Managing Docker on Linux Servers
Want to learn how to install Docker for Linux? To secure access to the server side and easily manage contexts to connect from any client?
What you'll learn
Thanks to Docker Desktop, you may fall in love with Docker on Mac and Windows. Behind the scenes, and in many production environments, you will find Linux! In this course, Managing Docker on Linux Servers, you will gain the ability to deploy Docker Engine for Linux. First, you will learn to install Docker Engine on your preferred Linux distro whether officially supported or not. Next, you will discover how to manage connections between the client and server with docker contexts, including how to secure access! Finally, you will explore containerd and other pluggable backend components that can be swapped out to meet your needs. When you are finished with this course, you will have the skills and knowledge of deploying Docker Engine for Linux needed to run containers in development, test, and even production Linux environments.
Table of contents
- The Simplicity of Docker on Linux 5m
- Exploiting Throw Away Linux Learning VMs with Vagrant 2m
- Installing Vagrant and Cloning the Course Exercise Files 4m
- Virtualbox Is a Great Hypervisor Choice to Pair with Vagrant 3m
- Finding a Trustworthy Vagrant Box for a Linux Learning VM with CentOS 8 2m
- Creating a Learning Environment: A Linux VM with CentOS 8 via Vagrant and VirtualBox 4m
- SSHing into the VM 1m
- Determining if Your Distro Is Supported and What Instructions to Follow 4m
- Make Sure Old Docker Versions (Packages) Are Removed 1m
- How You Install Docker from an Official Repo, Package or Convenience Script Depends on Your Use Case 4m
- Adding the Docker Repository to Locate and Install Official Docker Packages and Builds 2m
- Installing the Official Docker Packages on CentOS and Verifying the Docker CLI Works 2m
- Starting the Docker Engine Service and Using sudo to Access the Docker Unix Socket 2m
- Granting Access to the Docker Daemon Unix Socket 3m
- Enabling the Docker Engine Service to Start Automatically 4m
- Understanding the docker-ce systemd Units 2m
- Verifying the Docker Engine Service Now Starts Automatically 2m
- Command to Container 4m
- Challenge - Break into a Docker Container without docker exec (hint: nsenter) 3m
- Low Level Container Components Are Reflected in Arguments to the Docker Command 1m
- From All in One to Many Daemons 3m
- Managing Connections with Named Contexts 3m
- docker context and Two Client Scenarios to Study 1m
- Auto Provision an Ubuntu VM with Just the docker CLI - Vagrant + Ansible Rocks 4m
- Using the Convenience Install Scripts at get.docker.com 2m
- Recreating the cli-only VM on a Failure and Re-provisioning with Ansible 3m
- The default Dynamic Context in the Absence of a Daemon 1m
- The default Context When the Full Docker Engine Is Installed 1m
- The Pragmatic Big Picture - Remote Connections 2m
- Installing the Docker Snap Package as a Client Environment 2m
- Installing Docker via Binaries for an Easily Configured Remote Daemon 1m
- Starting dockerd at the CLI with No Arguments and Locally Inspecting the default Docker Context 1m
- Getting Help from the CLI Regarding the -H/--host Socket Configuration Option 2m
- Expanded Online Help for the Daemon Socket Configuration Option 3m
- Configuring the Daemon and Client to Communicate via a TCP Socket with the Shared -H CLI Option 2m
- Using DOCKER_HOST Instead of the -H CLI Option 1m
- Configuring Remote Connections 2m
- Be Careful with Remote Connections 3m
- Creating Multiple Contexts to Sweep Away the Connection Details 4m
- Switching Active Contexts with docker context use 2m
- Using docker context export to Share Connection Details 1m
- From Insecure TCP Ports to Secured 1m
- Super Simple Security by Tunneling in via SSH to Connect to a Remote Docker Daemon 3m
- Creating a Docker Context to Securely Tunnel over SSH to a Daemon Unix Socket 1m
- Switching Gears - Dissecting Daemon Socket Configuration When Hosted by systemd 2m
- Socket Activation in a Nutshell 2m
- Configuring an Insecure TCP Socket by Creating a Drop-in for the docker.socket systemd Unit File 4m
- How Shockingly Easy It Is to Exploit an Insecure Docker Engine API 5m
- High Level Overview of How to Generate Keys and Certs 3m
- Installing mkcert to Generate a CA Certificate and Private Key 2m
- Generating Client and Server Private Keys and Certs with mkcert 3m
- Running the Daemon with TLS and Client Certificate Auth 2m
- Connecting the docker CLI to a Local Daemon API with TLS Over 127.0.0.1 2m
- A Sanity Check with Curl That Mutual TLS Auth Is Operational 3m
- Secure Remote TLS Connections 2m
- Sweeping All Those TLS Flags under the Context Rug - docker context to the Rescue 2m
- docker context inspect with TLS Credentials 2m
- Prediction - Convergence of Transparent Security and Clustering - docker context create aci/ecs Are the Future 1m
- Another Prediction - For Some, a Current Reality - Ubiquitous, Transparent, Hassle-free Security 2m
- containerd Has Been with Us This Whole Time 2m
- Installing containerd Alone from Pre-built Binaries 2m
- A First Look at containerd and ctr - and the OCI (Open Container Initiative) 3m
- dump-ing Current and default containerd Config Rocks 1m
- Running containerd And Connecting with ctr 2m
- Configuring containerd 3m
- ctr image pull ... 1m
- A First Attempt to Run a Container Only to Find Something Missing 3m
- Installing runc and Running Our First Container with containerd's ctr run (without docker) 3m
- containerd or dockerd? 8m
About the author
Wes Higbee is passionate about helping companies achieve remarkable results with technology and software. He’s had extensive experience developing software and working with teams to improve how software is developed to meet business objectives. Wes launched Full City Tech to leverage his expertise to help companies delight customers. Although his primary focus is on outcomes, implementation often includes technical competency. Wes frequently speaks about impactful aspects of software developm... more