Demystifying Container and Orchestration Ecosystem
| No. | Title | Learn |
|---|---|---|
| 1 | History of ContainerD | 🔗 |
| 2 | Architecture of ContainerD | 🔗 |
| 3 | Introduction to runc | 🔗 |
| 4 | ContainerD CLI Ctr | 🔗 |
| 5 | Kata Containers | 🔗 |
| 6 | Firecraker - TODO | 🔗 |
| 7 | ContaiNerd + Nerdctl | 🔗 |
| 8 | contaiNERD + runwasi | 🔗 |
| 9 | Wasm + ContainerD + CRUN | 🔗 |
git clone https://github.com/kubernetesdaily/dockerworkshop.git
| No. | Title | Learn |
|---|---|---|
| 1 | Prerequisites | 🔗 |
| 2 | Hello World in Docker | 🔗 |
| 3 | Docker Image Filters | 🔗 |
| 4 | Images as Tar Files | 🔗 |
| 5 | Pushing to DockerHub | 🔗 |
| 6 | Building a Base Image | 🔗 |
| 7 | Dockerfile ADD | 🔗 |
| 8 | Dockerfile COPY | 🔗 |
| 9 | Dockerfile CMD | 🔗 |
| 10 | Dockerfile Entrypoint | 🔗 |
| 11 | Dockerfile WORKDIR | 🔗 |
| 12 | Dockerfile RUN | 🔗 |
| 13 | Dockerfile ARG | 🔗 |
| 14 | Dockerfile Volume | 🔗 |
| 15 | Dockerfile USER | 🔗 |
| 16 | Dockerfile HEALTHCHECK | 🔗 |
| 17 | Dockerfile ENV | 🔗 |
| 18 | Dockerfile ONBUILD | 🔗 |
| 19 | Multi-Container CLI | 🔗 |
| 20 | Multi-Arch Container | 🔗 |
| 21 | Docker Compose Basics | 🔗 |
| 22 | Docker Compose Volumes | 🔗 |
| 23 | Custom Dockerfile with Compose | 🔗 |
| 24 | PHP, Apache, and DB with Compose | 🔗 |
| 25 | Host Volume Mount | 🔗 |
| 26 | Named Volume Mount | 🔗 |
| 27 | Compose Build Command | 🔗 |
| 28 | Compose Config Command | 🔗 |
| 29 | Compose CP Command | 🔗 |
| 30 | Compose Create Command | 🔗 |
| 31 | Compose Down Command | 🔗 |
| 32 | Compose Events Command | 🔗 |
| 33 | Compose Exec Command | 🔗 |
| 34 | Compose Images Command | 🔗 |
| 35 | Compose Kill Command | [🔗]( |
| 36 | Compose Logs Command | [🔗]( |
| 37 | Compose ls Command | [🔗]( |
| 38 | Compose Pause/Unpause | [🔗]( |
| 39 | Compose Port Command | 🔗]( |
| 40 | Compose ps Command | [🔗]( |
| 41 | Compose Pull Command | [🔗]( |
| 42 | Compose Push Command | [🔗]( |
| 43 | Compose Restart Command | [🔗]( |
| 44 | Compose run Command | [🔗]( |
| 45 | Compose Watch Command | [🔗]( |
| 46 | Local Network Setup | [🔗]( |
| 47 | Remote Network Setup | [🔗]( |
| 48 | Networking in Compose | [🔗]( |
| 49 | Compose Networking with Nginx | [🔗]( |
| 50 | Docker Wordpress Example | [🔗]( |
git clone https://github.com/kubernetesdaily/k8sworkshop.git
| No. | Title | Link |
|---|---|---|
| 1 | Includes configuring pre-requisites to install kubeadm | 🔗 |
| 2 | Use Kubeadm to install a basic cluster | 🔗 |
| 3 | Manage a highly-available Kubernetes cluster | 🔗 |
| 4 | Perform a version upgrade on a Kubernetes cluster using Kubeadm | 🔗 |
| 5 | Implement etcd backup and restore | 🔗 |
| 6 | Manage role based access control (RBAC) | 🔗 |
| No. | Title | Link |
|---|---|---|
| 1 | Basics of Pod | 🔗 |
| 2 | Create POD with Command and Arguments | 🔗 |
| 3 | Multi-Container Pods | 🔗 |
| 4 | Labels & Selectors | 🔗 |
| 5 | Kubernetes Service | 🔗 |
| 6 | Understand deployments and how to perform rolling update and rollbacks | 🔗 |
| 7 | Use ConfigMaps and Secrets to configure applications | 🔗 |
| 8 | Understand the primitives used to create robust, self-healing, application deployments | [🔗]( |
| 9 | Understand how resource limits can affect Pod scheduling | |
| 10 | Awareness of manifest management and common templating tools |
| No. | Title |
|---|---|
| 1 | Understand host networking configuration on the cluster nodes |
| 2 | Understand connectivity between Pods |
| 3 | Understand ClusterIP, NodePort, LoadBalancer service types and endpoints |
| 4 | Know how to use Ingress controllers and Ingress resources |
| 5 | Know how to configure and use CoreDNS |
| 6 | Choose an appropriate container network interface plugin |
| No. | Title |
|---|---|
| 1 | Understand storage classes, persistent volumes |
| 2 | Understand volume mode, access modes and reclaim policies for volumes |
| 3 | Understand persistent volume claims primitive |
| 4 | Know how to configure applications with persistent storage |
| No. | Title |
|---|---|
| 1 | Evaluate cluster and node logging |
| 2 | Understand how to monitor applications |
| 3 | Manage container stdout & stderr logs |
