118 Kubernetes courses

Do you want to build a CI/CD pipeline to deploy applications or microservices on AKS and EKS Kubernetes cluster using Helm and Jenkinsfile? Then you are in the right place.

Duration 5 Days 30 CPD hours This course is intended for Anyone who plans to work with Kubernetes at any level or tier of involvement Any company or individual who wants to advance their knowledge of the cloud environment Application Developers Operations Developers IT Directors/Managers Overview All topics required by the CKAD exam, including: Deploy applications to a Kubernetes cluster Pods, ReplicaSets, Deployments, DaemonSets Self-healing and observable applications Multi-container Pod Design Application configuration via Configmaps, Secrets Administrate cluster use for your team A systematic understanding of Kubernetes architecture Troubleshooting and debugging tools Kubernetes networking and services Kubernetes is a Cloud Orchestration Platform providing reliability, replication, and stability while maximizing resource utilization for applications and services. By the conclusion of this hands-on training, you will go back to work with all necessary commands and practical skills to empower your team to succeed, as well as gain knowledge of important concepts like Kubernetes architecture and container orchestration. We prioritize covering all objectives and concepts necessary for passing the Certified Kubernetes Application Developer (CKAD) exam. You will command and configure a high availability Kubernetes environment (and later, build your own!) capable of demonstrating all ?K8s'' features discussed and demonstrated in this course. Your week of intensive, hands-on training will conclude with a mock CKAD exam that matches the real thing. Kubernetes Architecture Components Understand API deprecations Containers Define, build and modify container images Pods Master Services Node Services K8s Services YAML Essentials Creating a K8s Cluster kubectl Commands Kubernetes Resources Kubernetes Namespace Kubernetes Contexts Pods What is a Pod? Create, List, Delete Pods How to Access Running Pods Kubernetes Resources Managing Cloud Resource Consumption Multi-Container Pod Design Security Contexts Init Containers Understand multi-container Pod design patterns (e.g. sidecar, init and others) Pod Wellness Tracking Networking Packet Forwarding ClusterIP and NodePort Services Provide and troubleshoot access to applications via services Ingress Controllers Use Ingress rules to expose applications NetworkPolicy resource Demonstrate basic understanding of NetworkPolicies Network Plugins Defining the Service Mesh Service mesh configuration examples ReplicaSets Services ReplicaSet Function Deploying ReplicaSets Deployments Deployment Object Updating/Rolling Back Deployments Understand Deployments and how to perform rolling updates Deployment Strategies Use Kubernetes primitives to implement common deployment strategies (e.g. blue/green or canary) Scaling ReplicaSets Autoscaling Labels and Annotations Labels Annotations Node Taints and Tolerations Jobs The K8s Job and CronJob Understand Jobs and CronJobs Immediate vs. scheduled internal use Application Configuration Understanding and defining resource requirements, limits and quotas Config Maps Create & consume Secrets Patching Custom Resource Definition Discover and use resources that extend Kubernetes (CRD) Managing ConfigMaps and Secrets as Volumes Storage Static and dynamic persistent volumes via StorageClass K8s volume configuration Utilize persistent and ephemeral volumes Adding persistent storage to containers via persistent volume claims Introduction to Helm Helm Introduction Charts Use the Helm package manager to deploy existing packages Application Security Understand authentication, authorization and admission control Understand ServiceAccounts Understand SecurityContexts Application Observability and Maintenance Use provided tools to monitor Kubernetes applications How to Troubleshoot Kubernetes Basic and Advanced Logging Techniques Utilize container logs Accessing containers with Port-Forward Debugging in Kubernetes Hands on Labs: Define, build and modify container images Deploy Kubernetes using Ansible Isolating Resources with Kubernetes Namespaces Cluster Access with Kubernetes Context Listing Resources with kubectl get Examining Resources with kubectl describe Create and Configure Basic Pods Debugging via kubectl port-forward Imperative vs. Declarative Resource Creation Performing Commands inside a Pod Understanding Labels and Selectors Insert an Annotation Create and Configure a ReplicaSet Writing a Deployment Manifest Perform rolling updates and rollbacks with Deployments Horizontal Scaling with kubectl scale Implement probes and health checks Understanding and defining resource requirements, limits and quotas Understand Jobs and CronJobs Best Practices for