Online
Classroom

Core Kubernetes Masterclass

Part of our k8s Courses

4 days


Course Overview

Kubernetes is a cutting edge technology that will transform the way your company operates. Book this outstanding course and you will not only benefit from high quality course materials. Your Kubernetes course will be delivered by an expert instructor who will go the extra mile to ensure you are entirely satisfied.

If you are looking to up your team’s professional game and give your department a serious boost, then this course a real game changer. Get in touch with us and we can make this course available to you as either a private course, or as a detailed online experience.

Course Prerequisites

Students are expected to have basic knowledge of a Container runtime such as Docker. At a bare minimum students should be familiar with Images, Containers, Volumes, Repositories. During the course we're using Docker. An understanding of basic docker CLI commands is helpful. We advice students to follow our DOCKER-CORE course.

Though not required, it is helpful to have an understanding of linux and basis of networking .

Outline

Introduction

Kubernetes

  • Introduction to kubernetes
  • Understand the need for orchestration
  • History of kubernetes
  • Kubernetes as a microservices platform

Kubernetes Architecture

  • Understand Master and Nodes
  • Understand the role Container Runtime Interface
  • Discuss different runtimes (docker, containerd, cri-o)
  • Introduce the control plane components
  • Introduce master components APIServer, Controller-Manager, Scheduler and etcd
  • Introduce node components kubelet, kube-proxy and the container runtime
  • Discuss other components (kube-dns, dashboard)
  • Discuss monitoring (cAdvisor, Prometheus, Elasticsearch)

Minikube

  • Introduce minikube
  • Understand what is included and which additional components can be enabled
  • Installing and starting minikube
  • Using Docker and minikube

Introduction to kubectl

  • Interacting with your cluster using kubectl
  • Appreciate the declarative nature
  • Use adhoc imperative commands
  • Configuring clusters
  • Managing credentials
  • Setting up different contexts and switching between them
  • Basic kubectl commands

Kubernetes Objects and Resources

Introduction to Objects

  • managing objects using kubectl
  • Understand different categories (workload, services, config etc)
  • Using yaml to define objects
  • introduction to the yaml syntax
  • Organising yaml files
  • Understand meta-data
  • Appreciate labels (define and use them in selectors)
  • Use annotations to add additional information
  • Understand and use namespaces
  • Manage objects inside namespaces

Workload and Service Objects Introduction

  • Understand and define Pods
  • Appreciate the power and ease of ReplicaSets
  • Understand how Deployments ease working with workload objects
  • Introduce Services
  • Understand the relation between Service, Deployment, ReplicaSet and Pods

Pods

  • Understand the Pods life-cycle
  • Defining container(s) inside a pod
  • Understand container isolation (and what shared such as IPC, UTS etc)
  • Defining pods using yaml
  • Understand how controllers may define pods (using templates)
  • Interacting with a pod (logging, exec commands )

Deployments

  • Introduce the Deployment API
  • Define ReplicaSets using replicas
  • Changing and replacing deployments
  • Scaling and auto-scaling deployments
  • Triggering and Managing rolling updates
  • Managing rollouts (revert back, use and manage deployment history, etc)
  • Discuss and appreciate canary deployments
  • Managing the pods health
  • Manage container failure (restartPolicy)
  • Using probes to monitor service availability (e.g, startupProbe,livenessProbe, readinessProbe)

Containers

  • Setting up resource requirements and limits (CPU, RAM)
  • Understanding the container's environment variables
  • Populating the environment using references (fieldRef and resourceFieldRef)
  • Introduce *initContainers**
  • Setup Quotas

Services

  • Understand the problems solved by services
  • Appreciate label selectors
  • Creating Services using yaml
  • Understand the concepts of endpoints
  • Understand basic Service Networking
  • Using kube-dns to find service by name
  • Understand the difference between service types (ClusterIP, NodePort, LoadBalancer)
  • Accessing external services using ExternalName
  • Understand session affinity
  • Appreciate how services can be found by pods (e.g, environment variables, kube-dns)

Ingress

  • Introduce Ingress
  • Discuss various scenarios
  • Using Ingress with StatefulSets
  • Configure paths
  • Using subdomains and virtual hosts
  • Setting up TLS and SSL Termination
  • Configure Ingress using annotations

