[TRAINING] Kubernetes Deep Dive: Silicon Valley, Venue is to be confirmed soon!, Monday, 24. February 2020

At the end of the course, all participants receive a certificate of attendance. This certificate includes the training duration and contents, and proves the attendee’s knowledge of the emerging technology. Each student gets a free CKA/CKAD exam voucher after completing the training.

This four day course teaches students both fundamental and advanced Kubernetes topics in the first three days. Students will deploy Kubernetes cluster to GCP using kops, learn how to store configuration in ConfigMaps and internals of the cluster networking. They will be able to efficiently deploy and operate their applications on top of the cloud-native platform. The fourth day is deep dive into Kubernetes internals including kubelet, API server, scheduling algorithm and networking model. After completing the course students are able to design and implement Kubernetes clusters effectively.
Who should attend?

Architects, Operators and DevOps engineers who are planning to bootstrap and operate fault tolerant Kubernetes clusters in production;
Everyone who wants to be prepared to pass the Certified Kubernetes Administrator exam successfully.

Course objectives
The course is intended to onboard operators and DevOps engineers to the Kubernetes platform, providing the students with:

An understanding of how Kubernetes handles container-based distributed workloads.
Practical skills required to spin up a Kubernetes cluster.
The experience required to successfully operate and manage Kubernetes clusters.

Day 1
a) Introduction 

Useful links for the course
Overview of the training methodology

b) Containers 

Different ways of packaging software
Container benefits
Container implementation
Sample app architecture


Use Dockerfile to package a sample app into a container
Run the app in a container 
Expose ports
Mount Volumes
Connect from one container to another using DNS
 Deploy a container using host and bridge mode, examine the difference
Upload the image to the Container Registry

c) Kubernetes Architecture 

Kubernetes components
Managed Kubernetes platforms
Infrastructure providers
Deployment automation                 


Deploy Kubernetes to GCP

d) Pods 

Pod Lifecycle


Deploy the Sample App to Kubernetes
Deploy a pod using a custom image
Use exec to connect to deployed running container inside a pod

e) Services

Service types
Proxy modes
Service discovery (ENV, DNS)


Connect Sample App components together using service
Use DNS service discovery
Use LoadBalancer service to expose the app
Implement blue-green deployment pattern using services

f) Secrets and ConfigMaps

Use cases for Secrets and ConfigMaps
Different ways of mapping Secrets into containers


 Modify the sample app to use Secrets and ConfigMaps to externalize application credentials and configuration

g) Sidecars and Init Containers

Multi-container pod design
Use cases for using init containers


Deploy init container that runs application DB migrations
Deploy a simple sidecar container, examine how networking works between containers in a pod.

h) Affinity and Anti-affinity

When to use pod/node affinity/anti-affinity
Some details about Kubernetes scheduler and how it uses affinity settings


Configure node/pod affinity and anti-affinity to configure how Kubernetes schedules containers

i) Pod limits

Difference between requests and limits pod settings
Limit types
The default behavior when limits and requests are unset


Verify how high resource usage by a single pod can affect the whole node
Set limits to enforce resource limitation
Verify that limits are applied

Day 2
a) Deployments

Deployments and ReplicaSets
Deployment rolling updates behavior


Redeploy sample app using the deployment object
Scale the deployment
Update and rollout the deployment
View deployment history
Rollback the deployment
Configure deployment rollover parameters

b) Health Checks

Difference between liveness and readiness probes
Health Checks types (exec, TCP, HTTP)


Define a custom liveness probe
Define  a custom readiness probe
Test that the probes are working
Experiment with probe types

 c) Autoscaling

How pod autoscaling works
Horizontal vs vertical autoscaling


Define horizontal autoscaler to the sample app
Test the autoscaler

 d) Jobs

Jobs use cases
Difference between Jobs and CronJobs


Create a CronJob to automate sample app database backup

e) Volumes and Data

Persistency in kubernetes
PersistentVolumes and PersistentVolumeClaims
Storage Classes


Use a Persistent Volume to Store sample app data
Convert the volume to PersistentVolumeClaim
Create and test a STorage Class

f) Managing clustered stateful applications

StatefullSet (use cases and difference from Deployments)
Using Headless Services in combination with StatefullSets
Using ReadinesProbes in a combination with StatefullSets


