WA3007
Kubernetes for Developers Training
This Kubernetes training course teaches developers how to containerize, host, deploy, and configure an application in a multi-node cluster.
Course Details
Duration
3 days
Prerequisites
- WA2579 Technical Introduction to Microservices (or equivalent experience).
- Familiarity with a programming language and be comfortable with basic Linux command line and file editing.
Target Audience
Developers that need to understand all aspects of how to containerize, host, deploy, and configure an application in a multi-node cluster.
Skills Gained
- Learn how to containerize and deploy a new Python script
- Understand and configure the deployment with ConfigMaps, Secrets and SecurityContexts
- Understand multi-container pod design
- Learn to configure probes for pod health
- Learn to update and roll back an application
- Understand how to implement services and set NetworkPolicies
- Learn how to use PersistentVolumeClaims for state persistence
Course Outline
- Kubernetes Core Concepts
- Kubernetes Basics
- What is Kubernetes?
- Container Orchestration
- Kubernetes Architecture
- Kubernetes Concepts
- Cluster and Namespace
- Nodes
- Master
- Pod
- Using Pods to Group Containers
- Label
- Label Syntax
- Annotation
- Label Selector
- Replication Controller and Replica Set
- Service
- Storage Volume
- Secret
- Resource Quota
- Authentication and Authorization
- Routing
- Docker Registry
- Kubernetes Architecture
- Architecture Diagram
- Components
- Kubernetes Cluster
- Master Node
- Kube-Control-Manager
- Nodes
- Other Components
- Interacting with Kubernetes
- Build
- What is Docker
- Where Can I Run Docker?
- Docker and Containerization on Linux
- Linux Kernel Features: cgroups and namespaces
- The Docker-Linux Kernel Interfaces
- Containerizing an Application
- Building a Docker Images using Dockerfile
- Sample Dockerfile
- Environment Variables
- Arguments
- Multi-stage Builds
- Stop at a Specific Build Stage
- RUN
- EXPOSE
- EXPOSE (Contd.)
- COPY
- ADD
- CMD
- ENTRYPOINT
- CMD vs. ENTRYPOINT
- VOLUME
- Build the Image
- Build the Image (contd.)
- .dockerignore
- Dockerfile – Best Practices
- Published Ports
- Docker Documentation
- Docker Registry
- Hosting a Local Registry
- Deploying to Kubernetes
- Running Commands in a Container
- Multi-Container Pod
- Design
- Traditional Applications
- Virtual Machines
- Containerized Applications
- Decoupled Resources
- Transience
- Flexible Framework
- Application Resource Usage
- Measuring Resource Usage
- Docker Resource Usage Statistics
- Docker Container Resource Constraints
- Docker Run Command Resource Flags
- Using Label Selectors
- Equality Based Label Selector
- Set Based Label Selector
- Multi-Container Pods
- Sidecar Container
- Sidecar Container Uses
- Adapter Container
- Deployment Configuration
- Introduction to Volumes
- Container OS file system storage
- Docker Volumes
- Kubernetes Volumes
- Volume Specs
- K8S Volume Types
- Cloud Resource Types
- emptyDir
- Using an emptyDir Volume
- Other Volume Types
- Persistent Volumes
- Creating a Volume
- Persistent Volume Claim
- Persistent Volume
- Pod that uses Persistent Volume
- Dynamic Volume Provisioning
- Requesting Dynamic Storage
- Secrets
- Creating Secrets from Files
- Creating Secrets from Literals
- Using Secrets
- configMaps
- Creating configMaps from Literals
- Creating configMaps from files
- Using configMaps
- Security Context
- Security Context Usage
- Deployment Configuration Status
- Replicas
- Scaling
- Rolling Updates
- Security
- Security Overview
- API Server
- API & Security
- ~/.kube/config
- Kubernetes Access Control Layers
- Authentication
- Authorization
- ABAC Authorization
- ABAC - Policy Format
- RBAC Authorization
- Role and ClusterRole
- RoleBinding and ClusterRoleBinding
- Authorization Modes - Node
- Authorization Modes - ABAC
- Admission Controller
- Network Policies
- Network Policies - Pod Isolation
- Network Policies - Internet Access for Pods
- Network Policies - New Deployments
- Exposing Applications
- Kubernetes Services
- Service Resources
- Service Type
- ClusterIP
- NodePort
- NodePort from Service Spec
- LoadBalancer
- LoadBalancer from Service Spec
- ExternalName
- Accessing Applications
- Service Without a Selector
- Ingress
- Ingress Resource Example
- Ingress Controller
- Service Mesh
- Troubleshooting Kubernetes
- Troubleshooting Overview
- Objects in Kubernetes
- Relationships in Kubernetes
- Operations in Kubernetes
- Understanding the Issue
- Troubleshooting Tools
- Troubleshooting Commands
- Troubleshooting Pods
- Troubleshooting the Cluster
- Cluster Failure Modes
- Monitoring
- Monitoring Applications
- Accessing Logs
- Logging Tools
- Conformance Testing
- Lab Exercises
- Lab 1. Creating a Docker Account and Obtain an Access Token
- Lab 2. Configuring Minikube/Kubernetes to Use a Custom Docker Account
- Lab 3. Getting Started with Kubernetes
- Lab 4. Building a Docker Image with Dockerfile
- Lab 5. Deploying to Kubernetes
- Lab 6. Implementing the Sidecar Pattern
- Lab 7. Deploying Applications
- Lab 8. Implementing RBAC Security
- Lab 9. Accessing Applications
- Lab 10. Troubleshooting
Upcoming Course Dates