Docker Mastery : avec Kubernetes + Swarm d’un Docker Captain

If you're totally new to Docker, this breaks down the three major features that created an entire container ecosystem.

Before we learn how to install Docker locally, let's just try a few commands in Docker's cloud learning tool: Play With Docker.

Why did Docker need to exist? What are the big problems it solves for devs and ops?

High-level overview of sections and lectures.

Join Bret on YouTube Live every week for getting questions answered about Docker Mastery and all things containers.

Common Questions in This Course

Docker's product line is expanding and this will help you decide which "Edition" is for you, and also go over CE vs. EE, versioning, and Edge vs. Stable.

What you need to get started on Windows 10, Server 2016, and options for older versions.

Walkthrough of getting "Docker for Windows" and tools for this course to work on Windows 10 Pro, Enterprise, and Server 2016

Walkthrough of getting Docker for Mac installed and additional tools for this course. Includes details on bash tab completion and settings tweaks.

Walkthrough of getting "Docker Toolbox" and tools for this course to work on Windows 7, 8, and 10 Home edition

Walkthrough of getting Docker tools working on Linux desktop or server. Also tips on code editor, permissions, cloning the course repo, and more.

Note that Docker Inc. has changed many tool names over the years. Here's some quick info.

Section Overview, and ensuring Docker is working and on a recent version.

Learn how to run a container, and manage its existence.

Starting a container does lots of things in the background, lets talk about those.

See how a container is quite different then a VM, and yet how they have similar concepts.

"Windows Containers" were born in 2016, and allow native .exe support in containers, but are they worth it?

Assignment to startup a typical three container service with nginx, mysql, and apache. Also, getting used to using docs.docker.com.

(optional) I walk through the assignment as how I would do it.

Check what you've learned so far in this section.

Use cli commands to monitor containers and see what's running in them.

Use docker cli to get a full shell inside containers, no SSH needed. Also learn a about Linux distributions in containers like Ubuntu and Alpine.

Learn the concepts around container networking, and how Docker handles it. Inspect a container IP and see diagrams on how traffic gets in and out.

Quick note on a fix you should add to future lessons where I use ping from a nginx container.

Practice the commands for controlling docker networks on your local machine.

Understand how containers find each other using dynamic DNS rather than IP's.

A few questions on previous lecture content to help you retain the knowledge.

Assignment to use container shells to test networking between them.

(optional) I walk through the assignment as how I would do it.

Assignment to test DNS alias naming on multiple containers.

(optional) I walk through the assignment as how I would do it.

Section Overview, and a discussion about what an image is and isn't.

Dig into what Docker Hub provides us. It's the future of package managers.

Docker caches images locally, you'll need to know how it works in order to manage it properly. Let's dig in!

Getting images in and out of an image repository is a fundamental common task, lets try it.

Dockerfiles are the recipes you make to create great containers. Let's start with the essentials of what's in the Dockerfile.

Once you have your Dockerfile, you need to build an image from it. Lets see how that works.

Dockerfiles can add on to existing images. Lets see how we might do that.

A quick set of questions to ensure you're getting the concepts.

Assignment to create your own Dockerfile recipe and test it in containers.

(optional) I walk through the assignment as how I would do it.

Using the prune command to clean up various things in docker.

Understand the lifecycle of a container and how we should separate application artifacts and unique data that we need to preserve across containers.

Learn how to use Docker Volumes to store important data we need  to keep, and let your persistent data outlive the container.

See how to create a link between host and container directories for various purposes, including easy source-file development.

How data exists past and beyond the container

Assignment to deal with databases and persistent data in containers through volumes.

(optional) I walk through the assignment as how I would do it.

Assignment to edit code on host while it's served up in a container.

(optional) I walk through the assignment as how I would do it.

Section Overview and discussing the features and purpose of compose files, a key part of using Docker locally and in production.

Get your feet wet with basic commands and workflow of our new favorite tool in this course!

Assignment to create your own Compose file to run a multi-app service (Drupal and Postgres).