Prepare MySQL Galera cluster docker image
Prepare headless service needed to perform service discovery during cluster bootstrap
Deploy Galera cluster as a StatefullSet
Attach PersistentVolumeClaim to each node in the StatefullSet

g) Ingress

Ingress vs LoadBalancer services
Types of Ingress (GCP LB, nginx, etc)
Configuring ingress
Ingress in on-prem installations


Serve app traffic from the Ingress instead of LoadBalancer service
Use static IP with Ingress
Specify app domain
Add SSL support

Day 3
 a) Helm

 Helm architecture
How to secure Helm


Use Helm to deploy a sample service
Write a sample Helm chart

 b) Logging

Logging architecture in Kubernetes
Logging patterns (sidecar, node agent, etc)
ELK architecture
ELK authentication and authorization


Use helm to deploy ELK
Reverse engineer ELK helm chart
Deploy custom ELK based on the manifests from the helm chart
Access cluster components logs
Access application logs
Use filters in kibana, setup custom dashboards

  c) Monitoring

Monitoring architecture
Metric sources (container metrics, API metrics, etc)
Prometheus architecture


Use helm to deploy Prometheus
Reverse engineer Prometheus deployment
Deploy custom Prometheus based on the manifests from the helm chart
Check default dashboards in grafana
Create a custom dashboard
Use Prometheus UI to run queries
Use AlertManager to setup custom alert

  d) CI/CD

Building CI/CD pipelines with Kubernetes
Deployment patterns (Canary, blue-green deployments)
Using Jenkins with Kubernetes


Deploy Jenkins
Create pipeline to build the sample app
Add deployment stage
Add test stage
Use canary deployments with Jenkins
Deploy in different environments (dev, test)
Rollback the deployment

Day 4
 a) Managing Kubernetes cluster

Kubernete installers (kubeadm, kops, kubespray)
Using managed Kubernetes
Cluster updates and upgrades
Isolating nodes with different characteristics (node pools)


Use gcloud cli to deploy and upgrade a managed kubernetes cluster
Use kops to deploy and upgrade a cluster
Use terraform to initialize infrastructure for kubespray
Use kubespray to deploy and upgrade a cluster
Verify that all clusters are working

b) Authentication in Kubernetes

User, groups and service accounts
Authentication strategies (Client Certs, Bearer tokens, Authenticating Proxy, etc)
OAuth2 and OpenID Connect


Examine ClientCert workflow: Create a user by signing generating a cert and signing it with cluster CA
Examine the Bearer Tokens workflow: use service account tokens
Reconfigure API server to use OpenID Connect

с) Namespaces and RBAC (Authorization in Kubernetes)

Role and ClusterRole
Binding roles


Create and configure namespaces
Create and assign Roles and ClusterRoles
Check that roles are enforced
Apply namespace resource limits

d) Istio

Istio use cases and features
Istio architecture


Install and configure Istio
Deploy the sample app with an istio sidecar
Use Istio monitoring and tracing
Setup Route Rules and Virtual Services
Use Request Routing
Use Fault Injection
Use Traffic Mirroring
Use Circuit Breaking
Controll ingress traffic [Using Istio Ingress]
Use Traffic Shifting
Use Rate-limiting with Memorystore and Redis

A laptop with:

An SSH terminal client (like ssh or Putty)
A tool to transfer files over SSH (like scp)
A web browser (Chrome/Firefox)
Internet connection (outgoing connections on TCP ports 22, 80, 8080 and 443)
Access to the Google Cloud Platform and Google Cloud Console

Payment info:

If you would like to get an invoice for your company to pay for this training, please email to training@altoros.com and provide us with the following info:

Name of your Company/Division which you would like to be invoiced;
Name of the person the invoice should be addressed to;
Mailing address;
Purchase order # to put on the invoice (if required by your company).

Read Kubernetes news and insights on our blog : 

Watch free recorded webinars on Cloud-Native-related topics (choose tag CLOUD FOUNDRY)

! Please note the training is contingent upon having 5 attendees. If we don't have enough tickets sold, we will cancel the training and refund your money one week prior to the training. Thanks for your understanding.

This training is provided by Altoros, Cloud Foundry Summit approved training provider. Altoros has delivered training to VMware, SAP, EMC, Hospira, Siemens, Fidelity, and many others.

Monday, 24. February 2020, Venue is to be confirmed soon!, [TRAINING] Kubernetes Deep Dive: Silicon Valley

Find more interesting events
Get event recommendations based on your Facebook taste. Get it now!Show me the suitable events for meNot now