Course Outline
Introduction to Self-Managed Kubernetes
- Kubernetes architecture and core components
- Managed vs self-managed Kubernetes trade-offs
- Vendor lock-in concerns and sovereignty benefits
- Deployment options: kubeadm, kOps, and manual installation
Planning Your Infrastructure
- Hardware sizing for control plane and worker nodes
- High availability requirements and topologies
- OS selection and preparation (Ubuntu, RHEL, Rocky Linux)
- Network prerequisites and firewall configuration
Installing Container Runtimes
- Container runtime options: containerd vs CRI-O
- Installing and configuring containerd
- Installing and configuring CRI-O
- Runtime security considerations
Bootstrapping the Cluster with kubeadm
- Installing kubeadm, kubelet, and kubectl
- Initializing the first control plane node
- Configuring kubeconfig for cluster access
- Joining additional control plane nodes for HA
- Joining worker nodes to the cluster
Configuring High Availability
- Stacked vs external etcd topologies
- Setting up HAProxy or Keepalived for API server load balancing
- Certificate management and renewal
- Backup and recovery strategies for etcd
Container Networking
- CNI plugin selection: Calico, Cilium, Flannel, Weave
- Installing and configuring Calico
- Network policies for security
- Node-to-node communication and pod networking
- Exposing services without cloud load balancers
Service Load Balancing
- MetalLB for bare-metal load balancing
- Configuring Layer 2 and BGP modes
- Keepalived and HAProxy alternatives
- Ingress controller deployment (nginx, Traefik)
Storage Solutions
- Storage class and CSI driver concepts
- Local persistent volumes
- NFS provisioner setup
- Distributed storage options: Ceph RBD, OpenEBS
- Snapshot and cloning capabilities
Cluster Security
- Certificate authority and PKI management
- RBAC configuration and service accounts
- Pod security standards and admission controllers
- Securing the API server and etcd
- Image signing and verification
Self-Hosted Container Registry
- Harbor registry deployment
- Docker Registry setup
- Image replication and vulnerability scanning
- Registry authentication and integration
Monitoring and Observability
- Prometheus and Grafana stack deployment
- VictoriaMetrics as lightweight alternative
- Node and pod metrics collection
- Custom alerting rules and dashboards
- Log aggregation with Loki or Fluentd
Cluster Maintenance
- Kubernetes version upgrades using kubeadm
- Rolling updates for control plane components
- Certificate rotation procedures
- Node maintenance and cordoning
Backup and Disaster Recovery
- etcd backup and restore procedures
- Velero for cluster resource and PV backup
- Cross-site replication strategies
- Testing recovery procedures
Multi-Cluster Management
- Rancher or Portainer for cluster management
- Cluster federation concepts
- Workload distribution strategies
Requirements
- An understanding of containers and containerization
- Experience with Linux system administration
- Basic networking knowledge
- Familiarity with command line tools and SSH
Audience
- DevOps/SRE engineers
- System administrators
- Technical architects
- Infrastructure engineers seeking vendor independence
Custom Corporate Training
Training solutions designed exclusively for businesses.
- Customised Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
- Flexible Schedule: Dates and times adapted to your team's agenda.
- Format: Online (live), In-company (at your offices), or Hybrid.
Price per private group, online live training, starting from £4800 + VAT*
Contact us for an exact quote and to hear our latest promotions
Testimonials (3)
About the microservices and how to maintenance kubernetes
Yufri Isnaini Rochmat Maulana - Bank Indonesia
Course - Advanced Platform Engineering: Scaling with Microservices and Kubernetes
How trainer deliver knowledge so effectively
Vu Thoai Le - Reply Polska sp. z o. o.
Course - Certified Kubernetes Administrator (CKA) - exam preparation
The knowledge and the patience from the trainer to answer to our questions.
