Change Location × Moreno Valley, CA

    Recent Locations

      [TRAINING] Kubernetes Deep Dive: Silicon Valley in Moreno Valley


      • [TRAINING] Kubernetes Deep Dive: Silicon Valley Photo #1
      • [TRAINING] Kubernetes Deep Dive: Silicon Valley Photo #2
      • [TRAINING] Kubernetes Deep Dive: Silicon Valley Photo #3
      • [TRAINING] Kubernetes Deep Dive: Silicon Valley Photo #4
      1 of 4
      December 10, 2019

      Tuesday   9:00 AM

      Performers:
      • No Performers Listed
      EVENT DETAILS
      [TRAINING] Kubernetes Deep Dive: Silicon Valley

      At the end of the course, all participants receive a certificate of attendance. This certificate includes the training duration and contents, and proves the attendee’s knowledge of the emerging technology. Each student gets a free CKA/CKAD exam voucher after completing the training. This four day course teaches students both fundamental and advanced Kubernetes topics in the first three days. Students will deploy Kubernetes cluster to GCP using kops, learn how to store configuration in ConfigMaps and internals of the cluster networking. They will be able to efficiently deploy and operate their applications on top of the cloud-native platform. The fourth day is deep dive into Kubernetes internals including kubelet, API server, scheduling algorithm and networking model. After completing the course students are able to design and implement Kubernetes clusters effectively. Who should attend? Architects, Operators and DevOps engineers who are planning to bootstrap and operate fault tolerant Kubernetes clusters in production; Everyone who wants to be prepared to pass the Certified Kubernetes Administrator exam successfully. Course objectives The course is intended to onboard operators and DevOps engineers to the Kubernetes platform, providing the students with: An understanding of how Kubernetes handles container-based distributed workloads. Practical skills required to spin up a Kubernetes cluster. The experience required to successfully operate and manage Kubernetes clusters. Program Day 1 a) Introduction  Theory: Introductions Useful links for the course Agenda Schedule Overview of the training methodology b) Containers  Theory: Different ways of packaging software Container benefits Container implementation Sample app architecture Practice: Use Dockerfile to package a sample app into a container Run the app in a container  Expose ports Mount Volumes Connect from one container to another using DNS  Deploy a container using host and bridge mode, examine the difference Upload the image to the Container Registry c) Kubernetes Architecture  Theory:    Kubernetes components Managed Kubernetes platforms Infrastructure providers Deployment automation                  Practice: Deploy Kubernetes to GCP d) Pods  Theory: Pods Pod Lifecycle Practice: Deploy the Sample App to Kubernetes Deploy a pod using a custom image Use exec to connect to deployed running container inside a pod e) Services Theory: Service types Proxy modes Service discovery (ENV, DNS) Practice: Connect Sample App components together using service Use DNS service discovery Use LoadBalancer service to expose the app Implement blue-green deployment pattern using services f) Secrets and ConfigMaps Theory: Use cases for Secrets and ConfigMaps Different ways of mapping Secrets into containers Practice:  Modify the sample app to use Secrets and ConfigMaps to externalize application credentials and configuration g) Sidecars and Init Containers Theory: Multi-container pod design Use cases for using init containers Practice: Deploy init container that runs application DB migrations Deploy a simple sidecar container, examine how networking works between containers in a pod. h) Affinity and Anti-affinity Theory: When to use pod/node affinity/anti-affinity Some details about Kubernetes scheduler and how it uses affinity settings Practice: Configure node/pod affinity and anti-affinity to configure how Kubernetes schedules containers i) Pod limits Theory: Difference between requests and limits pod settings Limit types The default behavior when limits and requests are unset Practice: Verify how high resource usage by a single pod can affect the whole node Set limits to enforce resource limitation Verify that limits are applied Day 2 a) Deployments Theory: Deployments and ReplicaSets Deployment rolling updates behavior  Practice: Redeploy sample app using the deployment object Scale the deployment Update and rollout the deployment View deployment history Rollback the deployment Configure deployment rollover parameters b) Health Checks Theory: Difference between liveness and readiness probes Health Checks types (exec, TCP, HTTP)  Practice: Define a custom liveness probe Define  a custom readiness probe Test that the probes are working Experiment with probe types  c) Autoscaling Theory: How pod autoscaling works Horizontal vs vertical autoscaling Practice: Define horizontal autoscaler to the sample app Test the autoscaler  d) Jobs Theory: Jobs use cases Difference between Jobs and CronJobs  Practice: Create a CronJob to automate sample app database backup e) Volumes and Data