Online
Classroom

Core Kubernetes Masterclass

Part of our "Kubernetes & MSA" courses

4 days


Course Overview

Kubernetes is a cutting edge technology that will transform the way your company operates. Book this outstanding course and you will not only benefit from high quality course materials. Your Kubernetes course will be delivered by an expert instructor who will go the extra mile to ensure you are entirely satisfied.

If you are looking to up your team’s professional game and give your department a serious boost, then this course a real game changer. Get in touch with us and we can make this course available to you as either a private course, or as a detailed online experience.

Course Prerequisites

Students are expected to have basic knowledge of a Container runtime such as Docker. At a bare minimum students should be familiar with Images, Containers, Volumes, Repositories. During the course we're using Docker. An understanding of basic docker CLI commands is helpful. We advice students to follow our DOCKER-CORE course.

Though not required, it is helpful to have an understanding of linux and basis of networking .

Outline

As with all our courses, this is foremost a course to prepare developers for their work with kubernetes. We value project-oriented values over personal ones such as certifications. Nonetheless this course is an excellent preparation for the CKAD exam. You just learn more than is needed for the exam (skills important within a work environment)

How does this course map to the CKAD requirements?

  • Application Design and Build: Fully covered during his course. Make sure you also have the skills as covered in our Core Docker course.
  • Application Deployment: Managing deployments (including canary) and helm are fully covered during this course.
  • Application Observability and Maintenance: This is a very important part of the course. In addition to explaining the required concepts, students value the hands-on approach of this course that provides a lot of opportunity to debug, troubleshoot and monitor application behaviour.
  • Application Environment, Configuration and Security: You will be deploying real-life applications that require plenty of configuration and secrets. We'll also explore security and how to access the kubernetes API server using service accounts and hence have to setup the security for that.
  • Services and Networking: You'll get plenty of exposure to using and troubleshooting service access, including external services through ingress rules. We introduce network policy (full details of these policies are further explored in our Kubernetes Admin course.)

We also offer a Kubernetes Admin course that is more geared towards Administrators, but is also very valuable to Developers.

Introduction

Kubernetes

  • Introduction to kubernetes
  • Understand the need for orchestration
  • History of kubernetes
  • Kubernetes as a microservices platform

Kubernetes Architecture

  • Understand Masters and Worker Nodes
  • Understand the role Container Runtime Interface
  • Discuss different runtimes (docker, containerd, cri-o)
  • Introduce the control plane components
  • Introduce master components APIServer, Controller-Manager, Scheduler and etcd
  • Introduce node components kubelet, kube-proxy and the container runtime
  • Discuss other components (kube-dns, dashboard)
  • Discuss monitoring (cAdvisor, Prometheus, Elasticsearch)

Minikube

  • Introduce minikube
  • Understand what is included and which additional components can be enabled
  • Installing and starting minikube
  • Using Docker and minikube

Introduction to kubectl

  • Interacting with your cluster using kubectl
  • Appreciate the declarative nature
  • Use adhoc imperative commands
  • Configuring clusters
  • Managing credentials
  • Setting up different contexts and switching between them
  • Basic kubectl commands
  • patching resources
  • use service-side apply (SSA)

Kubernetes Objects and Resources

Introduction to Objects

  • managing objects using kubectl
  • Understand different categories (workload, services, config etc)
  • Using yaml to define objects
  • introduction to the yaml syntax
  • Organising yaml files
  • Understand meta-data
  • Appreciate labels (define and use them in selectors)
  • Use annotations to add additional information
  • Understand and use namespaces
  • Manage objects inside namespaces

Workload and Service Objects Introduction

  • Understand and define Pods
  • Appreciate the power and ease of ReplicaSets
  • Understand how Deployments ease working with workload objects
  • Introduce Services
  • Understand the relation between Service, Deployment, ReplicaSet and Pods

Pods

  • Understand the Pods life-cycle
  • Defining container(s) inside a pod
  • Understand container isolation (and what shared such as IPC, UTS etc)
  • Defining pods using yaml
  • Understand how controllers may define pods (using templates)
  • Interacting with a pod (logging, exec commands )

Deployments

  • Introduce the Deployment API
  • Define ReplicaSets using replicas
  • Changing and replacing deployments
  • Scaling and auto-scaling deployments
  • Understand and change the securityContext
  • Triggering and Managing rolling updates
  • Managing rollouts (revert back, use and manage deployment history, etc)
  • Discuss and appreciate canary deployments
  • Using initContainers for initialisation
  • Discuss the side-car pattern

Services

  • Understand the problems solved by services
  • Appreciate label selectors
  • Creating Services using yaml
  • Understand the concepts of endpoints
  • Understand basic Service Networking
  • Using kube-dns to find service by name
  • Understand the difference between service types (ClusterIP, NodePort, LoadBalancer)
  • Accessing external services using ExternalName
  • Understand session affinity
  • Appreciate how services can be found by pods (e.g, environment variables, kube-dns)