Volumes

  • Introduce the concept and need for volumes
  • Using node based volumes (hostPath, EmptyDir)
  • Using persistent network volumes (e.g, nfs)
  • Introduce cloud volumes (gcePersistentDisk, awsElasticBlockStore, azureDisk)
  • List other standard volume types (secret, configMap, downwardAPI)
  • Define and use persistentVolumeClaim and PersistentVolumeClaims
  • Using initContainers to initialise data (e.g, git clone)
  • Work with StatefulSets and volumes

Pod Scheduling

  • Introduce the node selection process
  • Scheduling pods to nodes using node selectors
  • Keeping pods away from nodes using taints and tolerations
  • Inviting pods to nodes using affinity
  • Co-locating (or not) pods using podAffinity and podAntiAffinity

More controllers

  • Work with DaemonSet
  • Understand Jobs and recurring ones using CronJob
  • Monitoring CronJobs using a job monitor

Configuration and Secrets

  • Introduce configMaps
  • Defining configMaps using yaml
  • Accessing ConfigMaps through the environment (using envFrom)
  • Mounting config data using configMap volumes
  • Reloading and dynamic config data
  • Understand the challenges for sensitive data
  • Introduce Secrets
  • Defining and using Secrets
  • Setting up TLS Termination on an Ingress
  • Setting up a private docker registry (Nexus)

Security

API Server Security

  • introduce kubernetes security architecture
  • Understand the different between human users and service accounts
  • List different authentication techniques (SSL certificates, tokens, etc)
  • Understand the use of JWT tokens
  • Using tokens inside the pods (mounted secrets)
  • Understand kubernetes authorisation mechanism (verbs/resources)
  • List different authorisation modules (Node, RBAC etc)
  • Restrict user access using rbac
  • Assigning users to standard ClusterRoles
  • Using CertificateSigningRequest to sign user certificates

RBAC

  • Explain RBAC
  • Understand and define Role and ClusterRole
  • Defining access rules
  • Binding roles to users and service accounts (RoleBinding/ClusterRoleBinding)
  • Accessing the API Server from a pod

Network Policies

  • Explain Network Policies
  • Understand the default behaviour in kubernetes
  • Protecting your Network
  • Protecting your Pods
  • Allowing and Denying traffic Ingress and *Egress
  • Isolating namespaces
  • Allowing based on pods and/or namespaces
  • Allowing based on IP Addresses
  • Port level access
  • Policy Patterns

Kustomize

  • Introduction to Kustomize
  • Discuss the benefits of Kustomize
  • Understand bases and the directory structures
  • Understand Resources
  • Introduce low-level constructs (generators, transformers and validators)
  • List the convenience constructs
  • Force labels/annotations on resources
  • Managing names and namespaces
  • Defining ConfigMaps and Secrets
  • Create, merge or replace configMaps/Secrets
  • Using vars for basic reflection
  • Override Deployments image, replicas
  • Introduce Patches
  • Using strategic merge patches
  • Using JSON 6902 patches
  • Introduce and use Components

Tooling

Introduction

  • Overview of common stacks
  • Appreciate Operators

Helm

  • Introduction to Helm (helm 3)
  • Understanding charts
  • Installing and configuring releases
  • Rolling out new version

Elastic Stack (ELK)

  • Understand the Architecture of Elastic Stack
  • Installing and configuring Elastic Stack (basics)
  • Introduce Elastcsearch
  • List different Beats
  • Understand the ETL role of LogStash
  • Using Kibana for visualisation

Monitoring using Prometheus/Grafana

  • Using Prometheus (Operator)
  • Understand the Architecture of Prometheus
  • Understand the structure of a metric
  • Discuss instrumentation techniques (using java, go , python, …)
  • Understand the different metric types (counter, gauge, histogram, …)
  • Installing and configuring Prometheus/Grafana (basics)
  • Discuss federation and scalability
  • List the CustomResourceDefinitions
  • Adding Service Monitors
  • Preparing applications to expose metrics (e.g, Spring Boot)
  • Using exporters
  • Using Grafana dashboards
  • Importing existing dashboards

Log aggregation with Loki

  • introduce Loki
  • Understand the Architecture of Loki
  • Appreciate the indexing behaviour of Loki
  • Discuss benefits of using Loki over other logging solutions
  • Discuss Loki configuration (promtail, storage, scraping, …)
  • Setting up Loki using helm

Public Events

Currently we have no public courses planned for Core Kubernetes Masterclass

Private Events

Do you have a team that needs a Core Kubernetes Masterclass course?

Contact Us

Send us a message

This Core Kubernetes Masterclass course looks very interesting, I do however have a question