliverability of new features and applications. As a result, DevOps approaches and Agile principles have been developed, in which developers collaborate closely with infrastructure engineers to guarantee that their applications are deployed quickly and reliably. Thanks to pipeline approach thinking, the efficiency of projects has greatly improved. Agile practices represent the introduction to the system of new features in each sprint delivery. Those practices may contain well-developed features or can contain bugs or failures which impact the delivery. The pipeline approach, depicted in this paper, overcomes the problems of delivery, improving the delivery timeline, the test load steps, and the benchmarking tasks. It decreases system interruption by integrating multiple test steps and adds stability and deliverability to the entire process. It provides standardization which means having an established, time-tested process to use, and can also decrease ambiguity and guesswork, guarantee quality and boost productivity. This tool is developed with an interpreted language, namely Bash, which offers an easier method to integrate it into any platform. Based on the experimental results, we demonstrate the value that this solution currently creates. This solution provides an effective and efficient way to generate, manage, customize, and automate Agile-based CI and CD projects through automated pipelines. The suggested system acts as a starting point for standard CI/CD processes, caches Docker layers for subsequent usage, and implements highly available deliverables in a Kubernetes cluster using Helm. Changing the principles of this solution and expanding it into multiple platforms (windows) will be addressed in a future discussion.

show abstract

Section: Build Toolsmentioning

confidence: 99%

Method for Continuous Integration and Deployment Using a Pipeline Generator for Agile Software Projects

Donca

Stan

Misaros

et al. 2022

Sensors

View full text Add to dashboard Cite

show abstract

“…We provide photos with vulnerabilities and evaluate how well our method for finding the flaws works. Additionally, we demonstrate how dynamic analysis complements the static studies generally used for security assessments by evaluating the security of Docker containers based on their activity [27].…”

Section: Security Vulnerabilities In Containerizationmentioning

confidence: 99%

Container Performance and Vulnerability Management for Container Security Using Docker Engine

Alyas

Ali

Khan

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Containers have evolved to support microservice architecture as a low-cost alternative to virtual machines. Containers are increasingly prevalent in the virtualization landscape because of better working; containers can bear considerably less overhead than the conventional hypervisor-based component virtual machines. However, containers directly communicate with the host kernel, and attackers can co-locate containers in the host system quicker than virtual machines. This causes significant security issues in container technology. The security hardening system is currently targeted at implementing universal access management regulations that make it difficult to assess the required procedure for accessing containers. Security mechanisms include an explicit awareness of the purpose and actions of the container and entail manual interaction and configuration. A user-friendly container protection scheme implemented an access policy to comply with its anticipated and legitimate application performance. In this study, container technology constraints have been overcome by proposing a unique Docker-sec mechanism. Docker-sec uses four mechanisms; the original collection has been improved during container runtime by additional rules that constrain the capacity of the container, further representing the applications in practice, file system, processes, network isolation, and vulnerability scanning of Docker images over different workload. Different vulnerabilities have been scanned with a CVE severity level. Results showed that inter-container communication with the system is more secure containers from zero vulnerabilities with an overhead of 3.45%.

show abstract

“…In this article, we restrict our analysis of related works (cf. Section V) to those addressing simultaneously patterns and software quality aspects in the scope of microservices design, but such a systematic review could also look in more detail into works as those done by Li et al [36], Reis et al [37], Bogner et al [38], [39], Soldani et al [40] and Waseem et al [41], which study practices and quality aspects in the context of microservices. Even if not necessarily leaning on pattern literature and on how patterns are perceived by professionals, we believe that some of the results of these studies could be used to improve existing pattern knowledge.…”

Section: Future Workmentioning

confidence: 99%

Designing Microservice Systems Using Patterns: An Empirical Study on Quality Trade-Offs

Vale¹,

Correia²,

Guerra³

et al. 2022

Preprint

View full text Add to dashboard Cite

The promise of increased agility, autonomy, scalability, and reusability has made the microservices architecture a de facto standard for the development of large-scale and cloud-native commercial applications. Software patterns are an important design tool, and often they are selected and combined with the goal of obtaining a set of desired quality attributes. However, from a research standpoint, many patterns have not been widely validated against industry practice, making them not much more than interesting theories. To address this, we investigated how practitioners perceive the impact of 14 patterns on 7 quality attributes. Hence, we conducted 9 semi-structured interviews to collect industry expertise regarding (1) knowledge and adoption of software patterns, (2) the perceived architectural trade-offs of patterns, and (3) metrics professionals use to measure quality attributes. We found that many of the trade-offs reported in our study matched the documentation of each respective pattern, and identified several gains and pains which have not yet been reported, leading to novel insight about microservice patterns.

show abstract

Developing Docker and Docker-Compose Specifications: A Developers’ Survey

Cited by 32 publications

References 25 publications

Method for Continuous Integration and Deployment Using a Pipeline Generator for Agile Software Projects

Method for Continuous Integration and Deployment Using a Pipeline Generator for Agile Software Projects

Container Performance and Vulnerability Management for Container Security Using Docker Engine

Designing Microservice Systems Using Patterns: An Empirical Study on Quality Trade-Offs

Contact Info

Product

Resources

About