Kubernetes Course Duration:40 Hrs
Course Details
WE WILL SETUP KUBERNETES LABS USING
- Desktop
- Minikube
- Virtual machines (Oracle VMbox) + Vagrant
- AWS (Cloud) (kops + Terraform)
- We may also introduce Rancher cluster
SKILLS COVERED
- server and scheduler
- Kubelets
- Scheduling pods
- Logging and monitoring clusters
- Application lifecycle management
- Cluster maintenance
- Security and authentication
- Storage and volumes
- DNS Networking CoreDNS CNI
- Application failures
- Control panel failures
- Network failures
FUNDAMENTALS:
Set up prerequisites, learn about the Kubernetes architecture, and deploy a Kubernetes instance needed in other exercises.
-
COURSE INTRODUCTION
A few things about CETBIZ, getting to know each other, overall information on the schedule and agenda of the course, as well as useful links.
-
UNDERSTANDING KUBERNETES ARCHITECTURE
Learn how to deploy Kubernetes. Get familiar with managed K8s platforms, infrastructure providers, and Kubernetes components
-
KUBERNETES BASICS
Get familiar with Kubernetes and its benefits compared to other products, an intro to CNCF. Create a Docker image by yourself, start a Docker container, mount volume inside the container, and change the network to host.
RUNNING APPLICATIONS:
Learn how to run your applications on Kubernetes—both stateless and stateful
-
DEPLOYMENTS
Create a deployment and observe how Kubernetes restarts containers. Get to know the most common deployment use cases, as well as learn how to update and roll back deployments.
-
HEALTH CHECKS
Deploy a pod with a health check, learn how to use readiness probe, as well as create health check for an nginx pod and the one using TCP sockets.
-
LABELS, SELECTOR AND ANNOTATIONS
Get practical skills in using selectors and labels in pods.
-
PODS
Launch a pod using a container image and the one using a configuration file, deploy a pod from a custom image, and practice in limiting pod resources. Learn about pods, multi-container pod design, and pod’s life cycle.
-
VOLUMES AND DATA
Familiarize with Persistent volume, Persistent volume claim, Volume life cycle and types, access modes and a storage class. Deploy WordPress and MySQL with Persistent Volumes, do the Static persistent volume provisioning, and observe how persistent volume is reattached.
OPERATIONS:
-
CI/CD
Discussion around continuous integration / delivery tools, understanding a CI/CD pipeline structure, and deploying a sample application using the Jenkins pipeline.
-
CLUSTER UPGRADES AND CUSTOMIZATION
Learn how to update clusters and familiarize with Addons. Install the Kubernetes Dashboard Addon by yourself, change the cluster configuration, deploy a highly available cluster, and learn how to add Heapster metrics to the Kubernetes Dashboard
-
LOGGING
Install the Kubernetes Elasticsearch logging add-on, setup a Kibana Dashboard for Kube-System, learn how to parse logs, as well as familiarize with Node-level logging, Sidecar log streaming, Sidecar with a logging agent, system components logs, ELK log flow, and Grok filters.
-
MONITORING
Deploy a new application and configure it for monitoring, while getting familiar with alerting. Discover general monitoring architecture, cAdvisor and InfluxDB + Grafana.
-
REVISING INFRASTRUCTURE WITH TERRAFORM
Manually deploy a new cluster using Terraform, perform advanced cluster troubleshooting (optional), and learn Terraform.
NETWORKING:
Topics include setting up the ingress to balance external traffic between the pods and exposing the applications to the outer world using services
-
DNS IN KUBERNETES
Understand how Kubernetes uses DNS internally for service discovery and how to integrate internal Kubernetes DNS with the external one. Explore service name resolution in practice.
-
INGRESS
Deploy a sample app using ingress, as well as practice in specifying an app host and in using TLS. Familiarize with ingress controllers, singe-services ingress, simple-fanout ingress, and name-based virtual hosting ingress; get an introduction to TLS termination.
-
NETWORKING
Install Kubernetes Addons, learn how to track iptables changes while re-deploying the service. Familiarize with cluster networking, Container Networking Interface (CNI), plug-in comparison, network policies, cluster DNS along with external load balancers, service networking internals, as well as pod and service iptables rules.
-
SERVICES
Discover Service types and proxy modes. Deploy a PHP Guestbook application with Redis, investigate source code of the sample, manually connect to Redis from an app pod, and perform the Blue-Green deployment.
SECURITY:
How to keep the platform secure and guarantee fair share of cluster resources to each of the multiple teams using the cluster
-
NAMESPACES AND RBAC
Get practical skills in using namespaces and RBAC, work with namespace resource limits, assign the default view cluster role to a user, and try to deploy a pod. Get familiar with Role and ClusterRole, Binding roles, as well as user, groups, and service accounts and API Objects.
-
QUOTAS
Resource limits and requests, default admission controller for the namespace and different resource types. Configure the quota for the namespace and try to schedule pods that use more resources.
-
SECRETS AND CONFIGMAPS
Practice in storing secrets on Kubernetes, learn how to access secrets from environment variables and to use config maps. Discover more about storing sensitive information and configuration.
-
SECURITY
Get to know how to secure your cluster, familiarize with API Authentication, Authorization and Access, explore Admission Control, and learn more about Securing Docker Images, Pod Security Policy (PSP), and Security Contexts.
OTHER TOPICS:
-
CUSTOM RESOURCE DEFINITIONS(CRD)
Learn about extending Kubernetes beyond the standard resource types. Create custom resource definition and explore it.
-
DOWNWARD API
Learn how a container can get data about the environment it is running—what the resource limitations are, what the namespace is. Use both environmental variables and volumes.
-
HELM
Learn what is Helm, how to use it to deploy Prometheus and how to secure it