Demystifying Container and Orchestration Ecosystem
No. | Title | Learn |
---|---|---|
1 | History of ContainerD | π |
2 | Architecture of ContainerD | π |
3 | Introduction to runc | π |
4 | ContainerD CLI Ctr | π |
5 | Kata Containers | π |
6 | Firecraker - TODO | π |
7 | ContaiNerd + Nerdctl | π |
8 | contaiNERD + runwasi | π |
9 | Wasm + ContainerD + CRUN | π |
git clone https://github.com/kubernetesdaily/dockerworkshop.git
No. | Title | Learn |
---|---|---|
1 | Prerequisites | π |
2 | Hello World in Docker | π |
3 | Docker Image Filters | π |
4 | Images as Tar Files | π |
5 | Pushing to DockerHub | π |
6 | Building a Base Image | π |
7 | Dockerfile ADD | π |
8 | Dockerfile COPY | π |
9 | Dockerfile CMD | π |
10 | Dockerfile Entrypoint | π |
11 | Dockerfile WORKDIR | π |
12 | Dockerfile RUN | π |
13 | Dockerfile ARG | π |
14 | Dockerfile Volume | π |
15 | Dockerfile USER | π |
16 | Dockerfile HEALTHCHECK | π |
17 | Dockerfile ENV | π |
18 | Dockerfile ONBUILD | π |
19 | Multi-Container CLI | π |
20 | Multi-Arch Container | π |
21 | Docker Compose Basics | π |
22 | Docker Compose Volumes | π |
23 | Custom Dockerfile with Compose | π |
24 | PHP, Apache, and DB with Compose | π |
25 | Host Volume Mount | π |
26 | Named Volume Mount | π |
27 | Compose Build Command | π |
28 | Compose Config Command | π |
29 | Compose CP Command | π |
30 | Compose Create Command | π |
31 | Compose Down Command | π |
32 | Compose Events Command | π |
33 | Compose Exec Command | π |
34 | Compose Images Command | π |
35 | Compose Kill Command | [π]( |
36 | Compose Logs Command | [π]( |
37 | Compose ls Command | [π]( |
38 | Compose Pause/Unpause | [π]( |
39 | Compose Port Command | π]( |
40 | Compose ps Command | [π]( |
41 | Compose Pull Command | [π]( |
42 | Compose Push Command | [π]( |
43 | Compose Restart Command | [π]( |
44 | Compose run Command | [π]( |
45 | Compose Watch Command | [π]( |
46 | Local Network Setup | [π]( |
47 | Remote Network Setup | [π]( |
48 | Networking in Compose | [π]( |
49 | Compose Networking with Nginx | [π]( |
50 | Docker Wordpress Example | [π]( |
git clone https://github.com/kubernetesdaily/k8sworkshop.git
No. | Title | Link |
---|---|---|
1 | Includes configuring pre-requisites to install kubeadm | π |
2 | Use Kubeadm to install a basic cluster | π |
3 | Manage a highly-available Kubernetes cluster | π |
4 | Perform a version upgrade on a Kubernetes cluster using Kubeadm | π |
5 | Implement etcd backup and restore | π |
6 | Manage role based access control (RBAC) | π |
No. | Title | Link |
---|---|---|
1 | Basics of Pod | π |
2 | Create POD with Command and Arguments | π |
3 | Multi-Container Pods | π |
4 | Labels & Selectors | π |
5 | Kubernetes Service | π |
6 | Understand deployments and how to perform rolling update and rollbacks | π |
7 | Use ConfigMaps and Secrets to configure applications | π |
8 | Understand the primitives used to create robust, self-healing, application deployments | [π]( |
9 | Understand how resource limits can affect Pod scheduling | |
10 | Awareness of manifest management and common templating tools |
No. | Title |
---|---|
1 | Understand host networking configuration on the cluster nodes |
2 | Understand connectivity between Pods |
3 | Understand ClusterIP, NodePort, LoadBalancer service types and endpoints |
4 | Know how to use Ingress controllers and Ingress resources |
5 | Know how to configure and use CoreDNS |
6 | Choose an appropriate container network interface plugin |
No. | Title |
---|---|
1 | Understand storage classes, persistent volumes |
2 | Understand volume mode, access modes and reclaim policies for volumes |
3 | Understand persistent volume claims primitive |
4 | Know how to configure applications with persistent storage |
No. | Title |
---|---|
1 | Evaluate cluster and node logging |
2 | Understand how to monitor applications |
3 | Manage container stdout & stderr logs |
