Kubernetes Deep Dive
Duration: 5 Days
What You Will Learn:
The purpose of this course is to teach our participants how everything fits together to run distributed applications in Kubernetes and learn how to start designing and operating application orchestration solutions.
Important Note:
Participants should receive Docker Fundamentals and Docker Deep Dive training before attending this course.
Course Index:
Module 1: Containers & : Kubernetes Architecture
• Different ways of packaging software
• Container benefits
• Container implementation
• Sample app architecture
• Kubernetes components
• Managed Kubernetes platforms
• Infrastructure providers
• Deployment automation
• Pods
• Pod Lifecycle
• Service types
• Proxy modes
• Service discovery (ENV, DNS)
• Use cases for Secrets and ConfigMaps
• Different ways of mapping Secrets into containers
• Multi-container pod design
• Use cases for using init containers
• When to use pod/node affinity/anti-affinity
• Some details about Kubernetes scheduler and how it uses affinity settings
• Difference between requests and limits pod settings
• Limit types
• The default behavior when limits and requests are unset
Module 2: Deployment and Managing Applications.
• Deployments and ReplicaSets
• Deployment rolling updates behavior
• Difference between liveness and readiness probes
• Health Checks types (exec, TCP, HTTP)
• How pod autoscaling works
• Horizontal vs vertical autoscaling
• Jobs use cases
• Difference between Jobs and CronJobs
• Persistency in kubernetes
• PersistentVolumes and PersistentVolumeClaims
• Storage Classes
• StatefullSet (use cases and difference from Deployments)
• Using Headless Services in combination with StatefullSets
• Using ReadinesProbes in a combination with StatefullSets
• Ingress vs LoadBalancer services
• Types of Ingress (GCP LB, nginx, etc)
• Configuring ingress
• Ingress in on-prem installations
Module 3: Logging & Monitoring
• Helm architecture
• How to secure Helm
• Logging architecture in Kubernetes
• Logging patterns (sidecar, node agent, etc)
• ELK architecture
• ELK authentication and authorization
• Monitoring architecture
• Metric sources (container metrics, API metrics, etc)
• Prometheus architecture
• Building CI/CD pipelines with Kubernetes
• Deployment patterns (Canary, blue-green deployments)
• Using Jenkins with Kubernetes
Module 4: Troubleshooting & Authentication
• Kubernete installers (kubeadm, kops, kubespray)
• Using managed Kubernetes
• Cluster updates and upgrades
• Isolating nodes with different characteristics (node pools)
• User, groups and service accounts
• Authentication strategies (Client Certs, Bearer tokens, Authenticating Proxy, etc)
• OAuth2 and OpenID Connect
• Role and ClusterRole
• Binding roles
• Istio use cases and features
• Istio architecture