Kubernetes Workshop

5 Sessions (4h each) training program on container orchestration with Kubernetes

Duration 5 days
Session Duration 4 hours/day
Level Intermediate
Modules 10

Objectives

This workshop introduces participants to deploy applications at scale with container orchestration
engine(COE) i.e. Kubernetes and management of COE platforms.

Pre Requisites

 Linux/Unix Systems Fundaments

 Familiarity with Command Line Interface (CLI)

 Fundamental knowledge of editors on linux (any one of vi/nano/emacs)

 Understanding of YAML syntax and familiarity with reading/writing basic YAML specifications

 Understanding of Docker Fundamentals

◦ What is a container and and the basic primitives such as namespaces, cgroups, CoW, overlayfs
etc.

◦ How to run and operate containers

◦ How to build a docker image by writing Dockerfiles

◦ Docker networking fundamentals

Systems Requisites
These are the prerequisites for each attendee.
Hardware Requirements:
 Laptop/Desktop with high speed internet connection
 8 GB RAM
 4 CPU Cores
 20 GB Disk Space Available

Software Requirements:
 Base Operating System : Windows / Mac OSX / Linux
 Docker (choose one option)
 Mac : Docker for Mac
 Windows 10 and above : Docker for Windows
 Windows version < 10: Docker Toolbox
 Linux: Docker installed with package manager
 Additional Softwares only on Windows
 ConEMU (Recommended)
 Git for Windows

Topics
Kubernetes
● Introduction to Kubernetes
● Install and configure Kubernetes Cluster
● Deploying containers in Kubernetes - working with Pods
● Building High Availability and Scalability with Replica Sets
● Service Discovery and Load Balancing
● Ingress Controllers and Ingress
● Deployments, Rollouts and Rollbacks
● Injecting Application Configurations with ConfigMaps and Secrets
● Persistent Storage
● Kubernetes Security with RBAC
● Monitoring, Metrics and HELM
Detailed Course Outline :

Session I / Day I

Kubernetes
 Introduction to Kubernetes
 Container Orchestration Kubernetes Overview
 History of Kubernetes and Google's Container Approach
 Kubernetes Features
 Kubernetes Architecture Overview
 Master
◦ API Server
◦ Scheduler
◦ Controller Managers
◦ etcd, dns and other addons
 Node
◦ kubelet
◦ kube poxy
 Kubectl

 Kubernetes Concepts
 Namespaces
 Pods
 Labels and Selectors
 Services and Ingress
 Deployments, Configmaps and Secrets
 Additional Controllers, Persistent Storage etc.

 Setting up Kubernetes Cluster with Kubeadm

 Kubernetes Installation
 Master and Node Setup
 Validating and Component Test
 CNI and seting up Dashboard
 Kubectl configurations
Session II / Day II

 Deploying containers in Kubernetes – Working with Pods

 Life of a Pod
 Pod Specs Primer
 Creating and Managing a Pod
 Pod with local persistent storage
 Multi Container Pods

 Building Availability and Scalability with Replica Sets

 Replication Controllers and Replicasets
 Replica Set Specs
◦ Replicas
◦ Pod Selectors
◦ Pod Template
 High Availability and Fault tolerance in action

Session III / Day III

 Service Discovery and Load Balancing

 Expositing Pods with Services
 Features of a service
◦ Discovery
◦ Load Balancing
 Types of Services
 ClusterIP
 NodePort
 ExternalIP
 LoadBalancer
 Services under the hood

 Ingress Controllers and Ingress

 Service(L4) vs Ingress (L7)
  Setting up Ingress with Traefik
 Ingress Controllers and Ingress Concpets
 Setting up Traefik as a Ingress Controller with DaemonSets
 Writing Ingress Rules
 Using annotations to pass configurations between Kubernetes Entities

Session IV / Day IV

 Deployments
 Codifying update/deployment strategies
 Deployment Specs
 Straegies
◦ Rolling Updates vs Recreate
◦ Defining Batch Size
 Rolling our a deployment
 Handling failures and Rollbacks

 Persistent Storage
 Persistent Storage Objects
◦ Storage Classes
◦ Persistent Volumes
◦ Persistent Volume Claims
◦ Storage Providers
 Setting up NFS based persistent storage
 Create NFS provisioner using Statefulset
 Create a storage class
 Dynamic provisioning with Persistent volume claims

Session V / Day V

 Kubernetes Security - Role Based Access Control (RBAC)

 Kubernetes Authentication and Authorization
 Authentication
 Authorization
  Adminission control
 Role Based Access Control
 Roles and ClusterRoles
 RoleBindings and ClusterRoleBindings
 ServiceAccounts

 Monitoring, Metrics and HELM

 Kubernetes Monitoring Architecture
 Defining Resource Requests and Limits
 Setting up Metric Server to provide monitoring metrics
 HELM Quick Dive
 What is Helm and how it works
 Installing helm3
 Overview of Helm Charts
 Using helm to setup Prometheus and Grafana

 Additional topics if time permits

 Injecting Application Configurations
 Advanced pod scheduling
 Autoscaling with HPA
 Network Policies
 Overview of Service Mesh/Istio

Reading List
Here is the list of curated resources which you could refer to to learn about docker before the training
and and get an in depth understanding post training.

Youtube Resources
 Kubernetes Introduction by Kelsey Hightower

 Life of a Packet
Video Courses
 Scalable Micro Services with Kubernetes by Carter Morgan, Kelsey Hightower, Gundega Dekena

Safaribooks Online
 Kubernetes Up and Running - Kelsey Hightower

Tutorials
 Application Example Tutorials
 Application Stack Examples
 Official Kubernetes Bootcamp
 Kubernetes in 10 mins
 Kubernetes the Hard Way
 Kubernetes Cluster for the Hobbyist