Table des matières
Version : 2020.01
Last update: 2020/11/20 11:18
DOE300 - Kubernetes: Container Orchestration
Présentation
Objectives: Learn container orchestration with Kubernetes.
Who can benefit: Linux Technicians and Administrators.
Prerequisites: Taken the DOE100 - Docker: Implementation and DOE200 - Docker: Administration courses or possess equivalent skills.
Learning technique: Clear, theoretical course content divided into lessons and extensive LABS.
Student Progression: Student progression is monitored both in terms of effective course duration and in terms comprehension using self-assessment tests.
Duration: 2 days (14 hours).
Prerequisites
Hardware
- A computer running MacOS, Linux, Windows™ or Solaris™,
- AZERTY FR or QWERTY US keyboard,
- Minimum 4 GB of RAM,
- Minimum dual-core processor,
- Headphones/Earphones,
- A microphone (optional).
Software
- If Windows™ - Putty and WinSCP,
- Chrome or Firefox web browser.
Internet
- A fast Internet connection (4G minimum) and no proxy,
- Unhindered access to the following domains : https://my-short.link, https://itraining.center, https://ittraining.io, https://ittraining.institute, https://ittraining.support.
Curriculum
Day #1
- DOE300 - Kubernetes: container orchestration - 2 hours.
- Prerequisites
- Hardware
- Software
- Internet
- Using the Infrastructure
- Connecting to the Cloud Server
- Linux, MacOS and Windows 10 with a built-in ssh client
- Windows 7 and Windows 10 without a built-in ssh client
- Creating the Host-Only Network 192.168.56.0/24
- Changing the kubemaster virtual machine's RAM
- Starting the Virtual Machines
- Connecting to the Virtual Machines
- Checking the /etc/hosts files
- Course Curriculum
- DOE301 - Creating a Kubernetes cluster - 2 hours.
- What is container orchestration?
- What is Kubernetes (k8s)?
- Master
- Nodes (Minions)
- LAB #1 - Creating a Kubernetes cluster
- 1.1 - Testing the network
- 1.2 - Initialising the cluster Master
- 1.3 - Installing a network add-on for inter-POD communications
- 1.4 - Connecting the nodes to the Master
- DOE302 - PODs, Replication Controllers, ReplicaSets and Deployments - 3 hours.
- LAB #1 - Creating a POD
- 1.1 - What is a POD?
- 1.2 - Manually creating a POD
- 1.3 - Creating a POD using a YAML file
- apiVersion
- kind
- metadata
- spec
- Using the YAML file
- LAB #2 - Using Replication Controllers and ReplicaSets
- 2.1 - Replication Controllers
- What is a Replication Controller?
- Implementation
- 2.2 - ReplicaSets
- What is a ReplicaSet?
- Implementation
- LAB #3 - Using Deployments
- 3.1 - What is a Deployment?
- 3.2 - Implementation
- Rollouts
- Rolling Updates
- Rollbacks
Day #2
- DOE303 - Managing the network, services and a microservices architecture - 3 hours.
- LAB #1 - Managing the network and services
- 1.1 - Presentation
- 1.2 - NodePort
- 1.3 - ClusterIP
- LAB #2 - Managing a microservices architecture
- 2.1 - Presentation
- 2.2 - Creating Deployments
- 2.3 - Creating Services
- 2.4 - Deploying the application
- 2.5 - Testing the application
- 2.6 - Scaling Up
- DOE304 - Securing Kubernetes - 3 hours.
- LAB #1 - Role Based Acces Control and TLS certificates
- 1.1 - Presentation
- 1.2 - The /etc/kubernetes/manifests/kube-apiserver.yaml file
- 1.3 - Creating a serviceAccount
- 1.4 - Creating a user
- 1.5 - TLS certificates
- LAB #2 - Implementing POD security
- 2.1 - Presentation
- 2.2 - Kubernetes Security Context
- ReadOnlyRootFilesystem
- drop
- 2.3 - Kubernetes Pod Security Policy
- 2.4 - Kubernetes Network Policies
- 2.5 - Kubernetes Resource Allocation Management
- LAB #3 - Securing Kubernetes' components
- 3.1 - Kubelet API access
- 3.2 - Kubelet and Kubernetes API access
- 3.3 - Securing etcd
- DOE305 - Course completion - 1 hour.
- What's next?
- Training materials
- What you need
- Hardware
- Software
- Virtual Machine
- What we covered
- Day #1
- Day #2
- Resetting the course infrastructure
- Evaluate the training session
- Thanks
<html> <DIV ALIGN=“CENTER”> Copyright © 2020 Hugh Norris<BR><BR> Non-contractual document. The curriculum can be changed without notice. </div> </html>