Theory: Persistency in kubernetes PersistentVolumes and PersistentVolumeClaims Storage Classes Practice: Use a Persistent Volume to Store sample app data Convert the volume to PersistentVolumeClaim Create and test a STorage Class f) Managing clustered stateful applications Theory: StatefullSet (use cases and difference from Deployments) Using Headless Services in combination with StatefullSets Using ReadinesProbes in a combination with StatefullSets Practice: Prepare MySQL Galera cluster docker image Prepare headless service needed to perform service discovery during cluster bootstrap Deploy Galera cluster as a StatefullSet Attach PersistentVolumeClaim to each node in the StatefullSet g) Ingress Theory: Ingress vs LoadBalancer services Types of Ingress (GCP LB, nginx, etc) Configuring ingress Ingress in on-prem installations Practice: Serve app traffic from the Ingress instead of LoadBalancer service Use static IP with Ingress Specify app domain Add SSL support Day 3  a) Helm Theory:  Helm architecture How to secure Helm Practice: Use Helm to deploy a sample service Write a sample Helm chart  b) Logging Theory: Logging architecture in Kubernetes Logging patterns (sidecar, node agent, etc) ELK architecture ELK authentication and authorization  Practice:  Use helm to deploy ELK Reverse engineer ELK helm chart Deploy custom ELK based on the manifests from the helm chart Access cluster components logs Access application logs Use filters in kibana, setup custom dashboards   c) Monitoring Theory: Monitoring architecture Metric sources (container metrics, API metrics, etc) Prometheus architecture  Practice: Use helm to deploy Prometheus Reverse engineer Prometheus deployment Deploy custom Prometheus based on the manifests from the helm chart Check default dashboards in grafana Create a custom dashboard Use Prometheus UI to run queries Use AlertManager to setup custom alert   d) CI/CD Theory: Building CI/CD pipelines with Kubernetes Deployment patterns (Canary, blue-green deployments) Using Jenkins with Kubernetes Practice: Deploy Jenkins Create pipeline to build the sample app Add deployment stage Add test stage Use canary deployments with Jenkins Deploy in different environments (dev, test) Rollback the deployment Day 4  a) Managing Kubernetes cluster Theory: Kubernete installers (kubeadm, kops, kubespray) Using managed Kubernetes Cluster updates and upgrades Isolating nodes with different characteristics (node pools) Practice:  Use gcloud cli to deploy and upgrade a managed kubernetes cluster Use kops to deploy and upgrade a cluster Use terraform to initialize infrastructure for kubespray Use kubespray to deploy and upgrade a cluster Verify that all clusters are working b) Authentication in Kubernetes Theory: User, groups and service accounts Authentication strategies (Client Certs, Bearer tokens, Authenticating Proxy, etc) OAuth2 and OpenID Connect Practice: Examine ClientCert workflow: Create a user by signing generating a cert and signing it with cluster CA Examine the Bearer Tokens workflow: use service account tokens Reconfigure API server to use OpenID Connect с) Namespaces and RBAC (Authorization in Kubernetes) Theory: Role and ClusterRole Binding roles Practice: Create and configure namespaces Create and assign Roles and ClusterRoles Check that roles are enforced Apply namespace resource limits d) Istio Theory: Istio use cases and features Istio architecture Practice: Install and configure Istio Deploy the sample app with an istio sidecar Use Istio monitoring and tracing Setup Route Rules and Virtual Services Use Request Routing Use Fault Injection Use Traffic Mirroring Use Circuit Breaking Controll ingress traffic [Using Istio Ingress] Use Traffic Shifting Use Rate-limiting with Memorystore and Redis Prerequisites A laptop with: An SSH terminal client (like ssh or Putty) A tool to transfer files over SSH (like scp) A web browser (Chrome/Firefox) Internet connection (outgoing connections on TCP ports 22, 80, 8080 and 443) Access to the Google Cloud Platform and Google Cloud Console Payment info: If you would like to get an invoice for your company to pay for this training, please email to training@altoros.com and provide us with the following info: Name of your Company/Division which you would like to be invoiced; Name of the person the invoice should be addressed to; Mailing address; Purchase order # to put on the invoice (if required by your company). Read Kubernetes news and insights on our blog : https://www.altoros.com/blog/tag/cloud-native/ Watch free recorded webinars on Cloud-Native-related topics (choose tag CLOUD FOUNDRY) ! Please note the training is contingent upon having 5 attendees. If we don't have enough tickets sold, we will cancel the training and refund your money one week prior to the training. Thanks for your understanding. This training is provided by Altoros, Cloud Foundry Summit approved training provider. Altoros has delivered training to VMware, SAP, EMC, Hospira, Siemens, Fidelity, and many others.

      Categories: Science

      Event details may change at any time, always check with the event organizer when planning to attend this event or purchase tickets.