Certified Kubernetes - Bespoke Certificate for Gareth Bright
1. Introduction to Cloud Native Applications
- Building Docker images
- Running the app in pure Docker environment
2. Starting the app in existing Kubernetes cluster
- Base configuration
- Pod design
- Deployments
- Services and load balancing (different types)
- Volumes (persistence of application state)
- Ingress and Ingress controllers
- Troubleshooting
3. Building a few node Kubernetes cluster from scratch
- Initializing kubeadm single-master cluster
- Creating a cluster in the cloud (managed solutions)
- Options for Highly Available Topology
- Choosing components and add-ons (network, volumes, ingress, monitoring, etc)
- Growing and upgrading the cluster
4. Making the application better
- Other controllers (daemon sets, stateful sets, jobs and cron jobs)
- Rolling upgrade, blue-green deployment, canary deployment
- Multi-container pods
- Init containers and hooks
- Liveness, readiness and startup probes
- CPU and memory constraints, resource limits for a namespace
- Using Helm for managing deployments
- Horizontal Pod Autoscaler
- Scheduling (selectors, affinity and anti-affinity rules)
- Volumes in details (ConfigMaps, PVC, PV, StorageClasses, Rook project)
5. Security
- Supply Chain Security
- Monitoring, Logging and Runtime Security
- Service accounts and Role Base Access Control
- Kubernetes network policy
- Security context
- Linux capabilities, AppArmor, seccomp
- Secrets and secrets encryption at rest
- Container runtime sandboxes (gVisor)
- Open Policy Agent (OPA) and GateKeeper
* any of the topics can be skipped on the group request to give more time to other more exciting areas.