Managing Pods and Containers

  • Understanding the container's environment variables
  • Managing the pods health
  • Manage container failure (restartPolicy)
  • Using probes to monitor container availability (e.g, startupProbe,livenessProbe, readinessProbe)
  • best practices for probes (configuration, when not to use, impact in rolling updates etc)
  • Setting up resource requirements and limits (CPU, RAM, storage)
  • Populating the environment using references (fieldRef and resourceFieldRef)
  • Setup Quotas
  • Discuss security context
  • Manage UID and GID of container processes
  • Discuss hardening pod and container security
  • use Pod Priority and pod disruption policies

Auto scaling

  • Introduce the different auto scaling solutions (horizontal, vertical, cluster)
  • introduce the Horizontal Pod Autoscaler (HPA)
  • Understand the different types of HPA (resouce/custom/external)
  • Discuss the HPA algorithm and various time related configurations (forbidden windows, sync periods, …)
  • Define Resource type HPAs
  • Define custom type HPAs (using prometheus)
  • Add scale up and down behavior

Ingress

  • Introduce Ingress
  • Discuss various scenarios
  • Using Ingress with StatefulSets
  • Configure paths
  • Using subdomains and virtual hosts
  • Setting up TLS and SSL Termination
  • Configure Ingress using annotations

Storage and Persistence(Volumes)

  • Introduce the concept and need for volumes
  • Using ephemeral volumes (hostPath, EmptyDir)
  • Introduce cloud volumes (gcePersistentDisk, awsElasticBlockStore, azureDisk)
  • List other standard volume types (secret, configMap, downwardAPI, projected, …)
  • Define and use PersistentVolumeClaim (PV) and PersistentVolumeClaims (PVC)
  • Understand the difference between static and dynamic provisioning
  • Statically provision PVs
  • Understand the implications of choosing retention policies
  • Appreciate the concept of StorageClass resources
  • Use dynamic provisioning of pvs
  • Choose file vs block volume types
  • Understand how to extend storage capabilities using CSI Drivers
  • Use local volume types for replication aware applications (e.g, Kafka)
  • fix file permissions using securityContext

Stateful Sets

  • Introduce StatefulSets (sts)
  • Discuss scaling stateful services (and use-cases)
  • understand the relation between sts and persistent volumes claims
  • Understand the role of headless (and "headful") services
  • Introduce and discuss operators to ease management of stateful services

More controllers

  • Work with DaemonSet
  • Understand Jobs and recurring ones using CronJob
  • Monitoring CronJobs using a job monitor

Configuration and Secrets

  • Introduce configMaps
  • Defining configMaps using yaml
  • Accessing ConfigMaps through the environment (using envFrom)
  • Mounting config data using configMap volumes
  • Reloading and dynamic config data
  • Understand the challenges for sensitive data
  • Introduce Secrets
  • Defining and using Secrets
  • Setting up TLS Termination on an Ingress
  • Setting up a private docker registry (Nexus)

Security

API Server Security

  • introduce kubernetes security architecture
  • Understand the different between human users and service accounts
  • List different authentication techniques (SSL certificates, tokens, etc)
  • Understand the use of JWT tokens
  • Using tokens inside the pods (mounted secrets)
  • Understand kubernetes authorisation mechanism (verbs/resources)
  • List different authorisation modules (Node, RBAC etc)
  • Restrict user access using rbac
  • Assigning users to standard ClusterRoles
  • Using CertificateSigningRequest to sign user certificates
  • Introduce Network Policies
  • Allowing and Denying traffic Ingress and *Egress

RBAC

  • Explain RBAC
  • Understand and define Role and ClusterRole
  • Defining access rules
  • Binding roles to service accounts (RoleBinding/ClusterRoleBinding)
  • Accessing the API Server from a pod

Kustomize

  • Introduction to Kustomize
  • Discuss the benefits of Kustomize
  • Understand bases and the directory structures
  • Understand Resources
  • Introduce low-level constructs (generators, transformers and validators)
  • List the convenience constructs
  • Force labels/annotations on resources
  • Managing names and namespaces
  • Defining ConfigMaps and Secrets
  • Create, merge or replace configMaps/Secrets
  • Using vars for basic reflection
  • Override Deployments image, replicas
  • Introduce Patches
  • Using strategic merge patches
  • Using JSON 6902 patches
  • Introduce and use Components

Tooling

Introduction

  • Overview of common stacks
  • Appreciate Operators

Helm

  • Introduction to Helm (helm 3)
  • Understanding charts
  • Installing and configuring releases
  • Rolling out new version

Monitoring Prometheus/Grafana/Loki

  • Using Prometheus (Operator)
  • Understand the Architecture of Prometheus
  • Understand the structure of a metric
  • Discuss instrumentation techniques (using java, go , python, …)
  • Understand the different metric types (counter, gauge, histogram, …)
  • Installing and configuring Prometheus/Grafana (basics)
  • Discuss federation and scalability
  • List the CustomResourceDefinitions
  • Adding Service Monitors
  • Preparing applications to expose metrics (e.g, Spring Boot)
  • Using exporters
  • Using Grafana dashboards
  • Importing existing dashboards
  • Discuss and add Loki

Public Events

Currently we have no public courses planned for Core Kubernetes Masterclass

Private Events

Do you have a team that needs a Core Kubernetes Masterclass course?

Contact Us

Send us a message

This Core Kubernetes Masterclass course looks very interesting, I do however have a question