We provide virtual course about Kubernetes & Kubernetes Advanced Combined. Kubernetes has evolved over the years into a comprehensive solution for container orchestration with plenty of integration practices.
Course description:
However, it is still not a platform that is ready for direct user use and requires knowledge of the whole system. The training focuses on the advanced management and operation of the Kubernetes cluster. We expect common knowledge of Kubernetes and focus on related topics such as integration with CI / CD, storage, resource allocation. Last but not least, cluster security is emphasized.
Course goals:
This traning is intended to be a Kubernetes deep dive and some prior Kubernetes experience is required. We are focusing on advanced topics like real workload management, LCM and cluster security. Most of the topics are demonstrated on live enviroment and every attendee will get and opportunity to test everyting on dedicated cluster. It's planned that some topics will be skipped according to attendee preferences and others will be presented in detail.
This course is a combination of the following 2 courses:
• Kubernetes
• Kubernetes Advanced
Course outline:
Module 1 - Workload:
• Understanding Kubernetes
• Deployment of multi-pod application
• PID 1 in container
• Probes - liveness, readiness
• Resource limits, default limits, evictions
• DNS in cluster - CoreDNS, DNS discovery
• Config management and discovery
• downwardAPI
• Persistent volumes
• Using hooks and initContainers
• StatefulSets
• Horizontal Pod Autoscaler
• Batch and periodic jobs
• Network and DNS settings
• Namespaces and capabilities
Module 2 - Control plane:
• Kubernets daemons (etcd, apiserver, scheduler, cm, proxy, kubelet)
• Etcd - RAFT, benchmarks, backup and recovery, monitoring
• Kubernetes API - (metrics, health)
• Advanced scheduling (selectors, affinities, taints), manual scheduling
• Custom scheduler
• Pod priority and preemption, QoS
• Running containers - CRI interface, cri-o, Docker
• Autoscale DNS service
• Container registry
• High-Availability
• Conformance tests
• Admission controllers
Module 3 - Nodes:
• Kubelet monitoring
• Anatomy of failed node
• Kubelet certificate management
• Live reconfiguration
• Node maintenance
Module 4 - Networking:
• CNI - Kubernetes networking
• LoadBalancer
• Ingress
Module 5 - Storage:
• PersistentVolumes
• Using hostPath volumes
• CSI - Container Storage Interface
• Managing volumes in public cloud
Module 6 - Operation:
• Prometheus monitoring for cluster and applications
• Logging
• Kubenetes metrics pipeline
• Upgrading Kubernetes
• Troubleshooting the cluster
Module 7 - Security:
• Security in Kubernetes - RBAC, Identities
• Cluster hardening - Disable host networking, disable hostPid, drop capabilities
• Audit and audit2rbac
• Security context
• Segmentating the cluster
• Securing Kubelet
Module 8 - Other:
• Custom resources (CRD)
• Kubectl plugins
• Managed offerings (GKE, EKS, AKS)
• Cloud provider plugins
Instructor: Ronald Harmsen
Ronald Harmsen is a senior consultant and instructor based in the Netherlands. Ronald has been professionally developing software since 1997 and has chosen .NET as his primary development environment since version 1.0. He has extensive experience in developing web applications with ASP.NET, ASP.NET MVC, WCF, Silverlight and HTML5.
Ronald is passionate about software architecture and improving performance of both applications and development teams. He focuses on building high quality software and is member of the board at the Institute for Software Quality.
Target audience:
Application developers, Cloud Platform Engineer and IT systems designers
Prerequisites:
• Basic Kubernetes terminology and architecture (pod, service, deployment)
• Using terminal to run commands
Language:
• English course material, english speaking instructor