Recently I migrated my services (HTTP, SMTP and so on) into Docker containers from LXC. When I was doing this I thought how quickly flow the time, because:

  • In 2008 I used Gentoo with daemons inside chroot environments.
  • In 2011 I started to use Centos 6 and OpenVZ containers.
  • In 2014 I started to use Centos 7 and LXC containers.
  • In 2016 I started to use Centos 7 and Docker containers.

After migration I was concerned about security of my containers. Before migration I used Nessus for security checking (via SSH), also Nessus has support the "Docker Service Detection" plugin, but unfortunatly I couldn't make it work. I decided to use native tools for Docker images and containers, I found very useful link, which gave me a good start for the products research and in the end I chose clair.