Hi, I’m new to docker.
A few weeks ago I started using docker and definitely It felt relatively easy to install, setup server softwares than traditional way.
What felt harder than before is security, before using docker I simply ran server processes in one host and just turned on fail2ban to protect them.
Now I’m trying to protect novnc, shell in a box, nginx(http basic auth) containers from brute force password cracking attack.
I decided to use fail2ban to protect containers. I came up with two idea but don’t know what is the most common and secure way and I think there must be better Idea than these ideas:
First: Running single fail2ban server inside host and share log file with containers using -v option -> What if I have multiple containers of same type?
Second: Running fail2ban server inside every container -> I have to build custom images which contain and execute fail2ban server when I want to run a server.
Furthermore, some services use systemd journal instead of simple log file, how should I resolve this problem too?