Container Workshop

# Container Workshop # Themenspeicher - VIM - Softwareverwaltung - Pakete - Repositories / git - Patching - Service-Architekturen mit Docker Compose abbilden - Docker in Docker und DNS - ElasticSearch offizielles Image - AppArmour, SELinux - Security - Rootless - Podman ## Day 1 - Docker Foundations - Angenehmes Arbeiten mit der Shell - History - Automatische Vervollständigung - Navigation, Hilfe und Suche - Vordergund- und Hintergrundprozesse - Filesystem Hierarchy Standard - SSH - User und Gruppen - Filesystemrechte ## Day 2 - Contol Groups (cgroup) - Namespaces - Linux Capabilities - OverlayFS - Erstellen eigener Docker-Images - „Dockern“ einer Software Applikation - Volume-Management und Docker - Log-Management und Docker - Netzwerke und Docker - Multi-Host Networking mit Docker # Tasks ## Task 1: Prepare Your Sandbox 1. Connect to the lab host, see email instructions 2. Create a new user for yourself (belonging to group ec2-user) 3. Add user to docker group 4. Give user the sudo privilege 5. Change to your new user 6. Check executing a few Docker commands 7. Check that sudo is working 8. Create a private/public key pair 9. Add the public key to the user 10. Use your private key on your local machine to login to your new user on the lab host. ## Links https://medium.com/@mccode/understanding-how-uid-and-gid-work-in-docker-containers-c37a01d01cf https://kinvolk.io/blog/2020/12/improving-kubernetes-and-container-security-with-user-namespaces/ https://www.schutzwerk.com/en/43/posts/linux_container_capabilities/ https://github.com/justincormack/nsenter1 https://medium.com/bb-tutorials-and-thoughts/250-practice-questions-for-the-dca-exam-84f3b9e8f5ce https://linux-audit.com/linux-capabilities-101/ https://itnext.io/linux-container-from-scratch-339c3ba0411d https://github.com/p8952/bocker https://stackoverflow.com/questions/53669151/java-11-application-as-lightweight-docker-image/53669152#53669152 https://sysdig.com/blog/dockerfile-best-practices/#1-3 https://medium.com/@betz.mark/understanding-resource-limits-in-kubernetes-memory-6b41e9a955f9 http://www.brendangregg.com ## Ideas - Labs & Tasks - https://devconnected.com/30-linux-processes-exercises-for-sysadmins/ - https://devconnected.com/30-linux-permissions-exercises-for-sysadmins/ - https://devconnected.com/category/linux-administration/ ## Cheat Sheets vim https://www.slideshare.net/KopiMaheswaran/vi-cheat-sheet-141052706 http://www.viemu.com/vi-vim-cheat-sheet.gif https://external-preview.redd.it/iigrixvxp5aYN9ox7Gr1dfI_rhLRotWlLsCafjJqjEQ.png?auto=webp&s=1594ddc17408cb9186a73c2a6d1a1bf1e00769dd bash https://devhints.io/bash https://github.com/ohmyzsh/ohmyzsh sudo https://phoenixnap.com/kb/how-to-create-add-sudo-user-centos https://linuxize.com/post/how-to-add-user-to-sudoers-in-ubuntu/