________________________________________________________________
Do you want to take this course remotely or in person?
Contact us by email: info@nanforiberica.com , phone: +34 91 031 66 78, WhatsApp: +34 685 60 05 91 , or contact Our Offices
________________________________________________________________
Hardening in Docker containers and Microservices-based Architectures
Course Description
The course is designed for those professionals who work with microservices, docker and kubernetes technologies and want to consolidate this knowledge in a practical way. You will learn how to properly "dockerize" applications to make them robust and stable. Little by little, the entire process is covered from the implementation of Docker orchestration, through the creation of a Dockerized microservice, to the stable deployment. And all this respecting the best practices for creating and executing this type of applications. Using practical examples, we will test all the advanced techniques that Docker and its ecosystem offer. Thanks to the extensive practical experience of the speakers, we will also focus on the most common problems and the most frequent errors of Docker users.
Who is this course for?
- System administrators
- Application developers
- IT professionals
- Anyone who works with Docker and/or Kubernetes
- Person in the IT field with interest in deepening Docker technology
Previous requirements
- Knowledge of the Linux operating system (command line work, knowledge of basic shell tools)
- Basic knowledge of Docker (knowledge of basic Docker nomenclature and operations - launching the container, etc.)
- Prior attendance at our Docker Fundamentals course is highly recommended.
Course objectives
Course participants will learn:
- DevSecOps Profile
- Create different Docker networks
- Docker orchestration and microservices
- Docker Swarm deployment
- Docker Compose deployment
- Docker Bench Security Deployment
- The TUF Upgrade Framework
- Docker Content Trust
- Security in Docker: tools and good practices
Optional tool
- Your own virtual server to carry out the practices via ssh.
Course content
1. DevSecOPs
- What is DevSecOps
- From DevOps to DevSecOps
- DevSecOps implementations
- DevSecOps Plan, Pillars, Governance
- DevSecOps Success Criteria
- DevSecOps Profile
- DevSecOps tasks, tools, processes and culture
2. Container Orchestration What is orchestration?
- Docker Swarm
- Docker Swarm components
- Docker Swarm Commands
- Docker Compose
- Installing Docker Compose
- Docker Compose vs Docker Swarm
- Docker Compose file structure
- Basic Docker Compose Commands
3. Docker Security
- Docker Bench Security Audits
- Docker security tools
- The update framework
- Docker Notary
- Docker Content Trust
- Type of attacks
- Pentesting - Stages, types, technical report
- Docker Pentesting
- Docker image scanning
- Docker scanning tools: Snyk, Trivy
- Docker Owast Container top 10
- Docker security rules
4. Kubernetes
- What is Kubernetes? and Why use Kubernetes?
- Kubernetes Components - Pod, Service, ingress, ConfigMap, Volume, Deployment, StatefulSet
- Cluster Management - Manager Node, Worker Nodes, Global Services, Worker Services, Tasks, Input Load Balancing Kubernetes High Availability
- Kubernetes namespaces
- Kubernetes Networks
- Kubernetes RBAC Management
- Kubernetes - Access Policy
- Kubernetes network policies
- Kubernetes Analysis Tools
- Azure Kubernetes Services
Guided practical exercises
- DockerVolume
- Docker Swarm
- Docker Compose
- Docker best practices
- Docker Bench Security
- Docker Content Trust
- Docker Pentesting
- Docker and Kubernetes
- AKS implementation
Duration: 135 hours
Contains videos