Secure a Container Registry with Authentication and TLS
Set up your own OCI-compatible container registry with username/password authentication and HTTPS - the kind of protection you'd expect before using a registry in production.
Submissions: 7/12
Challenges
Focused hands-on problems designed to help you hone your DevOps or Server Side skills. Some challenges are more educational, while others are based on real-world scenarios. The platform provides hints and feedback for each challenge, including automated solution checks.
Challenge, Medium, on
Run Your Own Container Registry
Stand up a self-hosted container registry so you can push and pull images without relying on a third-party registry. Useful for tests, internal services, air-gapped environments, or just for poking at the OCI Distribution API.
Submissions: 9/16
Challenge, Hard, on
Assemble and Publish a Multi-Platform Image from Single-Platform Variants
An internal service is halfway through a Python-to-Go rewrite: the amd64 build already runs the new Go code while arm64 still ships the legacy Python one - same API, two completely different codebases and Dockerfiles. Can you build and push a single multi-platform image from the two independent single-platform variants?
Submissions: 7/8
Challenge, Easy, on
Docker 101: Authenticate to Private Container Registries
Practice using docker login to authenticate against multiple private container registries with different credentials, then pull and push images across them.
Submissions: 35/40
Challenge, Medium, on
Transfer Container Images to an Air-Gapped Environment
Get container images onto a server that has no route to the Internet or access to a container registry.
Submissions: 61/79
Challenge, Easy, on
Docker 101: Tag and Push Container Images to Registries
Re-tag local container images with fully-qualified references and publish them to different registries using the 'docker tag' and 'docker push' commands.
Submissions: 65/84
Challenge, Medium, on
Inspect a Container Image Without Pulling It
Explore the OCI image index, manifests, and configuration of a remote multi-platform image - without pulling a single byte of filesystem layers into the local Docker daemon.
Submissions: 27/33
Challenge, Easy, on
Docker 101: Pull a Container Image for a Specific Platform
Pull a container image built for a non-native CPU architecture using the 'docker pull --platform' flag.
Submissions: 63/70
A Simple Sandbox Breakout: Spot It and Stop It
Investigate a potentially compromised CI host. A sandboxed "agent" running in the background is suspected of breaking out - confirm the breach and neutralize it without taking the sandbox down.
Submissions: 29/69
Challenge, Easy, on
Docker 101: Pull a Container Image by Digest
Practice pulling a container image using an immutable digest reference instead of a mutable tag.
Submissions: 98/115