Scenario Based Docker Security

Focused View

Chris Behrens

5:14:24

19 View

1.Course.Introduction

486-5913-1 - About the Author.mp4

01:44

486-5913-2 - About the Course.mp4

10:28

486-5913-3 - How to Get Help.mp4

02:29

486-5913-4 - Prerequisites.mp4

02:17

486-5913-5 - Text Editor Vim Basics Optional.mp4

03:17

486-5913-6 - Job Market Optional.mp4

02:26

2.Docker

486-5915-1 - Installing and Configuring Docker.mp4

11:51

486-5915-2 - Resource Restrictions Part 1 - General talk.mp4

03:14

486-5915-3 - Resource Restrictions Part 2 - Resource Usage Controls.mp4

07:50

486-5915-4 - Resource Restrictions Part 3 - systemd and cgroups.mp4

12:14

486-5915-5 - Docker and seccomp Part 1 - seccomp Default Profile, syscalls.mp4

11:15

486-5915-6 - Docker and seccomp Part 2 - seccomp custom profile, syscalls, strace.mp4

21:03

486-5915-7 - Docker and seccomp Part 3 - seccomp custom profile, syscalls, strace.mp4

11:07

486-5915-8 - Securing Software Sources Part 1 - SSL Certificate Certbot Letsencrypt.mp4

08:00

486-5915-9 - Securing Software Sources Part 2 - SSL Certificate Certbot Letsencrypt Docker Registry.mp4

07:17

486-5915-10 - Securing Software Sources Part 3 - Registry and Letsencrypt.mp4

07:12

486-5915-11 - Securing Software Sources Part 4 - Registry and Letsencrypt.mp4

06:05

486-5915-12 - Securing Software Sources Part 5 - Custom Docker Image from Scratch.mp4

15:22

486-5915-13 - Securing Software Sources Part 6 - MySQL Database Custom Image.mp4

10:36

486-5915-14 - Securing Software Sources Part 7 - MySQL Database Custom Image.mp4

11:53

486-5915-15 - Securing Software Sources Part 8 - MySQL Database Custom Image.mp4

20:28

486-5915-16 - Docker Bench Part 1 - Initial Scan and Initial Results.mp4

13:49

486-5915-17 - Docker Bench Part 2 - Adjust Logging.mp4

12:25

486-5915-18 - Docker Bench Part 3 - Docker Daemon.mp4

08:45

486-5915-19 - Docker Bench Part 4 - User Remap.mp4

07:26

486-5915-20 - Docker Bench Part 5 - Docker Bench Second Pass.mp4

12:36

3.Deploy.and.Secure.Application.Back.End

486-5920-1 - API Part 1 - Initial Application Test.mp4

17:25

486-5920-2 - API Part 2 - Database Setup.mp4

05:43

486-5920-3 - API Part 3 - Python App Custom Image.mp4

06:15

486-5920-4 - API Part 4 - Connecting the Application to the Database.mp4

15:17

486-5920-5 - API Part 5 - Apache Web Server Reverse Proxy.mp4

13:16

486-5920-6 - API Part 6 - SSL Reverse Proxy Summary.mp4

09:50

4.Summary

486-5914-1 - Course Summary.mp4

03:29

Description

This is your second step in the path to learning all about securing containers.

What You'll Learn?

Welcome to this Scenario Based Docker Security course. This is the second course of a four-course learning path related to securing containers. The lessons that are presented here focus on the security aspect of Docker through which you will learn how to perform various configurations and navigate through different situations within the context of security. Having a proper configuration without security loopholes and having your software sources, such as container images, as secure as possible is very important. In the first part of this course, we will begin with a guide on how to install and configure Docker properly. We will talk about resource restrictions where you will learn about Linux cgroups and how they can be used to pose limits on different aspects of your system, as well as learn how to monitor resources and process usage. After that, we will move on to Seccomp - Secure Computing Mode and learn how to configure seccomp profiles. Seccomp is a security tool mechanism that Docker can use to achieve additional security. Securing software sources is extremely important, which is why we will go over the whole process of creating a repository, creating an image, pushing it to the repository, pulling it, doing some changes, pushing it back and so forth, while keeping in mind how to achieve optimal security. This is why we will talk about topics such as creating SSL certificates so that the traffic between us and the software source is encrypted. This will be achieved using Certbot and Let’s Encrypt. We will talk about the security advantages of private repositories and custom images. You will learn how to create custom images from scratch, specifically two images, where one will be a web server image and the other a MySql Database image. After that, we will take a closer look at Docker Bench. It is a security tool that is also used for optimization. When it runs, it performs a series of scans that give you suggestions on what should or shouldn't be fixed. When all of this is done, the last part of this course is dedicated to deploying and securing an application's backend. These videos can be viewed as a sort of mini-project and review of what has been learned so far. We will be configuring a Docker container to run an Apache web server as an application backend. We will configure a Docker container for which we need to create a custom image to run a Python application (more specifically a Flask application). This application will have an active API that is fully functional and it will achieve a connection to a database for which we will also need to construct a container. So, we will have two Docker containers communicating with each other. We will also set up an Apache web server that will be a gateway to the outer world, so to speak. It will be used as a reverse proxy to allow connections from the outer world to reach our containers. Certbot will be utilized for creating an SSL certificate for our domain.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Docker

Network Security

Chris Behrens

Instructor's Courses

Acloud Guru

View courses Acloud Guru

A Cloud Guru is an online training platform for people interested in Information Technology. Most of the courses offered prepare students to take certification exams for the three major cloud providers.