Kubernetes (using minikube or AWS)

Duration: 3 days

Kubernetes is a cutting edge technology that will transform the way your company operates. Book this outstanding course and you will not only benefit from high quality course materials. Your Kubernetes course will be delivered by an expert instructor who will go the extra mile to ensure you are entirely satisfied.

If you are looking to up your team’s professional game and give your department a serious boost, then this course a real game changer. Get in touch with us and we can make this course available to you as either a private course, or as a detailed online experience.

During this course you can either use minikube or use your own AWS account to perform the labs.

Students are expected to have basic knowledge of Docker. At a bare minimum students should be familiar with Images, Containers, Volumes, Repositories and basic docker CLI commands. We advice students to follow our DOCKER-CORE course.

Though not required, it is helpful to have an understanding of linux and networking .

Please find the course objectives below:

Introduction

Kubernetes

  • Introduction to kubernetes
  • Understand the need for orchestration
  • History of kubernetes
  • Kubernetes as a microservices platform

Kubernetes Architecture

  • Understand Master and Nodes
  • Introduce master components APIServer, Controller-Manager, Scheduler and etcd
  • Introduce node components kubelet, kube-proxy and the container runtime
  • Discuss other components (kube-dns, dashboard)
  • Discuss monitoring (cAdvisor, Prometheus, Elasticsearch)

Minikube

  • Introduce minikube
  • Understand what is included and which additional components can be enabled
  • Installing and starting minikube
  • Docker and minikube

AWS (optional)

  • Setting up a Kubernetes cluster using AWS
  • Introduction to EKS
  • Proivisionin worker nodes
  • Understanding kubernetes and volume storage
  • Installing the kubernetes dashboard on your cluster
  • Using the aws CLI tool

Introduction to kubectl

  • Interacting with your cluster using kubectl
  • Configuring clusters
  • Managing credentials
  • Setting up different contexts and switching between them
  • Basic kubectrl commands

Kubernetes Objects and Resources

Introduction to Objects

  • managing objects using kubectl
  • Understand different categories (workload, services, config etc)
  • Using yaml to define objects
  • introduction to the yaml syntax
  • Organising yaml files
  • Understand meta-data
  • Appreciate labels (define and use them in selectors)
  • Use annotations to add addtional information
  • Understand and use namespaces
  • Manage objects inside namespaces

Workload and Service Objects Introduction

  • Understand and define Pods
  • Appreciate the power and ease of ReplicaSets
  • Understand how Deployments ease working with workload objects
  • Introduce Services
  • Understand the relation between Service, Deployment, ReplicaSet and Pods

Pods

  • Understand the Pods life-cycle
  • Defining container(s) inside a pod
  • Understand container isolation (and what shared such as IPC, UTS etc)
  • Defining pods using yaml
  • Understand how controllers may define pods (using templates)
  • Interacting with a pod (logging, exec commands )

Deployments

  • Introduce the Deployment API
  • Define ReplicaSets using replicas
  • Changing and replacing deployments
  • Scaling and auto-scaling deployments
  • Triggering and Managing rolling updates
  • Managing rollouts (revert back, use and manage deployment history, etc)
  • Discuss and appreciate canary deployments
  • Managing the pods health
  • Manage container failure (restartPolicy)
  • Using probes to monitor service availability (e.g, livenessProbe, readinessProbe)

Containers

  • Setting up resource requiremnts and limits (CPU, RAM)
  • Understanding the container's environment variables
  • Populating the environment using references (fieldRef and resourceFieldRef)
  • Introduce *initContainers**

Services

  • Understand the problems solved by services
  • Appreciate label selectors
  • Creating Services using yaml
  • Understand the concepts of endpoints
  • Understand basic Service Networking
  • Using kube-dns to find service by name
  • Understand the difference between service types (ClusterIP, NodePort, LoadBalancer)
  • Accessing external services using ExternalName
  • Understand session affinity
  • Appreciate how services can be found by pods (e.g, environment variables, kube-dns)

Ingress

  • Introduce Ingress
  • Discuss various scenarios
  • Using Ingress with StatefulSets
  • Configure paths
  • Using subdomains and virtual hosts
  • Setting up TLS and SSL Termination
  • Configure Ingress using annotations

Volumes

  • Introduce the concept and need for volumes
  • Using node based volumes (hostPath, EmptyDir)
  • Using persistent network volumes (e.g, nfs)
  • Introduce cloud volumes (gcePersistentDisk, awsElasticBlockStore, azureDisk)
  • List other standard volume types (secret, configMap, downwardAPI)
  • Define and use persistentVolumeClaim and PersistentVolumeClaims
  • Using initContainers to initialise data (e.g, git clone)
  • Work with StatefulSets and volumes

Pod Scheduling

  • Introduce the node selection process
  • Scheduling pods to nodes using node selectors
  • Keeping pods away from nodes using taints and tolerations
  • Inviting pods to nodes using affinity
  • Co-locating (or not) pods using podAffinity and podAntiAffinity
  • Work with DaemonSet
  • Understand Jobs and recurring ones using CronJob
  • Monitoring CronJobs using a job monitor

Configuration and Secret data

  • Introduce configMaps
  • Defining configMaps using yaml
  • Accessing ConfigMaps through the environment (using envFrom)
  • Mounting config data using configMap volumes
  • Reloading and dynamic config data
  • Understand the challenges for sensitive data
  • Introduce Secrets
  • Defining and using Secrets
  • Setting up a private docker registry (Nexus)

Security

API Server Security

  • introduce kubernetes security architecture
  • Understand the different between human users and service accounts
  • List different authentication techniques (SSL certificates, tokens, etc)
  • Understand the use of JWT tokens
  • Using tokens inside the pods (mounted secrets)
  • Understand kubernetes authorisation mechanism (verbs/resources)
  • List different authorisation modules (Node, RBAC etc)

RBAC

  • Explain RBAC
  • Understand and define Role and ClusterRole
  • Defining access rules
  • Binding roles to users and service accounts (RoleBinding/ClusterRoleBinding)
  • Accessing the API Server from a pod

Network Policies

  • Explain Network Policies
  • Understand the default behaviour in kubernetes
  • Protecting your Network
  • Protecting your Pods
  • Allowing and Denying traffic Ingress and *Egress
  • Isolating namespaces
  • Allowing based on pods and/or namespaces
  • Allowing based on IP Addresses
  • Port level access
  • Policy Patterns

Tooling

Helm

  • Introduction to Helm
  • Understand Tiller (Helm 2)
  • Understanding charts
  • Installing and configuring releases
  • Rolling out new version

Elastic Stack (ELK)

  • Understand the Architecture of Elastic Stack
  • Installing and configuring Elastic Stack (basics)
  • Introduce Elastcsearch
  • List different Beats
  • Understand the ETL role of LogStash
  • Using Kibana for visiualtion

Monitoring using Prometheus/Grafana

  • Using Prometheus
  • Understand the Architecture of Prometheus
  • Installing and configuring Prometheus/Grafana (basics)
  • Adding Service Monitors
  • Preparing applications to expose metrics (e.g, Spring Boot)
  • Using exporters
  • Using Grafana dashboards
  • Importing existing dashboards
For an onsite course please contact us