Docker/Podman

Container Engine Technologies

Available Container Engine training courses cover the principle container engine technologies from “Docker, Inc” and from “RedHat”.

Other Container engines exist but do not have the ease of use and OCI-* compatibility of these technologies

*- OCI : Open Container Interface, a CNCF standard

  • Container Engine Technologies
    • Docker Introduction, 2 days
    • Podman/CRI-O Introduction, 2 days

Docker

Container technologies existed before Docker, but in March 2013 when DotCloud Inc. demonstrated Docker they launched a Container revolution by making containers and thus IT applications easier to develop and deploy – easier than ever seen.

Docker was such a success that DotCloud – a hosting company – abandoned their hosting business and renamed the company as “Docker Inc.” to pursue the powerful technology they’d created.

How did Docker transform containers ?

Docker provided the ability to easily run container – but not just that. Docker pursued their “Build, Ship and Run” motto to empower developers to build container images on the basis of existing images and to reuse container images shared on the public Docker hub.

Introduction to Docker Training, 2 days

Synopsis

This course covers all the core features of Docker including: container creation and management, interacting with Docker hub, using Dockerfile to create and manage custom images, advanced Docker networking (how to safely expose container services to the world, and link containers), the use of Docker volumes to manage persistent data, and Docker Compose to build multi-container applications. Emphasis is placed on best practices and how to secure Docker installations and containers. The course culminates with comprehensive labs where students use Docker, Git, and a continuous integration server to automate the testing of containerized applications.

Prerequisites
Proficiency with the Linux CLI. A broad understanding of Linux system administration.

Course Outline

Module 1: Container Technology

  • History of Application Management
  • Isolation through containerization
  • Resource Measurement
  • Container Security
  • OCI: Open Container Initiative
  • Docker Ecosystem

Module 2:Introducing Docker

  • Installation
  • Docker Architecture
  • Starting the Docker Daemon
  • Docker Daemon Configuration
  • Docker Control Socket
  • Enabling TLS for Docker
  • Validating Docker Install

Module 3: Using Containers

  • Managing Containers
  • docker run: Creating Containers
  • docker ps: Listing Containers
  • docker inspect: Viewing Container Operational Details
  • docker exec: Running Commands in an Existing Container
  • Interacting with Containers
  • Stopping, Starting, and Removing Containers
  • Copying files to/from Containers
  • Inspecting and Updating Containers

Module 4: Working with Container Images

  • “Docker” Images
  • Listing and Removing Images
  • Searching for Images
  • Downloading Images
  • Committing Changes
  • Uploading Images Export/Import Images
  • Save/Load Images

Module 5: Building Container Images

  • docker build: Creating Images with Dockerfile
  • Dockerfile format
  • Caching
  • docker image build
  • Dockerfile keywords
  • ENV and WORKDIR
  • RUN: Running Commands
  • ADD/COPY: Copying Files into the Image
  • EXEC/CMD: Defining Container Executable
  • Best Practices

Module 6: Storage

  • Volume Concepts
  • Creating and Using Internal Volumes
  • Managing Volumes
  • Changing Data in Volumes
  • Removing Volumes
  • Backing up Volumes
  • SELinux Considerations
  • Mapping Devices

Module 7: Orchestration with Docker

  • Docker Compose/Swarm Concepts
  • docker-compose CLI
  • Defining a Service Set
  • Docker Swarm
    • Docker Swarm Proxy (Legacy)
    • SwarmKit
    • Docker Engine Swarm Mode (Modern) Ø
  • docker init/join: Creating a Swarm
  • Creating Services

Module 8: Networking

  • Concepts
  • Hostnames and DNS
  • Named networks
  • Network types
  • Container to Container Communication
  • Container to Container: Links
  • Container to Container: Private Network
  • Managing Private Networks
  • Remote Host to Container
  • Multi-host Networks with Overlay Driver

Module 9: Image Registries

  • Docker Registry, Docker Hub
  • Securing the Docker Registry
  • Docker Content Trust

Podman/CRI-O

RedHat was an early adopter of Docker technology and decided to rewrite it’s OpenShift PaaS technology to use Docker.

RedHat was for a long time the 2nd major contributor to the Docker project.

However, frustrated by the difficulty to influence the direction of the open source Docker project, RedHat eventually decided to implement their own container engine in the form of

  • Podman: a daemon-less container engine (using the CRI-O libraries)
  • CRI-O: a daemon-based container engine

Introduction to Podman, CRI-O Training, 2 days

Synopsis

This course covers all the core features of Podman and CRI-O including: compatibility with Docker commands, container creation and management, interacting with image registries (Docker hub, quay.io, …), using Dockerfiles to create and manage custom images, advanced  networking (how to safely expose container services to the world, and link containers), the use of  volumes to manage persistent data, and creation of Pod manifests to build multi-container applications. Emphasis is placed on best practices and how to secure Podman installations and containers. The course culminates with comprehensive labs where students use Podman, Git, and a continuous integration server to automate the testing of containerized applications.

Prerequisites
Proficiency with the Linux CLI. A broad understanding of Linux system administration.

Course Outline

Module 1: Container Technology

  • History of Application Management
  • Isolation through containerization
  • Resource Measurement
  • Container Security
  • OCI: Open Container Initiative
  • RedHat Container Ecosystem
    • Podman, Buildah, CRI-O, Skopeo

Module 2:Introducing Podman & CRI-O

  • Installation
  • Podman Architecture
  • CRI-O Architecture
  • Starting the CRI-O Daemon
  • CRI-O Configuration
  • CRI-O Control Socket

Module 3: Using Containers with Podman

  • Compatibility with Docker commands
  • podman run: Creating Containers
  • podman ps: Listing Containers
  • podman inspect: Viewing Container Operational Details
  • podman exec: Running Commands in an Existing Container
  • Interacting with Containers
  • Stopping, Starting, and Removing Containers
  • Copying files to/from Containers
  • Inspecting and Updating Containers

Module 4: Working with Container Images

  • “OCI” Images
  • Listing and Removing Images
  • Searching for Images
  • Downloading Images
  • Committing Changes
  • Uploading Images Export/Import Images
  • Save/Load Images

Module 5: Building Container Images

  • podman build: / buildah Creating Images with Dockerfile
  • Containerfile (Dockerfile) format
  • Caching
  • podman image build
  • Containerfile keywords
  • ENV and WORKDIR
  • RUN: Running Commands
  • ADD/COPY: Copying Files into the Image
  • EXEC/CMD: Defining Container Executable
  • Best Practices

Module 6: Storage

  • Volume Concepts
  • Creating and Using Internal Volumes
  • Managing Volumes
  • Changing Data in Volumes
  • Removing Volumes
  • Backing up Volumes
  • SELinux Considerations
  • Mapping Devices

Module 7: Orchestration with Docker

  • podman generate: defining muti-container Pods
    • podman generate kube
    • podman generate systemd
  • podman play kube:
    • Create containers, pods or volumes based on Kubernetes YAML
  • Working with Kubernetes

Module 8: Networking

  • Concepts
  • Hostnames and DNS
  • Named networks
  • Network types
  • Container to Container Communication
  • Container to Container: Links
  • Container to Container: Private Network
  • Managing Private Networks
  • Remote Host to Container
  • Multi-host Networks with Overlay Driver

Module 9: Image Registries

  • Quay.io, Docker Registry, Docker Hub, Harbor
  • Securing the Registry

Content Trust