Objectives
After completing this course, the learner will be able to:
■ Modify and explain ConfigMaps and Secrets
■ Explore resource limits, requests, and Quality of Service
■ Use Helm to instantiate 3-tier application
■ Apply security contexts and network policies
■ Explore Istio Service Mesh networking options
■ Explore ingress and ingress controller networking options
■ Describe application monitoring and logging
■ Explain application scaling and resource management
Outline
1. Application Configuration
1.1 Configuration with ConfigMaps
1.2 Configuration with Secrets
Exercise: ConfigMap use in Pod
Exercise: Secrets use in Pod
2. Resource Quotas and Limits
2.1 Resource limits
2.2 Resource requests
2.3 Quality of Service (QoS)
Exercise: Modify limits and requests to affect QoS
3. Application Deployment using Helm
3.1 K8S Elements (Deployment, Service)
Exercise: Deploy 3-Tier with Config1
Exercise: Deploy 3-Tier with Config2
4. Custom Resource Definitions and Operators
4.1 Custom Resources (CRs) and Definitions (CRDs)
4.2 Operators and Operator Lifecycle Manager
Exercise: Modify/Use an Operator to deploy/manage app
5. Security in Kubernetes
5.1 Certificate Usage
5.2 Security Contexts for applications
5.3 Network policies for application isolation
Exercise: Security Context Use
Exercise: Create and apply network policy
Exercise: Deploy and observe certificate use
6. Advanced Networking - Service Mesh
6.1 Istio architecture and Custom Resources
6.2 Traffic management and observability
Exercise: Configure application networking using Istio
7. Adv Networking - Ingress/Ingress Controllers
7.1 Kubernetes Ingress Controllers
7.2 Relation to Service Mesh Gateways
Exercise: External access using Ingress Controller
8. Monitoring and Logging
8.1 Log management with EFK
8.2 Metrics with Prometheus
Exercise: Use Prometheus to monitor application
Exercise: Use EFK to collect and analyze logs
9. Scaling and Resource Management
9.1 Horizontal and vertical pod autoscaling
Exercise: Configure and monitor autoscaling
