Docker with Kubernetes Administration
Overview
This course combines the Docker and Kubernetes Administration courses.
Participants will first understand the core features of Docker including: container creation and management, interacting with Docker hub, using Dockerfile to create and manage custom images, advanced Docker networking (how to safely expose container services to the world, and link containers), the use of Docker volumes to manage persistent data, and Docker Compose to build multi-container applications. Emphasis is placed on best practices and how to secure Docker installations and containers.
The second part of the course introduces participants to the basic concepts and architecture of Kubernetes, its initial install & setup, Kubernetes Pods, deployments and services, persistent storage, networking, automating deployment, scaling & management of containerized applications, the Kubernetes Helm Package Manager and finally it's logging and monitoring facilities.
This course doesn’t only prepare delegates for the daily administration of Docker & Kubernetes systems but also for the official Certified Kubernetes Administrator (CKA) exam of the Cloud Native Computing Foundation (CNCF).
Audience
System administrators and Devops professionals who want to understand and use Docker and Kubernetes in enterprise and cloud environments.
Structure
50% theory 50% hands on lab exercises
Prerequisites
Proficiency with the Linux CLI
A broad understanding of Linux system administration
Course duration
5 days
Supported Distributions:
Red Hat Enterprise Linux 7
Course outline
- Container Technology Overview
- Application Management Landscape
- Application Isolation
- Resource Measurement and Control
- Container Security
- Container Security
- Open Container Initiative
- Docker Ecosystem
Lab Tasks
- Container Concepts runC
- Container Concepts Systemd
- Installing Docker
- Installing Docker
- Docker Architecture
- Starting the Docker Daemon
- Docker Daemon Configuration
- Docker Control Socket
- Enabling TLS for Docker
- Validating Docker Install
Lab Tasks
- Installing Docker
- Install Docker via Docker Machine
- Protecting Docker with TLS
- Managing Containers
- Creating a New Container
- Listing Containers
- Viewing Container Operational Details
- Running Commands in an Existing Container
- Interacting with a Running Container
- Stopping, Starting, and Removing Containers
- Copying files in/out of Containers
- Inspecting and Updating Containers
Lab Tasks
- Managing Containers
- Configure a docker container to start at boot.
- Managing Images
- Docker Images
- Listing and Removing Images
- Searching for Images
- Downloading Images
- Committing Changes
- Uploading Images
- Export/Import Images
- Save/Load Images
Lab Tasks
- Docker Images
- Docker Platform Images
- Creating Images with Dockerfile
- Dockerfile
- Caching
- docker image build
- Dockerfile Instructions
- ENV and WORKDIR
- Running Commands
- Getting Files into the Image
- Defining Container Executable
- Best Practices
Lab Tasks
- Dockerfile Fundamentals
- Docker Volumes
- Volume Concepts
- Creating and Using Internal Volumes
- Managing Volumes
- Changing Data in Volumes
- Removing Volumes
- Backing up Volumes
- SELinux Considerations
- Mapping Devices
Lab Tasks
- Docker Volumes
- Docker Compose/Swarm
- Concepts
- Compose CLI
- Defining a Service Set
- Docker Swarm Proxy (Legacy)
- Docker Engine Swarm Mode (Modern)
- Creating a Swarm
- Creating Services
Lab Tasks
- Docker Compose
- Docker Swarm Proxy
- Docker Engine Swarm Mode
- Docker Networking
- Overview
- Data-Link Layer Details
- Network Layer Details
- Hostnames and DNS
- Service Reachability
- Container to Container Communication
- Container to Container: Links
- Container to Container: Private Network
- Managing Private Networks
- Remote Host to Container
- Multi-host Networks with Overlay Driver
Lab Tasks
- Docker Networking
- Exposing Ports
- Docker Links
- Docker Networking
- Multi-host Networks
- Docker Registry
- Docker Registry
- Docker Registry (secured)
- Docker Content Trust
- Kubernetes Intro and Concepts
- Cloud Computing in General
- Cloud Types
- Cloud Native Computing
- Application Containers
- Containers on Linux
- Container Runtime
- Container Orchestration
- Kubernetes
- Concepts, Objects Categories, and Architecture
- Kubernetes Master
- Kubernetes Note
Lab Tasks
- Health Check
- Understanding Linux Namespaces
- Basic Docker Functionalities
- Installing Kubernetes
- Picking the Right Solution
- One Node Kubernetes Install
- Kubernetes Universal Installer
- Install Using kubeadm
- Kubernetes Networking
Lab Tasks
- Check Kubernetes Status
- Run the First Pod
- Accessing Kubernetes
- Accessing the Kubernetes Cluster
- Controlling Access to the API
- Authorization
- Role Based Access Control
- Roles and ClusterRoles
- Role Bindings
Lab Tasks
- Browse the Kubernetes API
- Use RBAC to Control Access to the API
- Kubernetes Workloads
- The Pod
- RestartPolicy Examples
- InitContainers
- Operations on Pods
- Replication Controller
- Working with Replication Controller
- Deployments
- Working with Deployments
- Jobs, CronJobs
- Jobs Example
- CronJobs Example
- DaemonSets
Lab Tasks
- Pods Operations
- Replication Controller Operations
- Working with Deployments
- Using Jobs
- Using DaemonSets
- Scheduling and Node Management
- The Kubernetes Scheduler
- Assigning Pods to Nodes
- Assigning Pods to Nodes – Node Affinities
- Assigning Pods to Nodes – Pod Affinities
- Taints and Tolerations
- Managing Nodes
Lab Tasks
- Scheduling Pods to Nodes
- Using Affinities
- Accessing the Applications
- Services
- Service Types
- Working with Services
- Ingress
- Ingress Definition
- Working with Ingress
- Network Policies
- Network Policy Example
Lab Tasks
- Working with Services
- Working with Ingress
- Persistent Storage in Kubernetes
- Volumes
- Volume Example
- Volume Types
- Persistent Volumes
- Persistent Volume Example
- Secrets
- Using Secrets as Environmental Variables
- Using Secrets as Volumes
- ConfigMaps
Lab Tasks
- Share a Volume in Two Containers
- Set the Root Password for a Mysql Pod Using Secrets
- Use ConfigMap to Pass a File to a Pod
- Logging, Monitoring, and Troubleshooting
- Logging Architecture
- Monitoring
- Troubleshooting
Lab Tasks
- Investigate the Logging in Kubernetes
- Monitoring Kubernetes
- Upgrading Kubernetes