Container Customization Persistent Configuration with ConfigMaps Create and Consume Secrets Understand the Init container multi-container Pod design pattern Using PersistentVolumeClaims for Storage Dynamically Provision PersistentVolumes with NFS Deploy a NetworkPolicy Provide and troubleshoot access to applications via services Use Ingress rules to expose applications Understand the Sidecar multi-container Pod design pattern Setting up a single tier service mesh Tainted Nodes and Tolerations Use the Helm package manager to deploy existing packages A Completed Project Install Jenkins Using Helm and Run a Demo Job Custom Resource Definitions (CRDs) Patching Understanding Security Contexts for Cluster Access Control Utilize container logs Advanced Logging Techniques Troubleshooting Calicoctl Deploy a Kubernetes Cluster using Kubeadm Monitoring Applications in Kubernetes Resource-Based Autoscaling Create ServiceAccounts for use with the Kubernetes Dashboard Saving Your Progress With GitHub CKAD Practice Drill Alta Kubernetes Course Specific Updates Sourcing Secrets from HashiCorp Vault Example CKAD Test Questions

Duration 4 Days 24 CPD hours This course is intended for This four-day course is intended for Windows Server Hybrid Administrators who have experience working with Windows Server and want to extend the capabilities of their on-premises environments by combining on-premises and hybrid technologies. Windows Server Hybrid Administrators implement and manage on-premises and hybrid solutions such as identity, management, compute, networking, and storage in a Windows Server hybrid environment. This course teaches IT Professionals how to manage core Windows Server workloads and services using on-premises, hybrid, and cloud technologies. The course teaches IT Professionals how to implement and manage on-premises and hybrid solutions such as identity, management, compute, networking, and storage in a Windows Server hybrid environment. Prerequisites Experience with managing Windows Server operating system and Windows Server workloads in on-premises scenarios, including AD DS, DNS, DFS, Hyper-V, and File and Storage Services Experience with common Windows Server management tools (implied in the first prerequisite). Basic knowledge of core Microsoft compute, storage, networking, and virtualization technologies (implied in the first prerequisite). Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP) Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts Basic experience with implementing and managing IaaS services in Microsoft Azure Basic knowledge of Azure Active Directory Experience working hands-on with Windows client operating systems such as Windows 10 or Windows 11 Basic experience with Windows PowerShell 1 - Introduction to AD DS Define AD DS Define users, groups, and computers Define AD DS forests and domains Define OUs Manage objects and their properties in AD DS 2 - Manage AD DS domain controllers and FSMO roles Deploy AD DS domain controllers Maintain AD DS domain controllers Manage the AD DS Global Catalog role Manage AD DS operations masters Manage AD DS schema 3 - Implement Group Policy Objects Define GPOs Implement GPO scope and inheritance Define domain-based GPOs Create and configure a domain-based GPO Define GPO storage Define administrative templates 4 - Manage advanced features of AD DS Create trust relationships Implement ESAE forests Monitor and troubleshoot AD DS Create custom AD DS partitions 5 - Implement hybrid identity with Windows Server Select a Microsoft Entra integration model Plan for Microsoft Entra integration Prepare on-premises Active Directory for directory synchronization Install and configure directory synchronization with Microsoft Entra Connect Implement Seamless Single Sign-On Enable Microsoft Entra login in for Windows VM in Azure Describe Microsoft Entra Domain Services Implement and configure Microsoft Entra Domain Services Manage Windows Server 2019 in a Microsoft Entra Domain Services environment Create and configure a Microsoft Entra Domain Services instance Join a Windows Server VM to a managed domain 6 - Deploy and manage Azure IaaS Active Directory domain controllers in Azure Select an option to implement directory and identity services using Active Directory Domain Services in Azure Deploy and configure Active Directory Domain Services domain controllers in Azure VMs Install a replica Active Directory domain controller in an Azure VM Install a new Active Directory forest on an Azure VNet 7 - Perform Windows Server secure administration Define least privilege administration Implement delegated privileges Use privileged access workstations Use jump servers 8 - Describe Windows Server administration tools Explore Windows Admin Center Use Server Manager List Remote Server Administration Tools Use Windows PowerShell Use Windows PowerShell to remotely administer a