This course centers on developing the skills and knowledge needed for Day-1 Kubernetes operations for managing applications. Using best practices as guiding principles, students will engage in topics pertaining to the Kubernetes architecture to make informed decisions for production workloads. Topics include configuring resource availability for applications, implementing advanced scheduling for applications, and administering user roles and permissions for the Kubernetes cluster. Kubernetes Operations and System Integration teams will benefit greatly as they plan and deploy their Kubernetes production environments.
 

Kubernetes High Availability

• Review the basic architecture of a Kubernetes cluster
• Install a well-validated HA Kubernetes cluster on a collection of hosts
• Load balance kubectl commands across an HA Kubernetes cluster

Managing Application Deployment

• Review how pods are scheduled on worker nodes
• Examine the node selector
• Discuss implementing the impact of taints and tolerations for Kubernetes workloads
• Review both pod and node affinity and anti-affinity

Releasing Application Updates

• Discuss releasing updates to applications running on the Kubernetes platform
• Explore native tooling for updating application
• Examine how Helm manages updating applications

Application High Availability

• Review the architecture required to achieve high availability for applications
• Discuss best practices for using liveness and readiness probes
• Explore Kubernetes auto-scaling of applications
• Discuss how to prioritizing Kubernetes workloads

Routing Network Traffic

• Discuss network routing options within Kubernetes
• Discuss the benefits of the Ingress controller and object
• Examine the Ingress object and controller pattern

Provisioning Storage

• Review available storage options for applications
• Discuss constraints of persistent storage in a standard Kubernetes cluster deployment
• Examine the storageClass object

Kube Security: Implementing RBAC

• Discuss RBAC implementation within Kubernetes
• Examine Kubernetes RBAC components
• Review Auditing within Kubernetes
• Determine how to enable Auditing within a Kubernetes cluster

Kubernetes Network Security

• Review the the Kubernetes Networking Model
• Discuss how Network Security is managed within the Kubernetes cluster
• Examine managing network security with native and non-native Kubernetes tooling
• Explain the native method of creating Network Policies

Securing an Application Workload

• Identify security mechanisms available to security between containers, pods, and the Kubernetes cluster
• Discuss strategies for enabling flexibility within security policy while maintaining security compliance
• Examine how to enable Pod Security Policies

Multi-Tenancy in Kubernetes

• Discuss multi-tenancy in a Kubernetes cluster
• Examine native Kubernetes objects used for enabling multi-tenancy capability
• Discuss multi-tenancy methods for Kubernetes

Infrastructure and Integration engineers tasked with day-to-day application workload management; IT professionals looking to expand skills in Kubernetes administration
 

No certification available.

• CN120 (or equivalent) experience
• Familiarity with the Bash shell: filesystem navigation and manipulation, command line text editors like vim or nano, common tooling like curl, wget and ping
• Familiarity with JSON and YAML notation