WA3238
Advanced Docker Training
This advanced Docker course teaches attendees to orchestrate multi-container deployments, fortify their container security, and streamline image size for optimized workflows. They will gain a strong foundation in container orchestration tools like Docker Swarm and Kubernetes.
Docker makes setting up development environments and deploying applications easier than ever. However, many of its best features are under-utilized or misunderstood. Features such as multi-stage Dockerfiles, persistent storage volumes, and multi-container application capabilities are mistakenly passed over when the goal is to - “just get something running!” This Docker course addresses these issues and more.
Course Details
Duration
1 day
Prerequisites
- Taken WA3003 or GL340 or have equivalent experience
- Understanding of Docker basics
- Familiarity with working at a terminal or command prompt
Target Audience
- Software Developers
- DevOps Personnel
- Platform Engineers
Skills Gained
- Explore the use of multi-stage Dockerfiles
- Deploy Multi-Container Applications with Docker Compose
- Get to know Docker bind, volume and tmpfs storage
- See when and how to inspect mounted volumes
- Introduce Docker Swarm & Kubernetes
- Recognize container orchestration operations
- See how containers are scheduled across available resources
- Learn when and how failed containers are replaced
- Understand Docker image security
- Discuss Docker daemon security
- Look at general hardening techniques for Docker
- Scan images for security vulnerabilities
- Learn how to reduce runtime image size
- Docker best practices
Course Outline
- Multi-Stage Docker Files
- Review: A Single Stage “docker build” command
- Docker Image - Size & Security
- Using a Multi-Stage Docker Build
- The Basic FROM Command
- Image References
- The COPY Command
- Multi-Stage Dockerfile Example
- Example using Ordinal Reference
- Multi-Stage Dockerfile for Build and Run
- Docker Compose
- What is Docker Compose?
- Multi-Container Applications
- Compose Availability
- Features of Compose
- Common Use-Cases
- Directory Structure for a Compose Project
- compose.yml file
- Compose Command Types
- Start, Stop & Build Commands
- Service Runtime & Status Commands
- Miscellaneous Commands
- Getting Help on Compose Commands
- Docker Storage
- Docker Storage
- Bind Mounts
- Use-Cases for Bind Mounts
- Volumes
- Use-Cases for Volumes
- Bind Mount "-v | --volume" Syntax
- Bind Mount "--mount" Syntax
- Bind Mount Examples
- Volume Mount "--mount" Syntax
- Volume Mount "-v | --volume" Syntax
- Volume Mount Examples
- Working with Volumes
- Inspecting a Mounted Volume
- Storing Data In-Memory - tmpfs mounts
- tmpfs Mount Examples
- Orchestration
- Containerized Applications
- Container Orchestration: Features
- Scaling of Applications
- Networking of Applications
- Securing Applications
- Rolling out of Application Updates
- Scheduling of Containers across Available Resources
- Replacement of Failed Containers.
- Container Orchestration Systems
- Docker Swarm
- Docker Swarm Terminology
- Swarm Workflow
- Kubernetes
- Kubernetes Terminology
- Kubernetes Workflow
- Docker Security
- Docker Security
- Securing the Docker Daemon
- Keep Docker Images up to date
- General Hardening Techniques for Docker
- Docker Image Security
- Managing Sensitive Information/Files
- Scan Images for Security Vulnerabilities
- Use Trusted Images
- Docker Container Security
- Don't Run as Root
- Install Only What's Needed
- Manage Resource Use
- OS Security Packages - AppArmour
- OS Security Packages - Seccomp
- Docker Best Practices
- Docker Image Building Best Practices
- Use Custom Base Images
- Use Multi-Stage Builds to Reduce Runtime Image Size
- Multi-Stage Dockerfile Images: React App
- Multi-Stage Dockerfile Images: Spring Boot App
- Scan Built Images for Security Vulnerabilities
- Development Best Practices for Docker
- Use Docker Desktop for Development
- Keep Images Small
- Persisting Source Code Outside the Container
- Build Images along with Source Code
- Lab Exercises
- Lab 1 - Multi-stage Docker Files
- Lab 2 - Docker Compose
- Lab 3 - Docker Best Practices