Book Image

Docker Certified Associate (DCA): Exam Guide

By : Francisco Javier Ramírez Urea
Book Image

Docker Certified Associate (DCA): Exam Guide

By: Francisco Javier Ramírez Urea

Overview of this book

Developers have changed their deployment artifacts from application binaries to container images, and they now need to build container-based applications as containers are part of their new development workflow. This Docker book is designed to help you learn about the management and administrative tasks of the Containers as a Service (CaaS) platform. The book starts by getting you up and running with the key concepts of containers and microservices. You'll then cover different orchestration strategies and environments, along with exploring the Docker Enterprise platform. As you advance, the book will show you how to deploy secure, production-ready, container-based applications in Docker Enterprise environments. Later, you'll delve into each Docker Enterprise component and learn all about CaaS management. Throughout the book, you'll encounter important exam-specific topics, along with sample questions and detailed answers that will help you prepare effectively for the exam. By the end of this Docker containers book, you'll have learned how to efficiently deploy and manage container-based environments in production, and you will have the skills and knowledge you need to pass the DCA exam.
Table of Contents (22 chapters)
1
Section 1 - Key Container Concepts
8
Section 2 - Container Orchestration
12
Section 3 - Docker Enterprise
17
Section 4 - Preparing for the Docker Certified Associate Exam

Kubernetes security components and features

Kubernetes provides mechanisms to authenticate and authorize access to its API. This allows us to apply different levels of privileges for users or roles within a cluster. This prevents unauthorized access to some core resources, such as scheduling or nodes in the cluster.

Once users are allowed to use cluster resources, we use namespaces to isolate their own resources from other users. This works even in multi-tenant environments where a higher level of security is required.

Kubernetes works with the very elaborate Role-Based Access Control (RBAC) environment, which provides a great level of granularity to allow specific actions on some resources while other actions are denied.

We manage the Role and ClusterRole resources to describe permissions for different resources. We use Role to define permissions within namespaces and ClusterRole for permissions on cluster-wide resources. Rules are supplied using some defined verbs, such as list, get...