Duration
3 days
Audience:
Employees of federal, state and local governments; and businesses working with the government.
Course Description
Linux containers are changing the way companies think about service development and deployment. Containers play a vital role in the modern data-center, and Docker is leading the way. This course covers all the core features of Docker including: container creation and management, interacting with Docker hub, using Dockerfile to create and manage custom images, advanced Docker networking (how to safely expose container services to the world, and link containers), the use of Docker volumes to manage persistent data, and Docker Compose to build multi-container applications. Emphasis is placed on best practices and how to secure Docker installations and containers. The course culminates with comprehensive labs where students use Docker, Git, and a continuous integration server to automate the testing of containerized applications.
Many large companies are moving an increasing number of applications to run inside containers. Containers can provide a high level of security while also making maximal use of hardware allowing higher density than traditional VMs. Docker is a dominant force in Linux containers and the core building block for nearly all higher level container management systems. This training will get sysadmins proficient with Docker so that they can immediately be productive as organizations continue to move applications onto containers.
Prerequisites
Proficiency with the Linux CLI. A broad understanding of Linux system administration.
Supported Distributions
Red Hat Enterprise Linux 7
Ubuntu 16.04 LTS
Course Outline
- CONTAINER TECHNOLOGY OVERVIEW
- Application Management Landscape
- Application Isolation
- Resource Measurement and Control
- Container Security
- OverlayFS Overview
- Container Security
- Open Container Initiative
- Docker Alternatives
- Docker Ecosystem
- Docker Ecosystem (cont.)
LAB TASKS
- Container Concepts runC
- Container Concepts Systemd
- INSTALLING DOCKER
- Installing Docker
- Docker Architecture
- Starting the Docker Daemon
- Docker Daemon Configuration
- Docker Control Socket
- Enabling TLS for Docker
- Validating Docker Install
LAB TASKS
- Installing Docker
- Protecting Docker with TLS
- MANAGING CONTAINERS
- Creating a New Container
- Listing Containers
- Managing Container Resources
- Running Commands in an Existing Container
- Interacting with a Running Container
- Stopping, Starting, and Removing Containers
- Copying files in/out of Containers
- Inspecting and Updating Containers
- Docker Output Filtering & Formatting
LAB TASKS
- Managing Containers
- Configure a docker container to start at boot.
- MANAGING IMAGES
- Docker Images
- Listing and Removing Images
- Searching for Images
- Downloading Images
- Uploading Images
- Export/Import Images
- Save/Load Images
- Committing Changes
LAB TASKS
- Docker Images
- Docker Platform Images
- CREATING IMAGES WITH DOCKERFILE
- Dockerfile
- Caching
- docker image build
- Dockerfile Instructions
- ENV and WORKDIR
- Running Commands
- Getting Files into the Image
- Defining Container Executable
- HEALTHCHECK
- Best Practices
- Multi-Stage builds with Dockerfile
LAB TASKS
- Dockerfile Fundamentals
- Optimizing Image Build Size
- Image Builds and Caching
- DOCKER VOLUMES
- Volume Concepts
- The docker volume Command
- Creating and Using Internal Volumes
- Internal Volume Drivers
- Removing Volumes
- Creating and Using External Volumes
- SELinux Considerations
- Mapping Devices
LAB TASKS
- Docker Internal Volumes
- Docker External Volumes
- DOCKER COMPOSE/SWARM
- Writing YAML Files
- Concepts
- Compose CLI
- Defining a Service Set
- Compose Versions
- Docker Engine Swarm Mode
- Docker Swarm Terms
- Docker Swarm Command Overview
- Creating a Swarm
- Creating Services
- Creating Secrets
- Stack Files
- Stack Command
- Swarm Placements
- Swarm Resource Limits & Reservations
- Swarm Networking
- Swarm Networking Troubleshooting
LAB TASKS
- Docker Compose
- Docker Engine Swarm Mode
- DOCKER NETWORKING
- Overview
- Data-Link Layer Details
- Network Layer Details
- Hostnames and DNS
- Service Reachability
- Container to Container Communication
- Container to Container: Links (deprecated)
- Container to Container: Private Network
- Managing Private Networks
- Remote Host to Container
LAB TASKS
- Docker Networking
- Exposing Ports
- Docker Networking
- DOCKER LOGGING
- Docker Logging
- Docker Logging with json-file and journald
- Docker Logging with syslog
- Docker Logging with Graylog or Logstash
- Docker Logging with Fluentd
- Docker Logging with Amazon or Google
- Docker Logging with Splunk
LAB TASKS
- Logging to syslog
- DOCKER REGISTRY LAB TASKS
- Docker Registry
- Docker Registry (secured)
- Docker Content Trust