server 9 - Perform post-installation configuration of Windows Server List the available post-installation configuration tools Configure Server Core using Sconfig Use DSC to configure Windows Server Perform post-installation configuration with Windows Admin Center Configure a server with answer files 10 - Just Enough Administration in Windows Server Explain the concept of Just Enough Administration (JEA) Define role capabilities for a JEA endpoint Create a session configuration file to register a JEA endpoint Describe how JEA endpoints work to limit access to a PowerShell session Create and connect to a JEA endpoint Demonstration: Connect to a JEA endpoint 11 - Administer and manage Windows Server IaaS Virtual Machine remotely Select the appropriate remote administration tool Manage Windows Virtual Machines with Azure Bastion Create an Azure Bastion host Configure just-in-time administration 12 - Manage hybrid workloads with Azure Arc Describe Azure Arc Onboard Windows Server instances Connect hybrid machines to Azure from the Azure portal Use Azure Arc to manage Windows Server instances Restrict access with RBAC 13 - Configure and manage Hyper-V Define Hyper-V Define Hyper-V Manager Configure Hyper-V hosts using best practices Configure Hyper-V networking Assess advanced Hyper-V networking features Define nested virtualization 14 - Configure and manage Hyper-V virtual machines List the virtual machine configuration versions List the virtual machine generation versions List available VHD formats and types Create and configure VMs Determine storage options for VMs Define shared VHDs and VHD Sets Implement guest clusters using shared VHDX 15 - Secure Hyper-V workloads Define guarded fabric Define the Host Guardian Service Explore TPM-trusted attestation Define KPS Determine key features of shielded VMs Compare encryption-supported and shielded VMs in a guarded fabric Implement a shielded VM 16 - Run containers on Windows Server Define containers List the differences between containers and VMs Define Windows Server and Hyper-V containers and isolation modes Explore Docker Prepare a Windows Server 2019 host for container deployment Security, Storage, and Networking with Windows containers 17 - Orchestrate containers on Windows Server using Kubernetes Define orchestration Define Kubernetes Deploy Kubernetes resources Create a Kubernetes cluster on Windows Define Azure Arc Connect an Azure Arc-enabled Kubernetes cluster to Azure Arc 18 - Plan and deploy Windows Server IaaS Virtual Machines Describe Azure compute Describe Virtual Machine storage Deploy Azure Virtual Machines Create a windows Virtual Machine using the portal Create a windows Virtual Machine using Azure CLI Deploy Azure Virtual Machines using templates Describe additional management optimization options 19 - Customize Windows Server IaaS Virtual Machine images Create a generalized image Create a new Virtual Machine from a managed image Create a managed image of a generalized virtual machine in Azure Create a Virtual Machine from a managed image Implement Azure Image Builder Create a windows Virtual Machine using Azure Image Builder template Create a Windows Virtual Machine with Azure Image Builder using PowerShell 20 - Automate the configuration of Windows Server IaaS Virtual Machines Describe Azure Automation Implement Azure Automation with DSC Remediate noncompliant servers Describe Custom Script Extensions Configure a Virtual Machine by using DSC 21 - Deploy and manage DHCP Use DHCP to simplify IP configuration Install and configure the DHCP role Configure DHCP options Configure DHCP scopes Select DHCP high availability options Implement DHCP Failover 22 - Implement Windows Server DNS Explore the DNS architecture Work with DNS zones and records Install and configure the DNS role Implement DNS forwarding 23 - Implement IP Address Management Define IP Address Management Deploy IP Address Management Administer IP Address Management Configure IP Address Management options Manage DNS zones with IP Address Management Manage DHCP servers with IP Address Management Use IP Address Management to manage IP addressing 24 - Implement remote access Examine the remote access options in Windows Server Select and set up VPNs Use NPS to create and enforce network access policies Plan and implement NPS Deploy a PKI for remote access Use WAP as a reverse web proxy 25 - Implement hybrid network infrastructure Describe Azure network topologies Implement Azure VPN options Create a route-based VPN gateway using the Azure portal Implement Azure ExpressRoute Configure Azure Virtual WAN Implement DNS in hybrid environments 26 - Implement DNS for Windows Server IaaS VMs Understand Azure DNS Implement Azure DNS Create an Azure DNS zone and record using the Azure portal Implement DNS with Azure IaaS virtual machines Implement split-horizon DNS in Azure Troubleshoot DNS 27 - Implement Windows Server IaaS VM IP addressing and routing Implement a virtual network Implement IaaS VM IP addressing Assign and manage IP addresses Configure a private IP address for a virtual machine using the Azure portal Create a virtual machine with a static public IP address using the Azure portal Implement IaaS virtual machine IP routing Implement IPv6 for Windows Server IaaS virtual machines 28 - Manage Windows Server file servers Define the Windows Server file system List the benefits and uses of File Server Resource Manager Define SMB and its security considerations Configure SMB protocol Define Volume Shadow Copy Service 29 - Implement Storage Spaces and Storage Spaces Direct Define the Storage Spaces architecture and its components List the functionalities, benefits, and use cases of Storage Spaces Implement Storage Spaces List the functionalities, components, benefits, and use cases of Storage Spaces Direct Implement Storage Spaces Direct 30 - Implement Windows Server Data Deduplication Define the architecture, components, and functionality of Data Deduplication Define the use cases and interoperability of Data Deduplication Implement Data Deduplication Manage and maintain Data Deduplication 31 - Implement Windows Server iSCSI List the functionalities, components, and use cases of iSCSI List the considerations for implementing iSCSI Implement iSCSI Configure high availability for iSCSI 32 - Implement Windows Server Storage Replica List the functionalities and components of Storage Replica Examine the prerequisites for implementing Storage Replica Implement Storage Replica by using Windows Admin Center Implement Storage Replica by using Windows PowerShell 33 - Implement a hybrid file server infrastructure Describe Azure File services Configure Azure Files Configure connectivity to Azure Files Describe Azure File Sync Implement Azure File Sync Deploy Azure File Sync Deploy Azure File Sync 2 Manage cloud tiering Migrate from DFSR to Azure File Sync

Duration 1 Days 6 CPD hours This course is intended for This course is intended for the following participants: Application developers, Cloud Solutions Architects, DevOps Engineers, IT managers. Individuals using Google Cloud Platform to create new solutions or to integrate existing systems, application environments, and infrastructure with the Google Cloud Platform. Overview At the end of the course, students will be able to: Understand container basics. Containerize an existing application. Understand Kubernetes concepts and principles. Deploy applications to Kubernetes using the CLI. Set up a continuous delivery pipeline using Jenkins Learn to containerize workloads in Docker containers, deploy them to Kubernetes clusters provided by Google Kubernetes Engine, and scale those workloads to handle increased traffic. Students will also learn how to continuously deploy new code in a Kubernetes cluster to provide application updates. Introduction to Containers and Docker Acquaint yourself with containers, Docker, and the Google Container Registry. Create a container. Package a container using Docker. Store a container image in Google Container Registry. Launch a Docker container. Kubernetes Basics Deploy an application with microservices in a Kubernetes cluster. Provision a complete Kubernetes cluster using Kubernetes Engine. Deploy and manage Docker containers using kubectl. Break an application into microservices using Kubernetes? Deployments and Services. Deploying to Kubernetes Create and manage Kubernetes deployments. Create a Kubernetes deployment. Trigger, pause, resume, and rollback updates. Understand and build canary deployments. Continuous Deployment with Jenkins Build a continuous delivery pipeline. Provision Jenkins in your Kubernetes cluster. Create a Jenkins pipeline. Implement a canary deployment using Jenkins. Additional course details: Nexus Humans Getting Started with Google Kubernetes Engine training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Getting Started with Google Kubernetes Engine course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Professionals who need to maintain or set up a Kubernetes cluster Container Orchestration Engineers DevOps Professionals Overview Cluster architecture, installation, and configuration Rolling out and rolling back applications in production Scaling clusters and applications to best use How to create robust, self-healing deployments Networking configuration on cluster nodes, services, and CoreDNS Persistent and intelligent storage for applications Troubleshooting cluster, application, and user errors Vendor-agnostic cloud provider-based Kubernetes Kubernetes is a Cloud Orchestration Platform providing reliability, replication, and stability while maximizing resource utilization for applications and services. By the conclusion of this hands-on, vendor agnostic training you will go back