Join Kubernetes Deep Dive Training in Silicon Valley to understand how everything fits together to run distributed applications in Kubernetes and learn how to start designing and operating application orchestration solutions.
Loading Events

« All Events

[TRAINING] Kubernetes Deep Dive: Silicon Valley

Join: December 10, 2019 09:00 AM UTC-7

  • 5
  • 6
  •  

December 10 @ 9:00 am - December 13 @ 6:00 pm

At the end of the course, all participants receive a certificate of attendance. This certificate includes the training duration and contents, and proves the attendee’s knowledge of the emerging technology. 

Why this training?

This four-day Kubernetes Deep Dive course teaches students both fundamental and advanced Kubernetes topics in the first three days. Students will deploy Kubernetes cluster to GCP using kops, learn how to store configuration in ConfigMaps and internals of the cluster networking. They will be able to efficiently deploy and operate their applications on top of the cloud-native platform. The fourth day is deep dive into Kubernetes internals including kubelet, API server, scheduling algorithm and networking model. After completing the course students are able to design and implement Kubernetes clusters effectively.

Who should attend?
  • Architects, Operators and DevOps engineers who are planning to bootstrap and operate fault tolerant Kubernetes clusters in production;
  • Everyone who wants to be prepared to pass the Certified Kubernetes Administrator exam successfully.
Training program

Day 1

ModuleTheoryPractice
Introduction
  • Introductions
  • Useful links for the course
  • Agenda
  • Schedule
  • Overview of the training methodology
Containers
  • Different ways of packaging software
  • Container benefits
  • Container implementation
  • Sample app architecture
  • Use Dockerfile to package a sample app into a container
  • Run the app in a container
  • Expose ports
  • Mount Volumes
  • Connect from one container to another using DNS
  • Deploy a container using host and bridge mode, examine the difference
  • Upload the image to the Container Registry
Kubernetes Architecture *
  • Kubernetes components
  • Managed Kubernetes platforms
  • Infrastructure providers
  • Deployment automation
  • Deploy Kubernetes to GCP
Pods
  •  Pods
  • Pod Lifecycle
  • Deploy the Sample App to Kubernetes
  • Deploy a pod using a custom image
  • Use exec to connect to deployed running container inside a pod
Services
  • Service types
  • Proxy modes
  • Service discovery (ENV, DNS)
  • Connect Sample App components together using service
  • Use DNS service discovery
  • Use LoadBalancer service to expose the app
  • Implement blue-green deployment pattern using services
Secrets and ConfigMaps
  • Use cases for Secrets and ConfigMaps
  • Different ways of mapping Secrets into containers
  • Modify the sample app to use Secrets and ConfigMaps to externalize application credentials and configuration
Sidecars and Init Containers
  • Multi-container pod design
  • Use cases for using init containers
  • Deploy init container that runs application DB migrations
  • Deploy a simple sidecar container, examine how networking works between containers in a pod.
Affinity and Anti-affinity
  • When to use pod/node affinity/anti-affinity
  • Some details about Kubernetes scheduler and how it uses affinity settings
  • Configure node/pod affinity and anti-affinity to configure how Kubernetes schedules containers
Pod limits
  •  Difference between requests and limits pod settings
  • Limit types
  • The default behavior when limits and requests are unset
  • Verify how high resource usage by a single pod can affect the whole node
  • Set limits to enforce resource limitation
  • Verify that limits are applied

Day 2

ModuleTheoryPractice
Deployments
  • Deployments and ReplicaSets
  • Deployment rolling updates behavior
  • Redeploy sample app using the deployment object
  • Scale the deployment
  • Update and rollout the deployment
  • View deployment history
  • Rollback the deployment
  • Configure deployment rollover parameters
Health Checks
  • Difference between liveness and readiness probes
  • Health Checks types (exec, TCP, HTTP)
  • Define a custom liveness probe
  • Define  a custom readiness probe
  • Test that the probes are working
  • Experiment with probe types
Autoscaling
  • How pod autoscaling works
  • Horizontal vs vertical autoscaling
  • Define horizontal autoscaler to the sample app
  • Test the autoscaler
Jobs
  • Jobs use cases
  • Difference between Jobs and CronJobs
  • Create a CronJob to automate sample app database backup
Volumes and Data
  • Persistency in kubernetes
  • PersistentVolumes and PersistentVolumeClaims
  • Storage Classes
  • Use a Persistent Volume to Store sample app data
  • Convert the volume to PersistentVolumeClaim
  • Create and test a STorage Class
Managing clustered stateful applications
  • StatefullSet (use cases and difference from Deployments)
  • Using Headless Services in combination with StatefullSets
  • Using ReadinesProbes in a combination with StatefullSets
  • Prepare MySQL Galera cluster docker image
  • Prepare headless service needed to perform service discovery during cluster bootstrap
  • Deploy Galera cluster as a StatefullSet
  • Attach PersistentVolumeClaim to each node in the StatefullSet
Ingress
  •  Ingress vs LoadBalancer services
  • Types of Ingress (GCP LB, nginx, etc)
  • Configuring ingress
  • Ingress in on-prem installations
  • Serve app traffic from the Ingress instead of LoadBalancer service
  • Use static IP with Ingress
  • Specify app domain
  • Add SSL support

