mirantis training logo wht bg
7787  Reviews star_rate star_rate star_rate star_rate star_half

Mirantis Secure Registry (MSR) (On Demand)

In this product-focused course, you’ll deep dive into all the features of Mirantis Secure Registry, and discover how it can enhance the security of your container image production, storage and...

Read More
$650 USD GSA  $556.68
Course Code CN213-S
Available Formats Self Paced

In this product-focused course, you’ll deep dive into all the features of Mirantis Secure Registry, and discover how it can enhance the security of your container image production, storage and distribution both as a stand-alone registry, or integrated into a continuous integration pipeline. We’ll discuss installing and configuring MSR, managing MSR user permissions, enhancing registry security with content trust and binary security scanning, as well as registry management strategies like garbage collection, content caching, and webhook-driven third-party integrations.

Skills Gained

  • Mirantis Secure Registry architecture
  • Access control in MSR
  • Content Trust
  • Security Scanning
  • Repository Automation
  • Image Management
  • MSR Troubleshooting

Who Can Benefit

  • Motivations: Leverage all the features of Mirantis Secure Registry in order to enhance the security profile of container image content, distribution and execution.
  • Roles: System Operators & Administrators

Prerequisites

  • Familiarity with the bash shell
  • Filesystem navigation and manipulation
  • Command line text editors like vim or nano
  • Common tooling like curl, wget and ping
  • Familiarity with YAML and JSON notation
  • CN110 OR CN120 OR CN211 course and prerequisites therein, or equivalent experience

Course Details

Lab Requirements

  • Laptop with WiFi connectivity
  • Attendees should have the latest Chrome or Firefox installed, and a free account at strigo.io

Course Outline

  • Mirantis Kubernetes Engine architecture
  • Production-grade deployment patterns
  • Containerized components of MKE
  • Networking & System requirements for MKE
  • Installing MKE via Launchpad for high availability
  • Access control in MKE
  • MKE RBAC systems
  • PKI, client bundle and API authentication
  • Swarm and Kubernetes access control comparison
  • L7 networking features
  • Interlock for Swarm
  • Istio for Kubernetes
  • Sticky sessions, canary or blue/green deployments, and cookie usage for both orchestrators
  • MKE Support Dumps
  • Generating and understanding MKE support dumps
  • Finding critical information in support dumps for troubleshooting MKE
  • Enabling and exporting API audit logs for disaster post-mortem
  • MKE Troubleshooting
  • Correlating MKE symptoms with components
  • Probing and reading MKE state databases
  • Recovering failed MKE managers
  • MKE backups & restore
  • Disaster recovery in event of critical MKE failure