to work with the knowledge, skills, and abilities to design, implement, and maintain a production-grade Kubernetes cluster. We prioritize covering all objectives and concepts necessary for passing the Certified Kubernetes Administrator (CKA) exam. You will be provided the components necessary to assemble your own high availability Kubernetes environment and configure, expand, and control it to meet the demands made of cluster administrators. Your week of intensive, hands-on training will conclude with a mock CKA exam that simulates the real exam. Cluster Architecture, Installation & Configuration Each student will be given an environment that allows them to build a Kubernetes cluster from scratch. After a detailed discussion on key architectural components and primitives, students will install and compare two production grade Kubernetes clusters. Review: Kubernetes Fundamentals After successfully instantiating their own Kubernetes Cluster, students will be guided through foundational concepts of deploying and managing applications in a production environment. Workloads & Scheduling After establishing a solid Kubernetes command line foundation, students will be led through discussion and hands-on labs which focus on effectively creating applications that are easy to configure, simple to manage, quick to scale, and able to heal themselves. Services & Networking Thoroughly understanding the underlying physical and network infrastructure of a Kubernetes cluster is an essential skill for a Certified Kubernetes Administrator. After an in-depth discussion of the Kubernetes Networking Model, students explore the networking of their cluster?s Control Plane, Workers, Pods, and Services. Storage Certified Kubernetes Administrators are often in charge of designing and implementing the storage architecture for their clusters. After discussing many common cluster storage solutions and how to best use each, students practice incorporating stateful storage into their applications. Troubleshooting A Certified Kubernetes Administrator is expected to be an effective troubleshooter for their cluster. The lecture covers a variety of ways to evaluate and optimize available log information for efficient troubleshooting, and the labs have students practice diagnosing and resolving several typical issues within their Kubernetes Cluster. Certified Kubernetes Administrator Practice Exam Just like the Cloud Native Computing Foundation CKA Exam, the students will be given two hours to complete hands-on tasks in their own Kubernetes environment. Unlike the certification exam, students taking the Alta3 CKA Practice Exam will have scoring and documented answers available immediately after the exam is complete, and will have built-in class time to re-examine topics that they wish to discuss in greater depth.

Duration 4 Days 24 CPD hours This course is intended for Anyone who is preparing to build and run Kubernetes clusters Overview By the end of the course, you should be able to meet the following objectives: Build, test, and publish Docker container images Become familiar with YAML files that define Kubernetes objects Understand Kubernetes core user-facing concepts, including pods, services, and deployments Use kubectl, the Kubernetes CLI, and become familiar with its commands and options Understand the architecture of Kubernetes (Control plane and its components, worker nodes, and kubelet) Learn how to troubleshoot issues with deployments on Kubernetes Apply resource requests, limits, and probes to deployments Manage dynamic application configuration using ConfigMaps and Secrets Deploy other workloads, including DaemonSets, Jobs, and CronJobs Learn about user-facing security using SecurityContext, RBAC, and NetworkPolicies This four-day course is the first step in learning about Containers and Kubernetes Fundamentals and Cluster Operations. Through a series of lectures and lab exercises, the fundamental concepts of containers and Kubernetes are presented and put to practice by containerizing and deploying a two-tier application into Kubernetes. Course Introduction Introductions and objectives Containers What and Why containers Building images Running containers Registry and image management Kubernetes Overview Kubernetes project Plugin interfaces Building Kubernetes Kubectl CLI Beyond Kubernetes Basics Kubernetes objects YAML Pods, replicas, and deployments Services Deployment management Rolling updates Controlling deployments Pod and container configurations Kubernetes Networking Networking within a pod Pod-to-Pod Networking Services to Pods ClusterIP, NodePort, and LoadBalancer Ingress controllers Service Discovery via DNS Stateful Applications in Kubernetes Stateless versus Stateful Volumes Persistent volumes claims StorageClasses StatefulSets Additional Kubernetes Considerations Dynamic configuration ConfigMaps Secrets Jobs, CronJobs Security Network policy Applying a NetworkPolicy SecurityContext runAsUser/Group Service accounts Role-based access control Logging and Monitoring Logging for various objects Sidecar logging Node logging Audit logging Monitoring architecture Monitoring solutions Octant VMware vRealize Operations Manager Cluster Operations Onboarding new applications Backups Upgrading Drain and cordon commands Impact of an upgrade to running applications Troubleshooting commands VMware Tanzu portfolio overview

