09:30 – 17:30
(Total 24 training hours)
Cantonese, Supplemented with English terminology
Course Name: Architecting with Google Kubernetes Engine
Certificate: A minimum of 70% attendance rate is required for awarding of a completion certificate
Application Deadline: 7 days before the course
Remark: Please Bring your own laptop (BYOD) to classes.
What Will You Achieve
- Understand how software containers work.
- Understand the architecture of Kubernetes.
- Understand the architecture of Google Cloud.
- Understand how pod networking works in Google Kubernetes Engine.
- Create and manage Kubernetes Engine clusters using the Google Cloud Console and gcloud/kubectl commands.
- Launch, roll back, and expose jobs in Kubernetes.
- Manage access control using Kubernetes RBAC and IAM.
- Manage pod security policies and network policies.
- Use Secrets and ConfigMaps to isolate security credentials and configuration artifacts.
- Understand Google Cloud choices for managed storage services.
- Monitor applications running in Google Kubernetes Engine.
Who Is This Course For?
- Cloud architects, administrators, and SysOps/DevOps personnel
- Individuals using Google Cloud to create new solutions or to integrate existing systems, application environments, and infrastructure with Google Cloud.
- Use the Google Cloud Console
- Use Cloud Shell
- Define Cloud Computing
- Identify Google Cloud Compute Services
- Understand Regions and Zones
- Understand the Cloud Resource Hierarchy
- Administer your Google Cloud Resources
- Create a Container Using Cloud Build
- Store a Container in Container Registry
- Understand the Relationship Between Kubernetes and Google Kubernetes Engine (GKE)
- Understand how to Choose Among Google Cloud Compute Platforms
- Understand the Architecture of Kubernetes: Pods, Namespaces
- Understand the Control-plane Components of Kubernetes
- Create Container Images using Cloud Build
- Store Container Images in Container Registry
- Create a Kubernetes Engine Cluster
The Kubectl Command
- Ways to Create Deployments
- Services and Scaling
- Updating Deployments
- Rolling Updates
- Blue/Green Deployments
- Canary Deployments
- Managing Deployments
- Jobs and CronJobs
- Parallel Jobs
- Cluster Scaling
- Node Pools
- Controlling Pod Placement
- Affinity and Anti-Affinity
- Pod Placement Example
- Taints and Tolerations
- Getting Software into your Cluster
- Pod Networking
- Finding Services
- Service Types and Load Balancers
- How Load Balancers Work
- Ingress Resource
- Container-Native Load Balancing
- Network Security
- Volume Types
- The Persistent Volume Abstraction
- More on PersistentVolumes
- Understand Kubernetes Authentication and Authorization
- Define Kubernetes RBAC Roles and Role Bindings for Accessing Resources in Namespaces
- Define Kubernetes RBAC Cluster Roles and ClusterRole Bindings for
- Accessing Cluster-scoped Resources
- Define Kubernetes Pod Security Policies
- Understand the Structure of IAM
- Define IAM roles and Policies for Kubernetes Engine Cluster Administration
- Use Cloud Monitoring to monitor and manage availability and performance
- Locate and inspect Kubernetes logs
- Create probes for wellness checks on live applications
- Understand Pros and Cons for Using a Managed Storage Service Versus Self-managed Containerized Storage
- Enable Applications Running in GKE to Access Google Cloud Storage Services
- Understand Use Cases for Cloud Storage, Cloud SQL, Cloud Spanner, Cloud Bigtable, Cloud Firestore, and BigQuery from within a Kubernetes Application
- CI/CD overview
- CI/CD for Google Kubernetes Engine
- CI/CD Examples
- Manage application code in a source repository that can trigger code changes to a continuous delivery pipeline.