- Docker Certification site w/Study Guide
- Docker Certified Associate Exam Prep Guide - w/links from exam bullets
- Sample test questions
- Practice tests on Udemy
Exercises
- Interactive Scenarios - Kubernetes, Docker, etc - Katakoda
- Deploy sample app to Swarm
- Docker Swarm Workshop, J. Petazzo
- Linux Container from Scratch, Joshua Hoffman
Sandboxes:
-
Exercises:
- Configure Docker daemon to start on boot
- Which storage driver should be used on what OS? Per node decision. Overlay2 becoming favored.
- Configure devicemapper for production
-
Images
Exercises
- Display layers and create new for writes
- Tag with multiple and push image to registry
- Invalidate image cache and optimize for writing files
- Search Docker Hub with
docker search <name>
-
Containers
-
Exercises
- create multi-stage build dockerfile
-
Deploying Apps with Docker Compose
-
Exercises
- Setup a swarm, create 2nd node and join it, run container as service
- Run app as stack
- Scale
- Update app
- Run replicated and global service
- Apply node labels to manage placement of tasks
- Raft consensus to manage cluster state, to keep master replicas have same state - allows (N-1)/2 failures, and requires quorum of (N/2)+1
-
Docker overlay networking
Exercises
-
create overlay network on 2+ node swarm, attach a service to it
docker network create -d overlay my-swarm-overlaydocker service create --name test --network my-swarm-overlay --replicas=2 ubuntu sleep infinity
-
-
Volumes and persistent data
-
Deploying apps with Docker Stacks
-
Security in Docker
Docker works with its own and latest OS tech for security.
- Docker tech: secrets management, docker content trust, security scanning
- OS (linux) tech: seccomp, mandatory access control, capabilities, control groups, kernel namespaces
- Docker utilizes these namespaces: pid, net, mnt, ipc, user, uts
- All new containers get a sensible default seecomp profile
- Rotate swarm join token,
docker swarm join-token --rotate manager
-
Tools for the enterprise
- Installing and backing up/restoring Swarm, UCP, DTR
- Disaster Recovery for UCP & DTR
-
Enterprise-grade features
- UCP RBAC, Docker Content Trust (DTC), HTTP routing mesh