Docker for Enterprise Operations Course Outline
Special Note to New Hampshire ResidentsThis course has not yet been approved by the New Hampshire Department of Education. Please contact us for an update on when the class will be available in New Hampshire.
Overview
Docker Enterprise Edition (Docker EE) is designed for enterprise development and IT teams who build, ship, and run business-critical applications in production and at scale. Docker EE is integrated, certified, and supported to provide enterprises with the most secure container platform in the industry. For more info about Docker EE, including purchasing options, see Docker Enterprise Edition. The latest version of Docker EE is 17.06.
What You Will Learn
This reference architecture describes a standard, production-grade, Docker EE deployment. It also details the components of Docker EE, how they work, how to automate deployments, how to manage users and teams, how to provide high availability for the platform, and how to manage the infrastructure.
Some environment-specific configuration details are not be provided. For instance, load balancers vary greatly between cloud platforms and on-premises infrastructure platform. For these types of components, general guidelines to environment-specific resources are provided.
Prerequisite
Students should attend ONLC's Docker Fundamentals class or have equivalent skills.
Course Outline
Getting Started
Installation
Production Cycle
What is Docker EE Architecture?
How to install Docker EE on Windows Server 2016?
Test the installation
Procedure to install UCP and DTR
Swarm and add nodes
Install UCP
Install UCP
Upload the license
Verify the CA
Swarm
Swarm components
Clustering front
Orchestration front
What is the best number of managers?
Best practices
Install DTR
Verify logging from CLI from both nodes
Verify DTR installation from UCP Web UI
Security
Docker Swarm Mode
Docker Content Trust (DCT)
Docker Security Scanning
Docker Secrets
TLS and mutual authentication
Configuring some CA settings
The cluster store
Enterprise-grade features
Role-based access control (RBAC)
Create users and teams
Create a custom role
Create a collection
Create a grant
RBAC for nodes
Docker Content Trust (DCT)
Configuring Docker Trusted Registry (DTR)
General tab
Storage tab
Security tab
Garbage Collection tab
Using Docker Trusted Registry
Organizations and teams
Push an image to the DTR repo
Verify the push
Webhook
Scanning Webhooks
Image promotions
Immutable
Pruning
Prune unused Docker objects
Secrets
High-level workflow
Docker secret commands
Example of Managing secrets
Monitor the status of UCP
Web UI
CLI
Application Health and Readiness Checks
HEALTHCHECK instruction in Dockerfile
Backup & Recovery
Backup Swarm
Backup UCP
Restore Swarm then UCP
Backup DTR and recover it
View outline in Word
XDOCEO