[TRAINING] Kubernetes Deep Dive: Silicon Valley, Venue is to be confirmed soon!, Monday, 24. February 2020

At the end of the course, all participants receive a certificate of attendance. This certificate includes the training duration and contents, and proves the attendee’s knowledge of the emerging technology. Each student gets a free CKA/CKAD exam voucher after completing the training.


This four day course teaches students both fundamental and advanced Kubernetes topics in the first three days. Students will deploy Kubernetes cluster to GCP using kops, learn how to store configuration in ConfigMaps and internals of the cluster networking. They will be able to efficiently deploy and operate their applications on top of the cloud-native platform. The fourth day is deep dive into Kubernetes internals including kubelet, API server, scheduling algorithm and networking model. After completing the course students are able to design and implement Kubernetes clusters effectively.
Who should attend?

Architects, Operators and DevOps engineers who are planning to bootstrap and operate fault tolerant Kubernetes clusters in production;
Everyone who wants to be prepared to pass the Certified Kubernetes Administrator exam successfully.


Course objectives
The course is intended to onboard operators and DevOps engineers to the Kubernetes platform, providing the students with:

An understanding of how Kubernetes handles container-based distributed workloads.
Practical skills required to spin up a Kubernetes cluster.
The experience required to successfully operate and manage Kubernetes clusters.


Program
Day 1
a) Introduction 
Theory:

Introductions
Useful links for the course
Agenda
Schedule
Overview of the training methodology

b) Containers 
Theory:

Different ways of packaging software
Container benefits
Container implementation
Sample app architecture

Practice:

Use Dockerfile to package a sample app into a container
Run the app in a container 
Expose ports
Mount Volumes
Connect from one container to another using DNS
 Deploy a container using host and bridge mode, examine the difference
Upload the image to the Container Registry

c) Kubernetes Architecture 
Theory:   

Kubernetes components
Managed Kubernetes platforms
Infrastructure providers
Deployment automation                 

Practice:

Deploy Kubernetes to GCP

d) Pods 
Theory:

Pods
Pod Lifecycle

Practice:

Deploy the Sample App to Kubernetes
Deploy a pod using a custom image
Use exec to connect to deployed running container inside a pod

e) Services
Theory:

Service types
Proxy modes
Service discovery (ENV, DNS)

Practice:

Connect Sample App components together using service
Use DNS service discovery
Use LoadBalancer service to expose the app
Implement blue-green deployment pattern using services

f) Secrets and ConfigMaps
Theory:

Use cases for Secrets and ConfigMaps
Different ways of mapping Secrets into containers

Practice:

 Modify the sample app to use Secrets and ConfigMaps to externalize application credentials and configuration

g) Sidecars and Init Containers
Theory:

Multi-container pod design
Use cases for using init containers

Practice:

Deploy init container that runs application DB migrations
Deploy a simple sidecar container, examine how networking works between containers in a pod.

h) Affinity and Anti-affinity
Theory:

When to use pod/node affinity/anti-affinity
Some details about Kubernetes scheduler and how it uses affinity settings

Practice:

Configure node/pod affinity and anti-affinity to configure how Kubernetes schedules containers

i) Pod limits
Theory:

Difference between requests and limits pod settings
Limit types
The default behavior when limits and requests are unset

Practice:

Verify how high resource usage by a single pod can affect the whole node
Set limits to enforce resource limitation
Verify that limits are applied



Day 2
a) Deployments
Theory:

Deployments and ReplicaSets
Deployment rolling updates behavior


 Practice:

Redeploy sample app using the deployment object
Scale the deployment
Update and rollout the deployment
View deployment history
Rollback the deployment
Configure deployment rollover parameters

b) Health Checks
Theory:

Difference between liveness and readiness probes
Health Checks types (exec, TCP, HTTP)


 Practice:

Define a custom liveness probe
Define  a custom readiness probe
Test that the probes are working
Experiment with probe types

 c) Autoscaling
Theory:

How pod autoscaling works
Horizontal vs vertical autoscaling

Practice:

Define horizontal autoscaler to the sample app
Test the autoscaler

 d) Jobs
Theory:

Jobs use cases
Difference between Jobs and CronJobs

 Practice:

Create a CronJob to automate sample app database backup

e) Volumes and Data
Theory:

Persistency in kubernetes
PersistentVolumes and PersistentVolumeClaims
Storage Classes

Practice:

Use a Persistent Volume to Store sample app data
Convert the volume to PersistentVolumeClaim
Create and test a STorage Class

f) Managing clustered stateful applications
Theory:

StatefullSet (use cases and difference from Deployments)
Using Headless Services in combination with StatefullSets
Using ReadinesProbes in a combination with StatefullSets

Practice:


