Certificate Authentication

[Day 01]

Containerization Fundamentals – Ecosystem and Architecture

Docker Overview -The Moby project & Docker products (Docker CE & Docker EE)

Docker Containers Usage

• Anatomy of containers (Architecture, Namespaces, cgroups, UnionFS, runc, Containerd)
• Running and Inspecting a container
• Starting, stopping, and removing containers
• Exec into a running container
• Attaching to a running container
• Retrieving container logs

Docker Images Usage

• The layered filesystem, the writable container layer
• Inspect Images
• Tagging an image
• Utilize a registry to store an image
• Layers
• Push/Pull Images to/from registry
• Delete Images

Using Dockerfile to create a Docker image

• Dockerfile Instructions (add, copy, volumes, expose, entrypoint, etc
• Writing complex Dockerfile
• Building an image
• Multistep builds
• Best Practices

Docker Storage and Volumes

• Modifying the container layer
• Creating, Mounting and Removing Volumes
• Sharing data between containers
• Using host volumes
• Defining volumes in images

Docker Networking

• Bridge network, Host network and null network
• Port Publishing
• The container network model
• Network firewalling
• Deploy a service on a Docker overlay network

Docker Compose

• Declarative versus Imperative
• Running a multi-service app
• Scaling a service
• Building and pushing an application

 

[Day 02]

Orchestrators Overview

Kubernetes Cluster

• Installing Kubernetes on a Public Cloud Provider (Google, Amazon, Azure)
• Installing Kubernetes locally Using minikube
• Overview of Kubernetes architecture
• The Kubernetes Client
• Cluster Components (Kubernetes Proxy, Kubernetes DNS, Kubernetes UI)
• Common kubectl Commands

Pods

• Creating a Pod & Pod Manifest
• Running Pods - Listing Pods, Pod Details, Deleting a Pod
• Accessing Pod - Port Forwarding, Logs, Exec, Copying Files
• Health Checks - Liveness Probe, Readiness Probe
• Resource Management – Requests, Limits
• Persisting Data with Volumes
• Different Ways of Using Volumes with Pods

Labels and Annotations

• Applying Labels, Modifying Labels, Label Selectors

Service Discovery

• Service Object & Service DNS
• Endpoints, Manual Service Discovery, kube-proxy and Cluster Ips, Cluster IP Environment Variables

Replicasets

• Designing with ReplicaSets - Reconciliation Loops
• Creating, Inspecting & Deleting a ReplicaSet
• Scaling ReplicaSets - Imperatively, Declaratively & Autoscaling

 

[Day 03]

DaemonSets

• Creating, Updating & Deleting a DaemonSets
• DaemonSet Scheduler, Limiting DaemonSets to Specific Nodes

Jobs (One Shot, Parallelism, Work Queues, Cron)

Creating & Using a ConfigMaps

Creating & Consuming Secrets

Deployments

• Creating, Managing and Deleting a Deployments
• Updating Deployments - Scaling, Updating a Container Image, Rollout History
• Deployment Strategies - Recreate, Rolling Update, Slowing Rollouts

StatefulSets

• Importing External Services
• Running a MySQL Singleton
• Dynamic Volume Provisioning
• Automating MongoDB Cluster Creation
• Persistent Volumes and StatefulSets

Using Kubernetes Namespaces to manage different environments

• Managing test, staging, and production environments within the same cluster
• Kubernetes Namespaces best practices

Resource Quota

• Compute Resource
• Storage Resource
• Object Count

Kubernetes Security

• Authentication – Normal Users, Service Accounts
• Authorization – ABAC, Webhook, RBAC, etc
• Admission Controller

Monitoring Kubernetes

• Cluster logging with Elasticsearch and fluentd
• Container level monitoring (cAdvisor UI, Influxdb, Prometheus)

Helm Introduction

• Helm package manager as a Continuous Integration (CI) / Continuous Deployment (CD) tool.