Securing Kubernetes training course description This course introduces concepts, procedures, and best practices to harden Kubernetes based systems and container-based applications against security threats. It deals with the main areas of cloud-native security: Kubernetes cluster setup, Kubernetes cluster hardening, hardening the underlying operating system and networks, minimizing microservices vulnerabilities, obtaining supply chain security as well as monitoring, logging, and runtime security. What will you learn Harden Kubernetes systems and clusters. Harden containers. Configure and use Kubernetes audit logs. Securing Kubernetes training course details Who will benefit: Technical staff working with Kubernetes Prerequisites: Kubernetes_for_engineers_course.htm Definitive Docker for engineers Duration 2 days Securing Kubernetes training course contents This course does not only deal with the daily security administration of Kubernetes-based systems but also prepares delegates for the official Certified Kubernetes Security Specialist (CKS) exams of the Cloud Native Computing Foundation (CNCF). Structure: 50% theory 50% hands on lab exercise Module 1: User and authorization management Users and service accounts in Kubernetes Authenticating users Managing authorizations with RBAC Module 2: Supply chain security Vulnerabilit checking for images Image validation in Kubernetes Reducing image footprint Secure image registries Module 3: Validating cluster setup and penetration testing Use CIS benchmark to review the security configuration of Kubernetes components. Modify the cluster components' configuration to match the CIS Benchmark. Penetration testing Kubernetes for known vulnerabilities. Module 4: System hardening Use kernel hardening tools Setup appropriate OS level security domains Container runtime sandboxes Limit network access Module 5: Monitoring and logging Configure Kubernetes audit logs Configure Audit Policies Monitor applications behaviour with Falco

Kubernetes for engineers training course description This course covers how Kubernetes addresses the challenges of distributed systems. Hands on sessions follow all the major theory chapters. What will you learn Explain what Kubernetes is and how it works. Create and run containers on Kubernetes using the Docker image format and container runtime. Kubernetes for engineers training course details Who will benefit: Anyone working with Docker or Kubernetes. Prerequisites: Definitive Docker for engineers. Duration 2 days Kubernetes for engineers training course contents Introduction Velocity, Scaling your service and your teams, Abstracting your infrastructure. Creating and running containers Container images, Building application images with Docker, Storing images in a remote registry, The Docker container runtime. Deploying a Kubernetes cluster Installing Kubernetes on a public cloud provider, Installing Kubernetes locally using minikube, Running Kubernetes on Raspberry Pi, The Kubernetes client, Cluster components. Common kubectl Commands Namespaces, Contexts, Viewing Kubernetes API objects, Creating, Updating, and Destroying Kubernetes objects, Labelling and annotating objects, Debugging commands. Pods Pods in Kubernetes, Thinking with pods, The pod manifest, Running pods, Accessing your pod, Health checks, Resource management, Persisting data with volumes, Putting It all together. Labels and Annotations Labels, Annotations. Service Discovery What Is Service discovery? The service object, Looking beyond the cluster, Cloud integration, Advanced details. ReplicaSets Reconciliation loops, Relating pods and ReplicaSets, Designing with ReplicaSets, ReplicaSet Spec, Creating a ReplicaSet, Inspecting a ReplicaSet, Scaling ReplicaSets, Deleting ReplicaSets. DaemonSets DaemonSet scheduler, Creating DaemonSets, Limiting DaemonSets to specific nodes, Updating a DaemonSet, Deleting a DaemonSet. Jobs The job object, Job patterns. ConfigMaps and secrets ConfigMaps, Secrets, Naming constraints, Managing ConfigMaps and secrets. Deployments Your first deployment, Creating deployments, Managing deployments, Updating deployments, Deployment strategies, Deleting a deployment. Integrating storage solutions and Kubernetes Importing external services, Running reliable singletons, Kubernetes-native storage with StatefulSets. Deploying real-world applications Parse, Ghost, Redis.

