Mirantis Secure Registry (MSR)

Course Duration: 1 day

Who Should Attend:

• Role: System Operators & Administrators
• Motivations: Leverage all the features of Mirantis Secure Registry in order to enhance the security profile of container image content, distribution and execution.

Course Prerequisites:

• CN212 course and prerequisites therein, or equivalent experience
• Familiarity with the Bash shell 
  • Filesystem navigation and manipulation
  • Command line text editors like vim or nano
  • Common tooling like curl, wget and ping
• Familiarity with YAML and JSON notation 

Lab Requirements:

• Laptop with WiFi connectivity
• Attendees should have the latest Chrome or Firefox installed, and a free account at strigo.io.

Course Outline:

• Mirantis Secure Registry architecture
  • Production-grade deployment patterns
  • Containerized components of MSR
  • Networking & System requirements for MSR
  • Installing MSR via Launchpad for high availability
  • Integrating external storage into MSR
• Access control in MSR
  • MSR RBAC system
• Content Trust
  • Defeating man in the middle attacks with The Update Framework & Notary
  • Content Trust usage in MSR
• Security Scanning
  • Auditing container images for known vulnerabilities
  • Setting up MSR security scanning
  • Security scan integration in continuous integration 
• Repository Automation
  • Continuous integration pipeline architecture featuring MSR
  • Promoting and mirroring images through pipelines
  • Integrating MSR with external tooling via webhooks
• Image Management
  • Image pruning and garbage collection strategies and automation
  • Registry sizing strategy
  • Content caching for distributed teams
• MSR Troubleshooting
  • Correlating MSR symptoms with components
  • Probing and reading MSR state databases
  • Recovering failed MSR replicas
  • MSR backups & restore
  • Disaster recovery in event of critical MSR failure