(optional) I walk through the assignment as how I would do it.

Learn to have Compose run your docker builds for you on startup.

Assignment to create your own Compose file to build images with custom options (Drupal and Postgres).

(optional) I walk through the assignment as how I would do it.

Using YAML to control multiple containers and resources.

Learn how Docker has some great built-in features for scaling your containers and operating a cluster.

Let's use your local docker in a 1-node Swarm to learn the basics.

You'll build a 3-host Swarm cluster so we can scale our apps out for high-availability.

Test your retention of key topics on using multiple nodes to help automation, sustainability, and rapid deployment.

Learn how Swarm can seamlessly let containers talk between hosts.

See how Swarm can accept packets on any Swarm node and route to the proper container.

How to better use docker's orchestration tool

Create your own distributed container service, with custom networks and multiple containers dynamically provisioned. 

(optional) I walk through the assignment as how I would do it.

Learn how to use your existing compose files in a production Swarm cluster.

With this lesson you'll learn why you need to protect secrets and how Swarm enables you to do that easily.

Walk through the features of Secrets and how to store private information securely and ensure they get to only the containers that need them.

Learn how to deploy Stacks with Secrets referenced in your compose YAML files.

Modify a compose file to make it production-ready and use secrets to pass config values.

(optional) I walk through the assignment as how I would do it.

Understand how to use "simulated" secrets with the docker-compose CLI.

Learn how a single or multiple compose files can serve both dev and ops on local machines, in your CI automation, and in CD for production deployments.

Learn key features of the service update command and when to use it for updating your containers while the are live.

Discover how built-in healthchecks make your containers even smarter, and how docker handles them.

Digging deeper into Swarm tooling and uses.

Learn more features you get from Docker Hub for free, and what you need to pay for.

Learn what the free Docker Distribution (aka Registry) can do for us and what things should we be concerned with when deploying it.

Learn how to run and use your own image registry on your own servers.

Learn how to secure Docker Registry by enabling HTTPS and basic auth using Play With Docker.

Registry mostly acts the same in a Swarm cluster, but lets use Play-With-Docker to see some slight differences.

Learn some other popular options for storing your images in the cloud and on premise.

I cover topics like OS choice, kernel versions, swarm server topologies, project mistakes, and more.

Learn how the raft protocol works to keep modern orchestrators in sync, and how to recover from failures.

Shifting gears to learn about Kubernetes!

What is this thing and how is it different from Docker and Swarm?

Why would you need to use this orchestrator?

Lots of features and opinions on what orchestrator to choose when.

We're about to get K8s installed and run our first Pods!

How do the K8s pieces fit together on a server and network?

The easiest ways for every OS to install Kubernetes for learning and testing.

Things that can help you use Kubernetes in this course.

Study the abstraction layers that Kubernetes provides around your containers and services.

The different ways to create resources from the CLI.

The simplest way to start a container in a Pod.

Use kubectl to add pods to your Deployments.

Use kubectl to show various details using different commands.

Exposing containers and different service types.

Learn the steps to create a deployment, scale it, expose it, and examine it.

Expanding on the previous video, let's open a service to external incoming connections.

Learn about the CoreDNS plugin to provide service discovery.

Learn about Generators, the YAML automation that some commands provide.

Learn how kubectl run command line is changing, and how you need to watch out.

Learn these key terms and an example of how these two techniques work.

Understand the three different workflows for using kubectl.

Learn your new declarative way to control Kubernetes.

Dive into the YAML objects that you'll need to learn for creating Kubernetes config files.

The four main root objects for every manifest.

How to discover the features and options of each Kubernetes resource.

Learn the cool new ways to validate your YAML with dry-run options and the diff command.

Discover the glue that links resources together: Labels and Label Selectors.

We have multiple storage types in Kubernetes, let's learn about them and when to use them.

Ingress is a popular Kubernetes Controller for managing multiple web endpoints coming into the cluster. Let's learn when it might be useful.

