Book Image

Docker Certified Associate (DCA): Exam Guide

By : Francisco Javier Ramírez Urea

Book Image

Docker Certified Associate (DCA): Exam Guide

By: Francisco Javier Ramírez Urea

Overview of this book

Developers have changed their deployment artifacts from application binaries to container images, and they now need to build container-based applications as containers are part of their new development workflow. This Docker book is designed to help you learn about the management and administrative tasks of the Containers as a Service (CaaS) platform. The book starts by getting you up and running with the key concepts of containers and microservices. You'll then cover different orchestration strategies and environments, along with exploring the Docker Enterprise platform. As you advance, the book will show you how to deploy secure, production-ready, container-based applications in Docker Enterprise environments. Later, you'll delve into each Docker Enterprise component and learn all about CaaS management. Throughout the book, you'll encounter important exam-specific topics, along with sample questions and detailed answers that will help you prepare effectively for the exam. By the end of this Docker containers book, you'll have learned how to efficiently deploy and manage container-based environments in production, and you will have the skills and knowledge you need to pass the DCA exam.

Preface

Who this book is for

What this book covers

To get the most out of this book

Section 1 - Key Container Concepts

Section 1 - Key Container Concepts

Free Chapter

Modern Infrastructures and Applications with Docker

Modern Infrastructures and Applications with Docker

Technical requirements

Understanding the evolution of applications

Infrastructures

Microservices and processes

What are containers?

Learning about the main concepts of containers

Docker components

Building, shipping, and running workflows

Windows containers

Customizing Docker

Docker security

Further reading

Building Docker Images

Building Docker Images

Technical requirements

Building Docker images

Understanding copy-on-write filesystems

Building images with a Dockerfile reference

Image tagging and meta-information

Docker registries and repositories

Securing images

Managing images and other related objects

Multistage building and image caches

Templating images

Image releases and updates

Further reading

Running Docker Containers

Running Docker Containers

Technical requirements

Reviewing the Docker command line in depth

Learning about Docker objects

Running containers

Interacting with containers

Limiting host resources

Converting containers into images

Formatting and filtering information

Managing devices

Further reading

Container Persistency and Networking

Container Persistency and Networking

Technical requirements

Understanding stateless and stateful containers

Learning about different persistence strategies

Networking in containers

Learning about container interactions

Publishing applications

Further reading

Deploying Multi-Container Applications

Deploying Multi-Container Applications

Technical requirements

Installing and using Docker Compose

Understanding the docker-compose.yaml file

Using the Docker Compose command-line interface

Customizing images with docker-compose

Automating your desktop and CI/CD with Docker Compose

Further reading

Introduction to Docker Content Trust

Introduction to Docker Content Trust

Technical requirements

The Update Framework

Reviewing signatures

Creating and running applications in trusted environments

Further reading

Section 2 - Container Orchestration

Section 2 - Container Orchestration

Introduction to Orchestration

Introduction to Orchestration

Introducing orchestration concepts

Learning about container orchestration

Scheduling applications cluster-wide

Managing data and persistency

Scaling and updating application components

Further reading

Orchestration Using Docker Swarm

Orchestration Using Docker Swarm

Technical requirements

Deploying Docker Swarm

Creating a Docker Swarm cluster

Scheduling workloads in the cluster – tasks and services

Deploying applications using Stacks and other Docker Swarm resources

Networking in Docker Swarm

Further reading

Orchestration Using Kubernetes

Orchestration Using Kubernetes

Technical requirements

Deploying Kubernetes using Docker Engine

Deploying a Kubernetes cluster with high availability

Pods, services, and other Kubernetes resources

Deploying orchestrated resources

Kubernetes networking

Publishing applications

Kubernetes security components and features

Comparing Docker Swarm and Kubernetes side by side

Further reading

Section 3 - Docker Enterprise

Section 3 - Docker Enterprise

Introduction to the Docker Enterprise Platform

Introduction to the Docker Enterprise Platform

Reviewing the Docker editions

Understanding CaaS

The Docker Enterprise platform

Planning your Docker Enterprise deployment

Further reading

Universal Control Plane

Universal Control Plane

Technical requirements

Understanding UCP components and features

Deploying UCP with high availability

Reviewing the Docker UCP environment

Role-based access control and isolation

UCP's Kubernetes integration

UCP administration and security

Backup strategies

Upgrades, monitoring, and troubleshooting

Further reading

Publishing Applications in Docker Enterprise

Publishing Applications in Docker Enterprise

Technical requirements

Understanding publishing concepts and components

Understanding an application's logic

Publishing applications in Kubernetes using ingress controllers

Using Interlock to publish applications deployed in Docker Swarm

Reviewing Interlock usage

Further reading

Implementing an Enterprise-Grade Registry with DTR

Implementing an Enterprise-Grade Registry with DTR

Technical requirements

Understanding DTR components and features

Deploying DTR with high availability

Learning about RBAC

Image scanning and security features

Integrating and automating image workflow

Backup strategies

Updates, health checks, and troubleshooting

Further reading

Section 4 - Preparing for the Docker Certified Associate Exam

Section 4 - Preparing for the Docker Certified Associate Exam

Summarizing Important Concepts

Summarizing Important Concepts

Reviewing orchestration concepts

A brief summary of Docker image concepts

A summary of the Docker architecture, installation, and configuration topics

A summary of the networking topics

Understanding security concepts and related Docker features

Quickly summarizing Docker storage and volumes

Mock Exam Questions and Final Notes

Mock Exam Questions and Final Notes

Docker Certified Associate exam details

Mock exam questions

Assessments

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Securing images

As seen in the previous chapter, Docker containers are secure by default, but this is because they run inside namespaces and cgroups isolation. Images are different objects and their security is related to their content. With this idea, it is easy to understand that having less content will be more secure. So, the main rules for securing images are as follows:

Images should only contain mandatory binaries, libraries, and configurations to run our containerized process. Don't add any non-required applications or debug tools to production images. Less attack surface is better, and having many binaries increases this surface.
Always declare resources on your images. In this case, we use the term resources to describe users, exposed ports, and volumes. Always describe what is needed to run your image and avoid root usage inside a container.
Update image content packages if there is some security bug fix, rebuild all derived images, and redeploy the containers. In fact...