Securing the Docker Platform

By Nigel Brown
The Docker platform is a key ingredient in the packaging and delivery of container-based application services. This course will give you all the knowledge you need to enable you to securely manage the operation of a Docker platform.
Play course overview
Course info
Rating
(25)
Level
Beginner
Updated
Jun 21, 2018
Duration
4h 7m
Table of contents
Course Overview
Course Overview 2m
Establishing a Baseline for Docker Platform Security
Module Outline 3m Defining the Docker Platform 7m Acting on Docker Platform Security Vulnerabilities 2m Determining What Needs to Be Secured 7m Measuring How Secure a Docker Platform Is 3m Testing a Docker Platform for CIS Docker Benchmark Compliance 5m Module Summary 1m
Optimizing the Configuration of the Docker Host
Module Outline 4m Employing Minimal Operating Systems 7m Deploying Docker on RancherOS in the Cloud 10m Hardening the Host Operating System 2m Keeping the Docker Engine Current 5m Auditing Important Docker Artifacts 7m Creating Audit Rules for the Docker Host 8m Module Summary 2m
Configuring the Docker Daemon for Security
Module Outline 3m Controlling Access to the Docker Daemon Socket 6m Using TLS to Protect the Docker Daemon 9m Configuring TLS for the Docker Client and Daemon 11m Minimizing the Risk Associated with a Container Breakout 8m Implementing User Namespaces for Containers 5m Module Summary 3m
Enhancing Access Control to the Docker Platform
Module Outline 2m Enhancing the Default Access Control Mechanism 5m The Docker Plugin API 8m Introducing the Open Policy Agent Docker Authorization Plugin 5m Defining Authorization Policy with Rego 7m Implementing Fine-grained Access Control to the Docker Platform 7m Module Summary 2m
Deploying a Secure Docker Registry
Module Outline 2m Enabling the Use of Insecure Registries 6m Securing Communication with a Self-hosted Docker Registry 7m Configuring TLS for the Docker Daemon and Registry 11m Controlling Access with Basic Authentication 7m Controlling Access with Token-based Authentication 5m Implementing Authentication for a Self-hosted Registry 11m Module Summary 2m
Managing Security in a Docker Swarm Cluster
Module Outline 3m Securing Communication Between Cluster Nodes 9m Using Secrets to Manage Sensitive Artifacts 6m Autolocking a Cluster to Protect the Encryption Key 3m Managing the Availability of a Swarm Cluster 8m Recovering from a Lost Quorum 7m Module Summary 2m
Wrapping Up
Recapping the Journey 2m Where to Go Next 1m Final Words 1m
Description
Course info
Rating
(25)
Level
Beginner
Updated
Jun 21, 2018
Duration
4h 7m
Description

Docker containers are in widespread use as the distribution vehicle for cloud native application services. An important enabler in the process of building, packaging, and running those containers is the Docker platform, which is comprised of several parts. In this course, Securing the Docker Platform, you'll learn about the fundamental aspects of security that relate to the platform components. First, you'll gain a better understanding of the platform components involved and the means of measuring compliance against an industry benchmark standard. Next, you'll discover how to configure the Docker daemon for best practice security, as well as for more flexible access control and authentication. Finally, you'll explore how to apply security controls to other aspects of the platform including a self-hosted Docker registry and a Swarm cluster. By the end of this course, you'll have the necessary knowledge to configure, measure, and optimize effective Docker platform security.

About the author
Nigel Brown
About the author

Nigel is an IT professional with over 25 years of experience, gained in technical and management roles, including as CEO of a technical consulting organization. He has recently returned to his technical roots, and provide tuition in the domain of microservices and container technologies.

More from the author
Managing Ingress Traffic Patterns for Kubernetes Services
Advanced
2h 49m
Apr 30, 2019
Securing Docker Container Workloads
Intermediate
3h 14m
Jan 22, 2018
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(music) Hi everyone, my name is Nigel Brown and welcome to my course, Securing the Docker Platform. As the leading components of the cloud native paradigm Docker has transformed the way that many organizations, large and small, go about building, packaging, and delivering software applications. The Docker platform is the vehicle for doing this and as sensitive corporate assets are exposed within the platform it's pretty crucial that it's configured to be secure. This course is all about the security controls and mechanisms that can be applied in order to protect those valuable assets. During the course the main topics that we'll cover include using an industry benchmark to baseline the security configuration, enhancing access control using an authorization plugin, deploying a secure registry for application images, and managing the security of a swarm cluster. By the end of the course not only will you have a good understanding of the Docker platforms default security mechanisms, but also the knowledge needed to create more flexible security solutions for your own situation. Ideally before you get going with this course you should already have some practical experience of Linux and some familiarity with the Docker platform and its command line interface. If you want to know how to measure the effectiveness of your existing Docker platform security and how to provide more flexible access patterns to the platform then join me to discover how to secure your Docker platform.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT