Introduction to Docker, Kubernetes and Serverless for Hackers
Learn how to build docker containers, run serverless functions and run them on a distributed cluster using Kubernetes
Containers are becoming more and more prevalent and easy to deploy. Containers offer numerous security features as well, such as private networking and namespaces which limit the attack sutface of the enviornment within the container. In many cases containers can be executed on the infrastructure of cloud providers, replacing running bare metal servers. Another major feature is that they offer predictable deployments with specific versions of applications and services. This makes it possible to do extensive testing of containers before deployment. Containers are also becoming an obvious way to deploy applicatiosn to embedded devices, greatly simpifying cross compilation and testing between different desktop and embedded arhcitectures.
This is a hands-on course and partcipants will be tasked with creating a small password cracking cluster over the course of two days. Participants should have some familiarty with Linux-like systems and running shell commands, if you've set up a Raspberry Pi - you're good to go.
Keywords:
- Microservices
- Functions as a Service (FaaS)
- Containters and Containerization
- Pods
- Services
- Clusters
- Load balancing
- Cloud applications
- Docker on smaller embedded systems
Day 1
Day 1 will focus on constructing Docker containers. Several complex docker containers including cross-compilation flows will be demostrated. Participants will understand installing and running docker, creating and running containers and deploying them to other machines and services. Participants will also learn how to build and deploy Function as a Service based microservices.
Day 1 Theory
- Running Docker on Mac, Windows, Linux and Embedded devices like the Raspberry Pi
- How to create, deploy and manage docker containers
- Cross-compiliation for different architectures
- Docker images and the
latest
tag - Docker image hosting and local docker registries
- Persistancy in Docker
- Docker compose and other tools (and when you shouldn't use them)
- Dockerfiles and base images
- Docker networking
- Microservices and serverless Functions
Assignment 1: Execute some basic docker comamnds
- Create a Docker container
- Execute the Docker container
- Check the Docker container state
- Remove the Docker container
Assignment 2: Execute a Python3 script in a Docker container
- Execute a python3 script within Docker
- Modify the script to perform additional operations
Assignment 3: Dockerize a Common Command Line Application
- Build a docker container to build John the Ripper from source
- Ensure the container is retained
- Test the container using some sample passwords
Assignment 4: Build and deploy a Python 3 Serverless Function
- Use the example code to run a FaaS written in Python3
- Modify the FaaS to perform an additional functionality
Assignment 5: Build a database to log results
- Create a docker container to store and host results in a database
Assignment 5: Integrate the Code into a web frontend
- Modify the provided web frontend to call the serverless funciton
- Verify the result in the web browser
Day 2
On Day 2 participants will learn how to distribute the application among multiple nodes. Participants will deploy a Kubernetes cluster consisting of multiple worker nodes. Each worker node will be provisioned with working pods from the previous day. A load balancer will be instantiated to distribute the load between multiple nodes.
Day 2 Theory
- Kubernetes
kubectl
- Kubernetes control plane
- Containers
- Pods
- Nodes
- Clusters
- Load-Balancers and Ingress
- Monitoring the cluster
- Removing nodes and clusters
Assignment 1: Provision a Kuberentes Cluster
- Provision a control plane
- Provision 3 nodes
- Delete the container and nodes
Assignment 2: Modify Docker Containers for Kubernetes
- Migrate the relevant containers into relevant pods
- Test a single instance of the app on the cluster
Assignment 3: Deploy Multiple Workers
- Deploy multiple workers to multiple nodes
- Test the functionality of the resulting pods
Assignment 4: Deploy a Load-Balancer
- Balance the load between multiple pods
- Test the full functionality in the web browser
- Deploy a password cracking service