This is one of the newest features in Kubernetes, and it's creating a whole new world of expansion. Let's learn the basics.

There are so many ways to deploy and manage apps on Kubernetes. Let's learn about them.

Learn about the nice web app that Kubernetes provides for GUI management of the cluster.

Once your complexity grows, and you have multiple clusters, you'll need to know Namespaces and Context.

Where is Kubernetes going? I try to give you some tips on what we should expect.

This section is all about my "top 10 security steps" for starting to secure your Docker, Swarm, and Kubernetes setups.

Learn about what Docker does by default to start containers, including locking down the apps with Linux Capabilities, AppArmor, SecComp, SE Linux, and Namespaces.

I list the security benefits of just putting apps in a Docker container vs. the traditional way of running on the host OS.

I describe Docker Bench, a script that scans your host for proper configuration that follows CIS security guidelines.

How to use the USER command in Dockerfiles to prevent your app from running as root in the container.

The why and how of User Namespaces, and optional Docker feature that I recommend.

Docker makes it easier than ever to scan your code and dependencies for CVE vulnerabilities and exposures in your images.

I talk about Rootless Mode, a new feature that lets you run Docker under a normal user account.

I answer a question on how this list relates to Windows Container security.

I answer a question about what Distroless images are, and if I recommend them.

I answer a question on the security of Secrets in Swarm and Kubernetes, and how you might improve on them.

A viewer asks about how their local docker container IP's, if behind NAT, can have issues with outside subnets at their company. I explain some of the ways even NAT won't solve IP routing for containers and how you can change your settings to different private subnets.

A viewer asks how they can prototype their software in Docker with a Raspberry Pi. I explain the various parts of the workflow including ARM 64 vs. x64 CPU architectures, the benefits of QEMU emulation in Docker Desktop, and how to get Docker images from your local machine to the Pi.

In Docker 18.09.1 and Docker Desktop 2.0.0.2 (stable) in January 2019, we now have a new option for running Windows Containers on Windows 10 in "process isolation mode" which removes the need to launch a full Windows Server Hyper-V VM. It's a great new way for running lightweight Windows Containers, but has its own limits and config requirements.

In this clip I answer the question: should you migrate your postgres servers into containers

I answer a question on when you should run multiple apps in a container, and how you can use supervisor to do that

I give a quick answer to the discussion on a single production server. Should you use docker-compose or Docker Swarm?

In this Clip I go through the multiple ways to get your environment variables into a container, and what shouldn't go into your ENV's

Docker Captain Michael Irwin and I discuss Java .war files in containers, and how you should break them up. We answer a question on how to design them for easy isolation and replacement.

I answer a question about using TLS/SSL certificates in local development with Docker for microservices and then how to use those certs in production Docker. I talk about Let's Encrypt, Traefik, and more.

I answer a question about how to build multiple Docker images from a single GitHub repository. I talk about how to change which Dockerfile Docker build will use, and how to control the path (or context) that Docker builds from.

In this episode, I have guests Nirmal Mehta, a Chief Technologist at Booz Allen Hamilton, and Michael Irwin, an Application Architect at Virginia Tech University. We talk about running tech meetups, how to be a community leader, the Docker and ARM announcement (the processor in Raspberry Pi), Docker for Node.js, AWS ARM A1 instances, QEMU, Traefik Proxies, Docker Swarm, Network Time (NTP, SNTP), Let's Encrypt, and more.

In this clip I discuss the differences between the dockerfiles commands of ENTRYPOINT and CMD, and how to use them together for automate container startup tasks

In this clip/episode I answer a question about how to use external volume storage with docker and swarm.

In this clip/episode I answer a question about if it's possible to migrate or containerize, a VM into a container.

A sample Node.js project for learning how best to run Node apps in Docker

This course gets you at least 50% ready for the DCA. I was a early beta tester of the exam, so here's an article on my experience and answering common questions I get from students about it.

Continue your container learning with coupons for my other courses.