This three-day instructor-led class introduces participants to deploying and managing containerized applications on Google Kubernetes Engine (GKE) and the other services provided by Google Cloud. Through a combination of presentations, demos, and hands-on labs, participants explore and deploy solution elements, including infrastructure components such as pods, containers, deployments, and services; as well as networks and application services. This course also covers deploying practical solutions including security and access management, resource management, and resource monitoring.
Skills Gained
This course teaches participants the following skills: Understand how software containers work Understand the architecture of Kubernetes Understand the architecture of Google Cloud Understand how pod networking works in Kubernetes Engine Create and manage Kubernetes Engine clusters using the GCP Console and gcloud/ kubectl commands Launch, roll back and expose jobs in Kubernetes Manage access control using Kubernetes RBAC and Google Cloud IAM Managing pod security policies and network policies Using Secrets and ConfigMaps to isolate security credentials and configuration artifacts Understand GCP choices for managed storage services Monitor applications running in Kubernetes Engine
Who Can Benefit
This class is intended for the following participants: Cloud architects, administrators, and SysOps/DevOps personnel Individuals using Google Cloud to create new solutions or to integrate existing systems, application environments, and infrastructure with the Google Cloud.
Prerequisites
To get the most out of this course, participants should have: Completed Google Cloud Fundamentals: Core Infrastructure or have equivalent experience Basic proficiency with command-line tools and Linux operating system environments
Course Outline
Module 1: Introduction to Google Cloud Platform
- Use the Google Cloud Platform Console
- Use Cloud Shell
- Define cloud computing
- Identify GCPs compute services
- Understand regions and zones
- Understand the cloud resource hierarchy
- Administer your GCP resources
Module 2: Containers and Kubernetes in GCP
- Create a container using Cloud Build
- Store a container in Container Registry
- Understand the relationship between Kubernetes and Google Kubernetes Engine (GKE)
- Understand how to choose among GCP compute platforms
Module 3: Kubernetes Architecture
- Understand the architecture of Kubernetes: pods, namespaces
- Understand the control-plane components of Kubernetes
- Create container images using Google Cloud Build
- Store container images in Google Container Registry
- Create a Kubernetes Engine cluster
Module 4: Kubernetes Operations
- Work with the kubectl command
- Inspect the cluster and Pods
- View a Pods console output
- Sign in to a Pod interactively
Module 5: Deployments, Jobs, and Scaling
- Create and use Deployments
- Create and run Jobs and CronJobs
- Scale clusters manually and automatically
- Configure Node and Pod affinity
- Get software into your cluster with Helm charts and Kubernetes Marketplace
Module 6: GKE Networking
- Create Services to expose applications that are running within Pods
- Use load balancers to expose Services to external clients
- Create Ingress resources for HTTP(S) load balancing
- Leverage container-native load balancing to improve Pod load balancing
- Define Kubernetes network policies to allow and block traffic to pods
Module 7: Persistent Data and Storage
- Use Secrets to isolate security credentials
- Use ConfigMaps to isolate configuration artifacts
- Push out and roll back updates to Secrets and ConfigMaps
- Configure Persistent Storage Volumes for Kubernetes Pods
- Use StatefulSets to ensure that claims on persistent storage volumes persist across restarts
Module 8: Access Control and Security in Kubernetes and Kubernetes Engine
- Understand Kubernetes authentication and authorization
- Define Kubernetes RBAC roles and role bindings for accessing resources in namespaces
- Define Kubernetes RBAC cluster roles and cluster role bindings for accessing cluster-scoped resources
- Define Kubernetes pod security policies
- Understand the structure of GCP IAM
- Define IAM roles and policies for Kubernetes Engine cluster administration
Module 9: Logging and Monitoring
- Use Stackdriver to monitor and manage availability and performance
- Locate and inspect Kubernetes logs
- Create probes for wellness checks on live applications
Module 10: Using GCP Managed Storage Services from Kubernetes Applications
- Understand pros and cons for using a managed storage service versus self-managed containerized storage
- Enable applications running in GKE to access GCP storage services
- Understand use cases for Cloud Storage, Cloud SQL, Cloud Spanner, Cloud Bigtable, Cloud Firestore, and Bigquery from within a Kubernetes application
