Courses and certifications Open Source

Cloud

Kubernetes Advanced

34.000 CZK

Price (without VAT)

Days2
27. 2.28. 2. 2025
virtual
CZ

Kubernetes has evolved over the years into a comprehensive solution for container orchestration with plenty of integration practices. However, it is still not a platform that is ready for direct user use and requires knowledge of the whole system.

The training focuses on the advanced management and operation of the Kubernetes cluster. We expect common knowledge of Kubernetes and focus on related topics such as integration with CI / CD, storage, resource allocation. Last but not least, cluster security is emphasized.

 

Audience

  • Application developers
  • Cloud Platform Engineer
  • IT systems designers

Goals

This traning is intended to be a Kubernetes deep dive and some prior Kubernetes experience is required. We are focusing on advanced topics like real workload management, LCM and cluster security. Most of the topics are demonstrated on live enviroment and every attendee will get and opportunity to test everyting on dedicated cluster.

It's planned that some topics will be skipped according to attendee preferences and others will be presented in detail.

Course autor

Tomáš Kukrál

TOMÁŠ KUKRÁL

Tomas develops the edge cloud platform based on Kubernetes at Volterra. In the past, he worked for Mirantis and was in charge of designing Kubernetes clusters and delivering them to their customers. In his free time he is involved in parachuting and cycling. In the beginning, Tomáš prepared the course and created practical labs. Currently, the course can be taught by various instructors.

 

Outline

Workload

  • Understanding Kubernetes
  • Deployment of multi-pod application
  • PID 1 in container
  • Probes - liveness, readiness
  • Resource limits, default limits, evictions
  • DNS in cluster - CoreDNS, DNS discovery
  • Config management and discovery
  • downwardAPI
  • Persistent volumes
  • Using hooks and initContainers
  • StatefulSets
  • Horizontal Pod Autoscaler
  • Batch and periodic jobs
  • Network and DNS settings
  • Namespaces and capabilities

Control plane

  • Kubernets daemons (etcd, apiserver, scheduler, cm, proxy, kubelet)
  • Etcd - RAFT, benchmarks, backup and recovery, monitoring
  • Kubernetes API - (metrics, health)
  • Advanced scheduling (selectors, affinities, taints), manual scheduling
  • Custom scheduler
  • Pod priority and preemption, QoS
  • Running containers - CRI interface, cri-o, Docker
  • Autoscale DNS service
  • Container registry
  • High-Availability
  • Conformance tests
  • Admission controllers

Nodes

  • Kubelet monitoring
  • Anatomy of failed node
  • Kubelet certificate management
  • Live reconfiguration
  • Node maintenance

Síťování

  • CNI - Kubernetes networking
  • LoadBalancer
  • Ingress

Storage

  • PersistentVolumes
  • Using hostPath volumes
  • CSI - Container Storage Interface
  • Managing volumes in public cloud

Operation

  • Prometheus monitoring for cluster and applications
  • Logging
  • Kubenetes metrics pipeline
  • Upgrading Kubernetes
  • Troubleshooting the cluster

Security

  • Security in Kubernetes - RBAC, Identities
  • Cluster hardening - Disable host networking, disable hostPid, drop capabilities
  • Audit and audit2rbac
  • Security context
  • Segmentating the cluster
  • Securing Kubelet

Other

  • Custom resources (CRD)
  • Kubectl plugins
  • Managed offerings (GKE, EKS, AKS)
  • Cloud provider plugins

 

Prerequisites

  • Fundamental course Kubernetes
  • Basic Kubernetes terminology and architecture (pod, service, deployment, ...)
  • Using terminal to run commands

Technical requirements (BYOD)

  • Any OS supported by `kubectl` binary
  • SSH client
  • Web browser

Inquire course

Courses
Submit
* Required field

Reviews

5. 11. 2024
4. 11. 2024
Jiří Tvrdoň
2. 5. 2023
Lecturer Tomáš Kukrál acts as (and certainly is) number one in the field. The training was very proactive with elements of both intentional and unintentional accidents where one really learns. I really recommend it.
Cookies help us provide our services. By using our services, you agree to their use.
More information