4 | Troubleshoot application failure |
5 | Troubleshoot cluster component failure |
6 | Troubleshoot networking |
No. | Title |
---|---|
1 | Define, Build, and Modify Container Images |
2 | Understand Jobs and CronJobs |
3 | Understand Multi-Container Pod Design Patterns |
4 | Utilize Persistent and Ephemeral Volumes |
No. | Title |
---|---|
1 | Deployments and Rolling Updates |
2 | Deployments and Rollbacks |
3 | Scale Applications |
4 | Deployment Patterns |
5 | Use the Helm Package Manager to Deploy Existing Packages |
No. | Title |
---|---|
1 | Discover and Use Resources that Extend Kubernetes |
2 | Understanding Authentication, Authorization and Admission Control |
3 | Resource Requests and Limits |
4 | LimitRanges |
5 | Namespace Quotas |
6 | ConfigMaps |
7 | Secrets |
8 | Mounting ConfigMaps/Secrets as Volumes or Environment Variables |
9 | Service Accounts |
10 | SecurityContext |
No. | Title |
---|---|
1 | Services and Other Network Primitives |
2 | Ingress Controllers and Ingress Resources |
3 | Using Network Policies |
No. | Title |
---|---|
1 | Understand API Deprecations |
2 | Liveness Probes and Readiness Probes |
3 | Container Logging |
4 | Monitoring Applications |
5 | Debugging |
No. | Title |
---|---|
1 | Using Network Security Policies to restrict cluster level access |
2 | Use CIS benchmark to review the security configuration of Kubernetes components |
3 | Properly set up Ingress objects with security control |
4 | Protect Node Metadata and endpoint |
5 | Minimize the use of, and access to GUI elements |
6 | Verifying platform binaries before deploying |
No. | Title |
---|---|
1 | Restrict access to Kubernetes API |
2 | Use Role Based Access Controls to minimize exposure |
3 | Exercise caution in using service accounts |
4 | Update Kubernetes frequently |
No. | Title |
---|---|
1 | Minimize Host OS Footprint |
2 | Minimize IAM roles |
3 | Minimize external access to the network |
4 | Appropriately use kernel hardening tools such as AppArmor, seccomp |
No. | Title |
---|---|
1 | Setup appropriate OS-level security domains |
2 | Managing Kubernetes Secrets |
3 | Use Container Runtime Sandboxes in Multi-tenant environments |
4 | Implement pod-to-pod encryption by use of mTLS |
No. | Title |
---|---|
1 | Minimize Base Image Footprint |
2 | Secure Supply Chain: Allowing image registries, sign and validate images |
3 | Use Static Analysis of User Workloads |
4 | Scan Images for Known Vulnerabilities |
No. | Title |
---|---|
1 | Perform behavior analytics of syscall process and file activities at the host and container level to detect malicious activities |
2 | Detect threats within the physical infrastructure, apps, networks, data, users, and workloads |
3 | Detect all phases of attack regardless of where it occurs and how it spreads |
4 | Perform deep analytical investigation and identification of bad actors within an environment |
5 | Ensure immutability of containers at runtime |
6 | Use Audit Logs to monitor access |
git clone https://github.com/kubernetesdaily/helm-workshop.git
No. | Title | Learn |
---|---|---|
1 | Basics of Helm | π |
2 | Deep Dive into Charts | π |
3 | Work with Multiple Values | π |
4 | Create Template file | π |
5 | advance Template with If statement | π |
6 | Else and Else If statement | π |
7 | 50 Helm Template Cheatsheets | π |
Title | Link | Tag | Author |
---|---|---|---|
Okteto | Learn | Development Tools | Sangam Biradar |
cert-manager | Learn | Networking | Sangam Biradar |
flannel | Learn | Networking | Sangam Biradar |
werf | Learn | Continuous Integration & Delivery | Sangam Biradar |
This Is Not
- This is not a replacement for the official documentations.
- This is not an exhaustive guide.
This Is
- This is a collaborative and personal effort.
- This is a project that is expected to evolve and gain from others' inputs.
meaningful contributions welcome π