| 4 | Troubleshoot application failure |
| 5 | Troubleshoot cluster component failure |
| 6 | Troubleshoot networking |
| No. | Title |
|---|---|
| 1 | Define, Build, and Modify Container Images |
| 2 | Understand Jobs and CronJobs |
| 3 | Understand Multi-Container Pod Design Patterns |
| 4 | Utilize Persistent and Ephemeral Volumes |
| No. | Title |
|---|---|
| 1 | Deployments and Rolling Updates |
| 2 | Deployments and Rollbacks |
| 3 | Scale Applications |
| 4 | Deployment Patterns |
| 5 | Use the Helm Package Manager to Deploy Existing Packages |
| No. | Title |
|---|---|
| 1 | Discover and Use Resources that Extend Kubernetes |
| 2 | Understanding Authentication, Authorization and Admission Control |
| 3 | Resource Requests and Limits |
| 4 | LimitRanges |
| 5 | Namespace Quotas |
| 6 | ConfigMaps |
| 7 | Secrets |
| 8 | Mounting ConfigMaps/Secrets as Volumes or Environment Variables |
| 9 | Service Accounts |
| 10 | SecurityContext |
| No. | Title |
|---|---|
| 1 | Services and Other Network Primitives |
| 2 | Ingress Controllers and Ingress Resources |
| 3 | Using Network Policies |
| No. | Title |
|---|---|
| 1 | Understand API Deprecations |
| 2 | Liveness Probes and Readiness Probes |
| 3 | Container Logging |
| 4 | Monitoring Applications |
| 5 | Debugging |
| No. | Title |
|---|---|
| 1 | Using Network Security Policies to restrict cluster level access |
| 2 | Use CIS benchmark to review the security configuration of Kubernetes components |
| 3 | Properly set up Ingress objects with security control |
| 4 | Protect Node Metadata and endpoint |
| 5 | Minimize the use of, and access to GUI elements |
| 6 | Verifying platform binaries before deploying |
| No. | Title |
|---|---|
| 1 | Restrict access to Kubernetes API |
| 2 | Use Role Based Access Controls to minimize exposure |
| 3 | Exercise caution in using service accounts |
| 4 | Update Kubernetes frequently |
| No. | Title |
|---|---|
| 1 | Minimize Host OS Footprint |
| 2 | Minimize IAM roles |
| 3 | Minimize external access to the network |
| 4 | Appropriately use kernel hardening tools such as AppArmor, seccomp |
| No. | Title |
|---|---|
| 1 | Setup appropriate OS-level security domains |
| 2 | Managing Kubernetes Secrets |
| 3 | Use Container Runtime Sandboxes in Multi-tenant environments |
| 4 | Implement pod-to-pod encryption by use of mTLS |
| No. | Title |
|---|---|
| 1 | Minimize Base Image Footprint |
| 2 | Secure Supply Chain: Allowing image registries, sign and validate images |
| 3 | Use Static Analysis of User Workloads |
| 4 | Scan Images for Known Vulnerabilities |
| No. | Title |
|---|---|
| 1 | Perform behavior analytics of syscall process and file activities at the host and container level to detect malicious activities |
| 2 | Detect threats within the physical infrastructure, apps, networks, data, users, and workloads |
| 3 | Detect all phases of attack regardless of where it occurs and how it spreads |
| 4 | Perform deep analytical investigation and identification of bad actors within an environment |
| 5 | Ensure immutability of containers at runtime |
| 6 | Use Audit Logs to monitor access |
git clone https://github.com/kubernetesdaily/helm-workshop.git
| No. | Title | Learn |
|---|---|---|
| 1 | Basics of Helm | 🔗 |
| 2 | Deep Dive into Charts | 🔗 |
| 3 | Work with Multiple Values | 🔗 |
| 4 | Create Template file | 🔗 |
| 5 | advance Template with If statement | 🔗 |
| 6 | Else and Else If statement | 🔗 |
| 7 | 50 Helm Template Cheatsheets | 🔗 |
| Title | Link | Tag | Author |
|---|---|---|---|
| Okteto | Learn | Development Tools | Sangam Biradar |
| cert-manager | Learn | Networking | Sangam Biradar |
| flannel | Learn | Networking | Sangam Biradar |
| werf | Learn | Continuous Integration & Delivery | Sangam Biradar |
This Is Not
- This is not a replacement for the official documentations.
- This is not an exhaustive guide.
This Is
- This is a collaborative and personal effort.
- This is a project that is expected to evolve and gain from others' inputs.
meaningful contributions welcome 🙏