Day 3

ModuleTheoryPractice
Helm
  • Helm architecture
  • How to secure Helm
  •  Use Helm to deploy a sample service
  • Write a sample Helm chart
Logging
  •  Logging architecture in Kubernetes
  •  Logging patterns (sidecar, node agent, etc)
  • ELK architecture
  • ELK authentication and authorization
  • Use helm to deploy ELK
  • Reverse engineer ELK helm chart
  • Deploy custom ELK based on the manifests from the helm chart
  • Access cluster components logs
  • Access application logs
  • Use filters in kibana, setup custom dashboards
Monitoring
  • Monitoring architecture
  • Metric sources (container metrics, API metrics, etc)
  • Prometheus architecture
  • Use helm to deploy Prometheus
  • Reverse engineer Prometheus deployment
  • Deploy custom Prometheus based on the manifests from the helm chart
  • Check default dashboards in grafana
  • Create a custom dashboard
  • Use Prometheus UI to run queries
  • Use AlertManager to setup custom alert
CI/CD
  • Building CI/CD pipelines with Kubernetes
  • Deployment patterns (Canary, blue-green deployments)
  • Using Jenkins with Kubernetes
  • Deploy Jenkins
  • Create pipeline to build the sample app
  • Add deployment stage
  • Add test stage
  • Use canary deployments with Jenkins
  • Deploy in different environments (dev, test)
  • Rollback the deployment

Day 4

ModuleTheoryPractice
Managing Kubernetes cluster
  • Kubernete installers (kubeadm, kops, kubespray)
  • Using managed Kubernetes
  • Cluster updates and upgrades
  • Isolating nodes with different characteristics (node pools)
  • Use gcloud cli to deploy and upgrade a managed kubernetes cluster
  • Use kops to deploy and upgrade a cluster
  • Use terraform to initialize infrastructure for kubespray
  • Use kubespray to deploy and upgrade a cluster
  • Verify that all clusters are working
Authentication in Kubernetes
  • User, groups and service accounts
  • Authentication strategies (Client Certs, Bearer tokens, Authenticating Proxy, etc)
  • OAuth2 and OpenID Connect
  • Examine ClientCert workflow: Create a user by signing generating a cert and signing it with cluster CA
  • Examine the Bearer Tokens workflow: use service account tokens
  • Reconfigure API server to use OpenID Connect
Namespaces and RBAC (Authorization in Kubernetes)
  • Role and ClusterRole
  • Binding roles
  • Create and configure namespaces
  • Create and assign Roles and ClusterRoles
  • Check that roles are enforced
  • Apply namespace resource limits
Istio
  • Istio use cases and features
  • Istio architecture
  • Install and configure Istio
  • Deploy the sample app with an istio sidecar
  • Use Istio monitoring and tracing
  • Setup Route Rules and Virtual Services
  • Use Request Routing
  • Use Fault Injection
  • Use Traffic Mirroring
  • Use Circuit Breaking
  • Controll ingress traffic [Using Istio Ingress]
  • Use Traffic Shifting
  • Use Rate-limiting with Memorystore and Redis

At the end of the training, attendees will understand how everything fits together to run distributed applications in Kubernetes and learn how to start designing and operating application orchestration solutions. After completing the course all students will get a free:

• CKA/CKAD exam voucher to prove your expertise in the technology;

• One-time online consultation with the trainer after the course. You can use it to ask questions if any left or discuss issues that might arise while implementing Kubernetes to real-life projects.

! Please note that training is contingent upon having 5 attendees. If we don’t have enough tickets sold, we will cancel the training and refund you money one week prior to the class. Thank you for understanding.
NEED A PRIVATE TRAINING FOR YOUR TEAM?

You can request private training for your team in your city and/or in your company, and we’ll do our best to make it happen. Fill in the form below and we’ll contact you once a training is scheduled in your desired location.
You can also adjust the training agenda to your specific needs. Visit our tailored private Kubernetes training page and create your own program.

Training request