Duration 5 Days 30 CPD hours This course is intended for Security Professionals working with Kubernetes Clusters Container Orchestration Engineers DevOps Professionals Overview In this course, students will learn and practice essential Kubernetes concepts and tasks in the following sections: Cloud Security Fundamentals Cluster Hardening System Hardening Minimize Microservice Vulnerabilities Supply Chain Security Disaster Recovery Secure Back-up and Restore This class prepares students for the Certified Kubernetes Security Specialist (CKS) exam. Kubernetes is a Cloud Orchestration Platform providing reliability, replication, and stabilitywhile maximizing resource utilization for applications and services. By the conclusion of this hands-on, vendor agnostic training you will be equipped with a thorough understanding ofcloud security fundamentals, along with the knowledge, skills and abilities to secure a Kubernetes cluster, detect threats, and properly resolve a security catastrophe. This courseincludes hands-on instruction which develops skills and knowledge for securing container-based applications and Kubernetes platforms, during build, deployment, and runtime. We prioritizecovering all objectives and concepts necessary for passing the Certified Kubernetes Security Specialist (CKS) exam. You will be provided the components necessary to assemble your ownhigh availability Kubernetes environment and harden it for your security needs. Learning Your Environment Underlying Infrastructure Using Vim Tmux Cloud Security Primer Basic Principles Threat Analysis Approach CIS Benchmarks Securing your Kubernetes Cluster Kubernetes Architecture Pods and the Control Plane Kubernetes Security Concepts Install Kubernetes using kubeadm Configure Network Plugin Requirements Kubeadm Basic Cluster Installing Kubeadm Join Node to Cluster Kubeadm Token Manage Kubeadm Tokens Kubeadm Cluster Upgrade Securing the kube-apiserver Configuring the kube-apiserver Enable Audit Logging Falco Deploy Falco to Monitor System Calls Enable Pod Security Policies Encrypt Data at Rest Encryption Configuration Benchmark Cluster with Kube-Bench Kube-Bench Securing ETCD ETCD Isolation ETCD Disaster Recovery ETCD Snapshot and Restore Purge Kubernetes Purge Kubeadm 3Purge Kubeadm Image Scanning Container Essentials Secure Containers Creating a Docker Image Scanning with Trivy Trivy Snyk Security Manually Installing Kubernetes Kubernetes the Alta3 Way Deploy Kubernetes the Alta3 Way Validate your Kubernetes Installation Sonobuoy K8s Validation Test Kubectl (Optional) Kubectl get and sorting kubectl get kubectl describe Labels (Optional) Labels Labels and Selectors Annotations Insert an Annotation Securing your Application Scan a Running Container Tracee Security Contexts for Pods Understanding Security Contexts AppArmor Profiles AppArmor Isolate Container Kernels gVisor Pod Security Pod Security Policies Deploy a PSP Pod Security Standards Enable PSS Open Policy Agent (OPA) Admission Controller Create a LimitRange Open Policy Agent Policy as Code Deploy Gatekeeper User Administration Contexts Contexts Authentication and Authorization Role Based Access Control Role Based Access Control RBAC Distributing Access Service Accounts Limit Pod Service Accounts Securing Secrets Secrets Create and Consume Secrets Hashicorp Vault Deploy Vault Securing the Network Networking Plugins NetworkPolicy Deploy a NetworkPolicy mTLS Linkerd mTLS with istio istio Threat Detection Active Threat Analysis Host Intrusion Detection Deploy OSSEC Network Intrusion Detection Deploy Suricata Physical Intrusion Detection Disaster Recovery Harsh Reality of Security Deploy a Response Plan Kasten K10 Backups Deploy K10

Duration 4 Days 24 CPD hours Overview By the end of the course, you should be able to meet the following objectives: Describe how Tanzu Kubernetes Grid fits in the VMware Tanzu portfolio Describe the Tanzu Kubernetes Grid architecture Deploy and manage Tanzu Kubernetes Grid management and supervisor clusters Deploy and manage Tanzu Kubernetes Grid workload clusters Deploy, configure, and manage Tanzu Kubernetes Grid packages Perform basic troubleshooting During this four-day course, you focus on installing VMware Tanzu© Kubernetes Grid? in a VMware vSphere© environment and provisioning and managing Tanzu Kubernetes Grid clusters. The course covers how to install Tanzu Kubernetes Grid packages for image