In this operations-focused course, you’ll deep dive into all the features of the Docker Enterprise platform, and discover how it enables a secure software supply chain from development to production. We’ll discuss managing and enhancing your Kubernetes and Swarm applications through Universal Control Plane, how to harden image security by building pipelines in Docker Trusted Registry, and how to enhance the security of the Docker Enterprise platform via operational best practices.
Access Length: 365 Days
Managing Application Security
Releasing updates to Kubernetes workloads
Scheduling options for Kubernetes workloads
Managing Kubernetes cluster resources
Mapping ingress to an application
Enabling security in the Kubernetes Security Model
Provisioning networking within the Kubernetes cluster
Implementing multi-tenancy in a Kubernetes cluster
Who Can Benefit
Motivations: Perform core ‘day-1’ operational tasks on Kubernetes
Roles: Infrastructure and Integration engineers tasked with day-to-day application workload management; IT professionals looking to expand skills in Kubernetes administration
Familiarity with the bash shell
Filesystem navigation and manipulation
Command line text editors like vim or nano
Common tooling like curl, wget and ping
Familiarity with YAML and JSON notation
CN120 course or equivalent experience
Laptop with WiFi connectivity
Attendees should have the latest Chrome or Firefox installed, and a free account at strigo.io
Kubernetes High Availability
Review the basic architecture of a Kubernetes cluster
Install a well-validated HA Kubernetes cluster on a collection of hosts
Load balance kubectl commands across an HA Kubernetes cluster
Managing Application Deployment
Review how pods are scheduled on worker nodes
Examine the node selector
Discuss implementing the impact of taints and tolerations for Kubernetes workloads
Review both pod and node affinity and anti-affinity
Releasing Application Updates
Discuss releasing updates to applications running on the Kubernetes platform
Explore native tooling for updating application
Examine how Helm manages updating applications
Application High Availability
Review the architecture required to achieve high availability for applications
Discuss best practices for using liveness and readiness probes
Explore Kubernetes auto-scaling of applications
Discuss how to prioritizing Kubernetes workload
Routing Network Traffic
Discuss network routing options within Kubernetes
Discuss the benefits of the Ingress controller and object
Examine the Ingress object and controller pattern
Review available storage options for applications
Discuss constraints of persistent storage in a standard Kubernetes cluster deployment
Examine the storageClass object
Kube Security: Implementing RBAC
Discuss RBAC implementation within Kubernetes
Examine Kubernetes RBAC components
Review Auditing within Kubernetes
Determine how to enable Auditing within a Kubernetes cluster
Kubernetes Network Security
Review the the Kubernetes Networking Model
Discuss how Network Security is managed within the Kubernetes cluster
Examine managing network security with native and non-native Kubernetes tooling
Explain the native method of creating Network Policies
Securing an Application Workload
Identify security mechanisms available to security between containers, pods, and the Kubernetes cluster
Discuss strategies for enabling flexibility within security policy while maintaining security compliance
Examine how to enable Pod Security Policy
Multi-Tenancy in Kubernetes
Discuss multi-tenancy in a Kubernetes cluster
Examine native Kubernetes objects used for enabling multi-tenancy capability
Classes begin promptly at 9:00 am, and typically end at 5:00 pm.
Does the course schedule include a Lunchbreak?
Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.
How can someone reach me during class?
If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.
What languages are used to deliver training?
Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.
What does GTR stand for?
GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.
Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.
What does vendor-authorized training mean?
As a vendor-authorized training partner, we offer a curriculum that our partners have vetted. We use the same course materials and facilitate the same labs as our vendor-delivered training. These courses are considered the gold standard and, as such, are priced accordingly.
Is the training too basic, or will you go deep into technology?
It depends on your requirements, your role in your company, and your depth of knowledge. The good news about many of our learning paths, you can start from the fundamentals to highly specialized training.
How up-to-date are your courses and support materials?
We continuously work with our vendors to evaluate and refresh course material to reflect the latest training courses and best practices.
Are your instructors seasoned trainers who have deep knowledge of the training topic?
ExitCertified instructors have an average of 27 years of practical IT experience. They have also served as consultants for an average of 15 years. To stay up to date, instructors will at least spend 25 percent of their time learning new emerging technologies and courses.
Do you provide hands-on training and exercises in an actual lab environment?
Lab access is dependent on the vendor and the type of training you sign up for. However, many of our top vendors will provide lab access to students to test and practice. The course description will specify lab access.
Will you customize the training for our company’s specific needs and goals?
We will work with you to identify training needs and areas of growth. We offer a variety of training methods, such as private group training, on-site of your choice, and virtually. We provide courses and certifications that are aligned with your business goals.
How do I get started with certification?
Getting started on a certification pathway depends on your goals and the vendor you choose to get certified in. Many vendors offer entry-level IT certification to advanced IT certification that can boost your career. To get access to certification vouchers and discounts, please contact firstname.lastname@example.org.
Will I get access to content after I complete a course?
You will get access to the PDF of course books and guides, but access to the recording and slides will depend on the vendor and type of training you receive.
It is very good and very simple instructions. almost to much hand holding.
Easy to work with. Learning material pdfs were able to be printed out in color which was very nice to write on.
Overall ExitCertified is a great training provider and the remote learning is as effective as in person.
ExitCertified provided great learning material and the instructor was great.
it was good and very informative. Instructure covered everything in detail.