This guide is intended to be a point of knowledge for everyone who wants to pass Docker Certified Associate Exam. The main idea is to provide links to every topic in each domain. Preference will always be the official documentation, but feel free to add useful links.
Web version can be found here: DCA website
- Orchestration
- Image Creation, Management, and Registry
- Installation and Configuration
- Networking
- Security
- Storage and Volumes
- Links
- Complete the setup of a swarm mode cluster, with managers and worker nodes
- Describe and demonstrate how to extend the instructions to run individual containers into running services under swarm
- Describe the importance of quorum in a swarm cluster.
- Describe the difference between running a container and running a service.
- Interpret the output of “docker inspect” commands
- Convert an application deployment into a stack file using a YAML compose file with "docker stack deploy"
- Manipulate a running stack of services
- Describe and demonstrate orchestration activities
- Increase number of replicas
- Add networks, publish ports
- Mount volumes
- Describe and demonstrate how to run replicated and global services
- Apply node labels to demonstrate placement of tasks
- Describe and demonstrate how to use templates with “docker service create”
- Identify the steps needed to troubleshoot a service not deploying
- Describe how a Dockerized application communicates with legacy systems
- Describe how to deploy containerized workloads as Kubernetes pods and deployments
- Describe how to provide configuration to Kubernetes pods using configMaps and secrets
- Describe the use of Dockerfile
- Describe options, such as add, copy, volumes, expose, entry point
- Identify and display the main parts of a Dockerfile
- Describe and demonstrate how to create an efficient image via a Dockerfile
- Describe and demonstrate how to use CLI commands to manage images, such as list, delete, prune, rmi
- Describe and demonstrate how to inspect images and report specific attributes using filter and format
- Describe and demonstrate how to tag an image.
- Describe and demonstrate how to apply a file to create a Docker image
- Describe and demonstrate how to display layers of a Docker image
- Describe and demonstrate how to modify an image to a single layer (multi-stage build, single layer)
- Describe and demonstrate registry functions
- Deploy a registry
- Log into a registry
- Utilize search in a registry
- Push an image to a registry
- Sign an image in a registry
- Pull and delete images from a registry
- Describe sizing requirements for installation
- Describe and demonstrate the setup of repo, selection of a storage driver, and installation of the Docker engine on multiple platforms
- Describe and demonstrate configuration of logging drivers (splunk, journald, etc.)
- Describe and demonstrate how to set up swarm, configure managers, add nodes, and setup the backup schedule
- Describe and demonstrate how to create and manage user and teams
- Describe and demonstrate how to configure the Docker daemon to start on boot
- Describe and demonstrate how to use certificate-based client-server authentication to ensure a Docker daemon has the rights to access images on a registry
- Describe the use of namespaces, cgroups, and certificate configuration
- Describe and interpret errors to troubleshoot installation issues without assistance
- Describe and demonstrate the steps to deploy the docker engine in Docker, DTR, UCP, Docker on AWS and possibly on premises HA config
- Describe and demonstrate how to configure backups for UCP and DTR
- (Until Study Guide 1.3) Demonstrate the ability to upgrade the Docker engine
- Describe the Container Network Model and how it interfaces with the Docker engine and network and IPAM drivers
- Describe the different types and use cases for the built-in network drivers
- Describe the types of traffic that flow between the Docker engine, registry and UCP controllers
- Describe and demonstrate how to create a Docker bridge network for developers to use for their containers
- Describe and demonstrate how to publish a port so that an application is accessible externally
- Identify which IP and port a container is externally accessible on
- Compare and contrast “host” and “ingress” publishing modes (Host, Ingress)
- Describe and demonstrate how to configure Docker to use external DNS
- Describe and demonstrate how to use Docker to load balance HTTP/HTTPs traffic to an application (Configure L7 load balancing with Docker EE)
- Describe and demonstrate how to deploy a service on a Docker overlay network
- Describe and demonstrate how to troubleshoot container and engine logs to resolve connectivity issues between containers
- (Since Study Guide 1.5) Describe how to route traffic to Kubernetes pods using ClusterIP and NodePort services
- (Since Study Guide 1.5) Describe the Kubertnetes’ container network model
- (Since Study Guide 1.5) Describe security administration and tasks
- Describe the process of signing an image
- Describe default engine security
- Describe swarm default security
- Describe MTLS
- Identity roles
- Describe the difference between UCP workers and managers
- Describe process to use external certificates with UCP and DTR (UCP from cli, from GUI, print the public certificates), DTR)
- Describe and demonstrate that an image passes a security scan
- Describe and demonstrate how to enable Docker Content Trust.
- Describe and demonstrate how to configure RBAC with UCP
- Describe and demonstrate how to integrate UCP with LDAP/AD
- Describe and demonstrate how to create UCP client bundles
- Identify the correct graph drivers to uses with various operating systems
- Describe and demonstrate how to configure devicemappe
- Compare and contrast object and block storage and when they should be used
- Describe how an application is composed of layers and where these layers reside on the filesystem
- Describe how volumes are used with Docker for persistent storage
- Identify the steps you would take to clean up unused images on a filesystem, also on DTR. (image prune, system prune and from DTR)
- Demonstrate how storage can be used across cluster nodes, ex.
- (Since Study Guide 1.5) Describe how to provision persistent storage to a Kubernetes pod using persistentVolumes
- (Since Study Guide 1.5) Describe the relationship between container storage interface drivers, storageClass, persistentVolumeClaim and volume objects in Kubernetes
These are the most relevant quick facts of the exam:
- The exam is online, using Google Chrome browser on Windows or MacOS ONLY. Linux support IS NOT available at this time;
- 55 questions to be answered within 90 minutes. Which give you almost one minute and a half to spend on each question;
- It costs 195 USD or 175 EUR;
- Lasts for 2 years after the day you got certified;
- Docker does not publish exam passing scores because exam questions and passing scores are subject to change without notice;
- Results comes instantly.
More detailed parts about the exam, please refer to the Links section.
There are THREE TYPES of giving answers:
- ONE RIGHT ANSWER: The answer options will be a clickable spot and you must select ONE CHOICE. This can be either select a valid answer in a true/false statement or a fill in blank example.
- MULTIPLE ANSWERS: The answer option will be a square-type and accepts MULTIPLE CHOICES. Before checking the answers, please refer to the question to ensure HOW MANY VALID CHOICES ARE.
- Discrete Option Multiple Choice (DOMC) : Options are randomly presented, one at a time. For each presented option, the examinee chooses YES or NO to indicate if the option is correct. Sample DOMC Questions.
Thanks to all contributors!