registry, authentication, logging, ingress, multipod network interfaces, service discovery, and monitoring. The concepts learned in this course are transferable for users who must install Tanzu Kubernetes Grid on other supported clouds. Course Introduction Introductions and course logistics Course objectives Introducing VMware Tanzu Kubernetes Grid Identify the VMware Tanzu products responsible for Kubernetes life cycle management and describe the main differences between them Explain the core concepts of Tanzu Kubernetes Grid, including bootstrap, Tanzu Kubernetes Grid management, supervisor, and workload clusters List the components of a Tanzu Kubernetes Grid instance VMware Tanzu Kubernetes Grid CLI and API Illustrate how to use the Tanzu CLI Define the Carvel Tool set Define Cluster API Identify the infrastructure providers List the Cluster API controllers Identify the Cluster API custom resource definitions Authentication Explain how Kubernetes manages authentication with Management clusters Explain how Kubernetes manages authentication with supervisor clusters Define Pinniped Define Dex Describe the Pinniped authentication workflow Load Balancers Illustrate how load balancing works for the Kubernetes control plane Illustrate how load balancing works for application workload Explain how Tanzu Kubernetes Grid integrates with VMware NSX Advanced Load Balancer List load balancing options available on public clouds VMware Tanzu Kubernetes Grid on vSphere List the requirements for deploying a supervisor cluster List the steps to install a Tanzu Kubernetes Grid supervisor cluster Summarize the events of a supervisor cluster creation List the requirements for deploying a management cluster List the steps to install a Tanzu Kubernetes Grid management cluster Summarize the events of a management cluster creation Demonstrate how to use commands when working with management clusters VMware Tanzu Kubernetes Grid on Public Clouds List the requirements for deploying a management cluster on AWS and Microsoft Azure List the configuration options to install a Tanzu Kubernetes Grid a management cluster on AWS and Azure Tanzu Kubernetes Workload Clusters List the steps to build a custom image Describe the available customizations Identify the options for deploying Tanzu Kubernetes Grid clusters Explain the difference between the v1alpha3 and v1beta1 APIs Explain how Tanzu Kubernetes Grid clusters are created Discuss which VMs compose a Tanzu Kubernetes Grid cluster List the pods that run on a Tanzu Kubernetes Grid cluster Describe the Tanzu Kubernetes Grid core add-ons that are installed on a cluster Tanzu Kubernetes Grid Packages Define the Tanzu Kubernetes Grid packages Explain the difference between Auto-Managed and CLI-Managed packages Define packages repositories Configuring and Managing Tanzu Kubernetes Grid Operation and Analytics Packages Describe Cert-Manager Describe the Harbor Image Registry Describe Fluent Bit Identify the logs that Fluent Bit collects Explain basic Fluent Bit configuration Describe Prometheus and Grafana Configuring and Managing Tanzu Kubernetes Grid Networking Packages Describe the Contour ingress controller Demonstrate how to install Contour on a Tanzu Kubernetes Grid cluster Describe ExternalDNS Demonstrate how to install Service Discovery with ExternalDNS Describe Multus CNI Tanzu Kubernetes Grid Day 2 Operations List the load balancer configuration options in vSphere to load balance applications Demonstrate how to configure Ingress with the NodePortLocal Mode Explain how to install VMware Tanzu Application Platform Describe life cycle management in Tanzu Kubernetes Grid Explain how backup and restore are implemented in Tanzu Kubernetes Grid Describe Velero and Restic List the steps to back up a Workload cluster using Velero and Restic Troubleshooting Tanzu Kubernetes Grid Discuss the various Tanzu Kubernetes Grid logs Identify the location of Tanzu Kubernetes Grid logs Explain the purpose of crash diagnostics Demonstrate how to check the health of a Tanzu Kubernetes Grid cluster Explain packages cleanup procedures Explain management recovery procedures Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Tanzu Kubernetes Grid: Install, Configure, Manage [V2.0] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Tanzu Kubernetes Grid: Install, Configure, Manage [V2.0] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.