Course outline
Duration : 3 days |
This three-day instructor-led class introduces participants to deploying and managing containerized applications on Google Kubernetes Engine (GKE) and the other services provided by Google Cloud Platform. Through a combination of presentations, demos, and hands-on labs, participants explore and deploy solution elements, including infrastructure components such as pods, containers, deployments, and services; as well as networks and application services. This course also covers deploying practical solutions including security and access management, resource management, and resource monitoring. | |
Audience | This class is intended for the following participants: Cloud architects, administrators, and SysOps/DevOps personnel, Individuals using Google Cloud Platform to create new solutions or to integrate existing systems, application environments, and infrastructure with the Google Cloud Platform. |
Prerequisites | To get the most out of this course, participants should have: Completed Google Cloud Platform Fundamentals: Core Infrastructure or have equivalent experience Basic proficiency with command-line tools and Linux operating system environment. |
Objectives | This course teaches participants the following skills: • Understand how software containers work Understand the architecture of Kubernetes • Understand the architecture of Google Cloud Platform Understand how pod networking works in Kubernetes Engine • Create and manage Kubernetes Engine clusters using the GCP Console and gcloud/ kubectl commands Launch, roll back and expose jobs in Kubernetes Manage access control using Kubernetes RBAC and Google Cloud IAM • Managing pod security policies and network policies Using Secrets and ConfigMaps to isolate security credentials and configuration artifacts • Understand GCP choices for managed storage services • Monitor applications running in Kubernetes Engine |
Contents | Introduction to Google Cloud Platform • Use the Google Cloud Platform Console • Use Cloud Shell • Define cloud computing • Identify GCPs compute services • Understand regions and zones • Understand the cloud resource hierarchy • Administer your GCP resources |
Containers and Kubernetes in GCP • Create a container using Cloud Build • Store a container in Container Registry • Understand the relationship between Kubernetes and Google Kubernetes Engine (GKE) • Understand how to choose among GCP compute platforms | |
Kubernetes Architecture • Understand the architecture of Kubernetes: pods, namespaces • Understand the control-plane components of Kubernetes • Create container images using Google Cloud Build • Store container images in Google Container Registry • Create a Kubernetes Engine cluster | |
Kubernetes Operations • Work with the kubectl command • Inspect the cluster and Pods • View a Pods console output • Sign in to a Pod interactively | |
Deployments, Jobs, and Scaling • Create and use Deployments • Create and run Jobs and CronJobs • Scale clusters manually and automatically • Configure Node and Pod affinity • Get software into your cluster with Helm charts and Kubernetes Marketplace | |
GKE Networking • Create Services to expose applications that are running within Pods • Use load balancers to expose Services to external clients • Create Ingress resources for HTTP(S) load balancing • Leverage container-native load balancing to improve Pod load balancing • Define Kubernetes network policies to allow and block traffic to pods | |
Persistent Data and Storage • Use Secrets to isolate security credentials • Use ConfigMaps to isolate configuration artifacts • Push out and roll back updates to Secrets and ConfigMaps • Configure Persistent Storage Volumes for Kubernetes Pods • Use StatefulSets to ensure that claims on persistent storage volumes persist across restarts | |
Access Control and Security in Kubernetes and Kubernetes Engine • Understand Kubernetes authentication and authorization • Define Kubernetes RBAC roles and role bindings for accessing resources in namespaces • Define Kubernetes RBAC cluster roles and cluster role bindings for accessing cluster-scoped resources • Define Kubernetes pod security policies • Understand the structure of GCP IAM • Define IAM roles and policies for Kubernetes Engine cluster administration | |
Logging and Monitoring • Use Stackdriver to monitor and manage availability and performance • Locate and inspect Kubernetes logs • Create probes for wellness checks on live applications | |
Using GCP Managed Storage Services from Kubernetes Applications • Understand pros and cons for using a managed storage service versus self managed containerized storage • Enable applications running in GKE to access GCP storage services • Understand use cases for Cloud Storage, Cloud SQL, Cloud Spanner, Cloud Bigtable, Cloud Firestore, and Bigquery from within a Kubernetes application. |