Mirantis Secure Registry (MSR)

This course is targeted at students with the following:

Motivations: Leverage all the features of Mirantis Secure Registry in order to enhance the security profile of container image content, distribution and execution.

Roles: System Operators & Administrators

• Mirantis Secure Registry architecture
• Production-grade deployment patterns
• Containerized components of MSR
• Networking & System requirements for MSR
• Installing MSR via Launchpad for high availability
• Integrating external storage into MSR
• Access control in MSR
• MSR RBAC system
• Content Trust
• Defeating man in the middle attacks with The Update Framework & Notary
• Content Trust usage in MSR
• Security Scanning
• Auditing container images for known vulnerabilities
• Setting up MSR security scanning
• Security scan integration in continuous integration
• Repository Automation
• Continuous integration pipeline architecture featuring MSR
• Promoting and mirroring images through pipelines
• Integrating MSR with external tooling via webhooks
• Image Management
• Image pruning and garbage collection strategies and automation
• Registry sizing strategy
• Content caching for distributed teams
• MSR Troubleshooting
• Correlating MSR symptoms with components
• Probing and reading MSR state databases
• Recovering failed MSR replicas
• MSR backups & restore
• Disaster recovery in event of critical MSR failure

• Familiarity with the Bash shell 
  • Filesystem navigation and manipulation
  • Command line text editors like vim or nano
  • Common tooling like curl, wget and ping
    
• Familiarity with YAML and JSON notation

• CN212 - Mirantis Kubernetes Engine (MKE)

Lab Requirements

• Laptop with WiFi connectivity
• Attendees should have the latest Chrome or Firefox installed, and a free account at strigo.io.