Real-life Kubernetes

• Offer a thorough understanding of orchestrating and managing containerized applications and systems within a Kubernetes environment.
• Cover a broad spectrum of topics ranging from basic architectural components, deployment strategies, network and storage management, configuration management, resource control, security protocols, to advanced operational methodologies in Kubernetes.
• Deliver profound knowledge and practical expertise through a structured module-based learning path, equipping students with the requisite skills to tackle real-world challenges of container orchestration and microservices management.
• Serve IT professionals aspiring to bolster their competencies and knowledge in Kubernetes, preparing them for roles such as Kubernetes Administrators, DevOps Engineers, or Site Reliability Engineers.

• Developers,
• Software Architects,
• Technical Project Managers,
• System Administrators.

After completing the course, students will be able to:

• Understand and articulate the architecture of a Kubernetes cluster, including the roles of master and worker nodes, etcd, kubelet, and controllers.
• Deploy, manage, and scale containerized applications using Kubernetes, employing various deployment strategies and managing networking and storage resources effectively.
• Implement and manage Kubernetes services for traffic routing, load balancing, and service discovery, ensuring efficient communication between microservices within and across clusters.
• Configure and manage persistent storage solutions in Kubernetes to ensure data retention across pod restarts and system upgrades.
• Employ Kubernetes configuration management tools like ConfigMaps, Kustomize, and secrets management to ensure consistent application configurations across different environments.
• Implement resource control policies, auto-scaling, and scheduling algorithms to optimize resource utilization and ensure high availability and reliability of deployed applications.
• Enhance Kubernetes cluster security using RBAC, service accounts, pod security policies, and network policies, integrating with external security providers as needed.
• Apply advanced operational strategies including the use of Helm charts, Operator pattern, and Custom Resource Definitions to manage complex deployments and custom resources in a Kubernetes environment.
• Analyze and troubleshoot common issues within a Kubernetes environment using various debugging and diagnostic tools, ensuring smooth day-to-day operations and maintenance

Before attending this course, students must have:

• Basic understanding of computer networks, hardware, and software concepts.
• Familiarity with operating system principles, particularly around processes, memory, and file systems.
• Experience with using Linux-based operating systems is beneficial, as Kubernetes predominantly operates in such environments.
• Understanding of containerization concepts and Docker technology is advantageous.
• Basic knowledge of scripting or programming languages such as Bash, Python, or Go is recommended to follow along with the practical components of the course

Students will be able to use slides and code from the course.

Video recordings of the online sessions will be available for 1 month after the course.

Module 1: introduction

• Architecture overview: master node, worker nodes, etcd, kubelet, controllers
• Anatomy of a pod: the main container, init containers, sidecars, labels, probes
• Basic commands and debugging tricks
• Practice: deploy an application as a Pod with the primary process, implement initialization logic executed in init containers, add watchdog containers and probes

Module 2: deployments and services

• Anatomy of a deployment: types of deployments, replica set, replica count
• Introduction to Kubernetes networking
• Anatomy of a service: traffic routing, labels, port mapping
• Service types: node port, cluster IP, load balancer
• Anatomy of kubeproxy
• Introduction to service meshes
• Practice: configure application traffic routing, implement different service types, implement canary release procedure

Module 3: storage

• Persistent volumes: volume types, volume resizing, volume snapshots
• Working with complex deployments: stateful sets
• Job and Cron-jobs
• Practice: configure stateful deployment for an HA database (PostgreSQL or MariaDB); configure an HA caching layer (Redis) for your application; implement a scheduled backup procedure for an HA database

Module 4: configuration management

• Configuration management: config maps, reloadable configurations
• Deployment time configuration injection with Kustomize
• Secrets management and integration with service discovery service (Consul and Vault)
• Introduction into Kubernetes admission webhooks and cluster events
• Practice: implement two environments (applications + data storage) running in different namespaces with different settings, implement automatic configuration propagation at run time using different mechanisms

Module 5: resource control and scheduling

• Resource management: resource requests and limits
• Anatomy of a node pool
• Taints and tolerations, scheduling internals
• Dive into built-in resource monitoring and metrics
• Auto-scaling policies and range limiters
• Practice: adjust resource limits for existing deployments; implement auto-limit and auto-scaling policies

Module 6: security

• Cluster security with RBAC, service accounts, cluster roles, namespace security
• Integrating with external security providers
• Pod security and network policies
• Practice: implement cross-environment security policies with the help of service accounts and external LDAP integration; limit network traffic between pods

Module 7: advanced operations

• Day-1 vs. Day-2 operations
• Introduction to Helm charts
• Introduction to Operator pattern
• Custom resource definitions
• Practice: implement operator from a given template with Bash or Python