Prepare MySQL Galera cluster docker image
Prepare headless service needed to perform service discovery during cluster bootstrap
Deploy Galera cluster as a StatefullSet
Attach PersistentVolumeClaim to each node in the StatefullSet


g) Ingress
Theory:

Ingress vs LoadBalancer services
Types of Ingress (GCP LB, nginx, etc)
Configuring ingress
Ingress in on-prem installations

Practice:

Serve app traffic from the Ingress instead of LoadBalancer service
Use static IP with Ingress
Specify app domain
Add SSL support



Day 3
 a) Helm
Theory:

 Helm architecture
How to secure Helm

Practice:

Use Helm to deploy a sample service
Write a sample Helm chart

 b) Logging
Theory:

Logging architecture in Kubernetes
Logging patterns (sidecar, node agent, etc)
ELK architecture
ELK authentication and authorization

 Practice: 

Use helm to deploy ELK
Reverse engineer ELK helm chart
Deploy custom ELK based on the manifests from the helm chart
Access cluster components logs
Access application logs
Use filters in kibana, setup custom dashboards

  c) Monitoring
Theory:

Monitoring architecture
Metric sources (container metrics, API metrics, etc)
Prometheus architecture

 Practice:

Use helm to deploy Prometheus
Reverse engineer Prometheus deployment
Deploy custom Prometheus based on the manifests from the helm chart
Check default dashboards in grafana
Create a custom dashboard
Use Prometheus UI to run queries
Use AlertManager to setup custom alert

  d) CI/CD
Theory:

Building CI/CD pipelines with Kubernetes
Deployment patterns (Canary, blue-green deployments)
Using Jenkins with Kubernetes

Practice:

Deploy Jenkins
Create pipeline to build the sample app
Add deployment stage
Add test stage
Use canary deployments with Jenkins
Deploy in different environments (dev, test)
Rollback the deployment



Day 4
 a) Managing Kubernetes cluster
Theory:

Kubernete installers (kubeadm, kops, kubespray)
Using managed Kubernetes
Cluster updates and upgrades
Isolating nodes with different characteristics (node pools)


Practice: 

Use gcloud cli to deploy and upgrade a managed kubernetes cluster
Use kops to deploy and upgrade a cluster
Use terraform to initialize infrastructure for kubespray
Use kubespray to deploy and upgrade a cluster
Verify that all clusters are working

b) Authentication in Kubernetes
Theory:

User, groups and service accounts
Authentication strategies (Client Certs, Bearer tokens, Authenticating Proxy, etc)
OAuth2 and OpenID Connect

Practice:

Examine ClientCert workflow: Create a user by signing generating a cert and signing it with cluster CA
Examine the Bearer Tokens workflow: use service account tokens
Reconfigure API server to use OpenID Connect

с) Namespaces and RBAC (Authorization in Kubernetes)
Theory:

Role and ClusterRole
Binding roles

Practice:

Create and configure namespaces
Create and assign Roles and ClusterRoles
Check that roles are enforced
Apply namespace resource limits

d) Istio
Theory:

Istio use cases and features
Istio architecture

Practice:

Install and configure Istio
Deploy the sample app with an istio sidecar
Use Istio monitoring and tracing
Setup Route Rules and Virtual Services
Use Request Routing
Use Fault Injection
Use Traffic Mirroring
Use Circuit Breaking
Controll ingress traffic [Using Istio Ingress]
Use Traffic Shifting
Use Rate-limiting with Memorystore and Redis


Prerequisites
A laptop with:

An SSH terminal client (like ssh or Putty)
A tool to transfer files over SSH (like scp)
A web browser (Chrome/Firefox)
Internet connection (outgoing connections on TCP ports 22, 80, 8080 and 443)
Access to the Google Cloud Platform and Google Cloud Console


Payment info:


If you would like to get an invoice for your company to pay for this training, please email to training@altoros.com and provide us with the following info:

Name of your Company/Division which you would like to be invoiced;
Name of the person the invoice should be addressed to;
Mailing address;
Purchase order # to put on the invoice (if required by your company).





Read Kubernetes news and insights on our blog : 


Watch free recorded webinars on Cloud-Native-related topics (choose tag CLOUD FOUNDRY)


! Please note the training is contingent upon having 5 attendees. If we don't have enough tickets sold, we will cancel the training and refund your money one week prior to the training. Thanks for your understanding.



This training is provided by Altoros, Cloud Foundry Summit approved training provider. Altoros has delivered training to VMware, SAP, EMC, Hospira, Siemens, Fidelity, and many others.

Monday, 24. February 2020, Venue is to be confirmed soon!, [TRAINING] Kubernetes Deep Dive: Silicon Valley

Find more interesting events
Get event recommendations based on your Facebook taste. Get it now!Show me the suitable events for meNot now