Docker for Enterprise Operations Course Outline
Special Note to New Hampshire Residents
This course has not yet been approved by the State's Department of Education. Please contact us to get an update as to when the class should be available in New Hampshire.
Docker Enterprise Edition (Docker EE) is designed for enterprise development and IT teams who build, ship, and run business-critical applications in production and at scale. Docker EE is integrated, certified, and supported to provide enterprises with the most secure container platform in the industry. For more info about Docker EE, including purchasing options, see Docker Enterprise Edition.
The latest version of Docker EE is 17.06.
What You Will Learn
This reference architecture describes a standard, production-grade, Docker EE deployment. It also details the components of Docker EE, how they work, how to automate deployments, how to manage users and teams, how to provide high availability for the platform, and how to manage the infrastructure.
Some environment-specific configuration details are not be provided. For instance, load balancers vary greatly between cloud platforms and on-premises infrastructure platform. For these types of components, general guidelines to environment-specific resources are provided.
Students should attend ONLC's Docker Fundamentals class or have equivalent skills.
• Universal Control Plane overview
Docker Universal Control Plane (UCP) is the enterprise-grade cluster management solution from Docker. You install it on-premises or in your virtual private cloud, and it helps you manage your Docker swarm and applications through a single interface.
• UCP architecture
Universal Control Plane is a containerized application that runs on Docker Enterprise Edition and extends its functionality to make it easier to deploy, configure, and monitor your applications at scale.
UCP also secures Docker with role-based access control so that only authorized users can make changes and deploy applications to your Docker cluster.
• Introduction to Docker Datacenter
With Docker Datacenter, organizations are empowered to deploy a Containers as a Services (CaaS) on-premises or in your virtual private cloud. A CaaS provides an IT managed and secured application environment of content and infrastructure where developers can build and deploy applications in a self service manner.
• Docker Engine Swarm mode
To provide a seamless cluster based on a number of nodes, DDC relies on Docker swarm mode capability. Swarm mode divides nodes between workers, nodes running application workloads defined as services, and managers, nodes in charge of maintaining desired state, managing the cluster's internal PKI, and providing an API. Managers can also run workloads. In a Docker EE environment they run UCP controllers and shouldn't run anything else.
The Swarm mode service model provides a declarative desired state for workloads, scalable to a number of tasks (the service's containers), accessible through a stable resolvable name, and optionally exposing an end-point. Exposed services are accessible from any node on a cluster-wide reserved port, reaching tasks through the routing mesh, a fast routing layer using high-performance switching in the Linux kernel. This set of features enable internal and external discoverability for services, UCP's HTTP Routing Mesh (HRM) adding hostname-to-service mapping.
• Deploying services in UCP
Deploy and monitor your services from the UCP web UI. Will deploy an NGINX web server.
• UCP Networking and load balancing
• Deploying applications across multiple nodes
• Backwards compatibility with classic Swarm
• UCP User Management
• UCP role based access control
• Basic troubleshooting
• Installing Docker Trusted Registry
Docker Trusted Registry
The DTR is an application managed by, and integrated with UCP, that provides Docker images distribution and security services. The DTR uses UCP's identity services to provide Single Sign-On (SSO), and establish a mutual trust to integrate with its PKI. It runs as a set of services on one or several replicas: the registry to store and distribute images, an image signing service, a Web UI, an API, and data stores for image metadata and DTR state.
• DTR Overview
• Creating public and private DTR repositories
• DTR access control
• Content Trust and Imaging Signing with Notary
• Designing a DDC Deployment
• Closing notes, further information and discussion
View outline in Word