Docker Enterprise Operations
In this operations-focused course, you’ll dive into all the features of the Docker Enterprise platform and discover how it enables a secure software supply chain from development to production. We’ll talk about managing and improving Kubernetes and Swarm applications through the Universal Control Plane, how to strengthen image security by building pipelines into the Docker Trusted Registry, and how to enhance the security of the Docker Enterprise platform through operational best practices.
COD: CN210
CATEGORIES: Mirantis CNA
DESCRIPTION
COURSE OBJECTIVES
ADDITIONAL INFORMATION
DESCRIPTION
Who should participate
This course is aimed at:
- Those who want to take advantage of all the features of the Universal Control Plane and the Docker Trusted registry to securely manage containerized applications in the cloud or data center
- System operators and administrators
Laboratory requirements
- Laptop with WiFi connectivity
- Participants will need to have the latest version of Chrome or Firefox installed and a free account on strigo.io .
COURSE OBJECTIVES
- Docker Enterprise architecture
- DE usage patterns
- Containerized Components of DE
- Network and system requirements for DE
- Installing UCP and DTR
- High availability of UCP and DTR
- Access control in Docker Enterprise
- UCP , DTR, RBAC
- PKI, client bundles and API authentication
Access control comparison of Swarm and Kubernetes - Deploying Swarm and Kubernetes applications on UCP
- Orchestrator architecture
- Comparison of networks and architecture of Swarm and Kubernetes
- Deploying applications on UCP
- Container networking patterns
- Routing and service discovery for stateful and stateless applications on Swarm and Kubernetes
- Inbound or intra-cluster routing
- Routing L7 con sticky sessions e path based routing in Swarm e Kubernetes
Introduction to the Istio service mesh - Canary and Blue-Green deployment models in UCP
- Cluster-wide logging patterns
- Engine log management
- Registration of UCP audits
- Log aggregation and management
- Enhancing platform security
- Options for enhancing container security at the host level
- Kubernetes admission controllers and pod security policies
- Container network encryption
- Kubernetes network policies
- Content Trust in DTR
- Man-in-the-middle mitigation according to the Update Framework
- Content trust keys setting
- Sign images with content trust
- Security Scanning in DTR
- Security scanning setup
- Interpreting and filtering scanner reuslts
- Building image pipelines with webhooks and image promotion
- Continuous integration pipeline tools
- Enabling webhooks
- Automatic and manual promotion of images through pipeline stages
- DTR Image Management
- Tag pruning e garbage collection
- DTR scaling for development and production clusters
- DTR content caching
ADDITIONAL INFORMATION
Duration – 3 days
Delivery – in Classroom, On Site, Remote
PC and SW requirements:
- Internet connection
- Web browser, Google Chrome
- Zoom
Language
Instructor: English
Workshops: English
Slides: English
