Running Containers on Amazon Elastic Kubernetes Service (Amazon EKS)
I. Overview:
Amazon EKS makes it easy for you to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane. In this three-day course, you will learn container management and orchestration for Kubernetes using Amazon EKS. You will build an Amazon EKS cluster, configure the environment, deploy the cluster, and add applications to your cluster. You will also manage container images using Amazon Elastic Container Registry (ECR) and learn how to automate application deployment. In addition, you will deploy applications using CI/CD tools. You will review how to monitor and scale your environment by using metrics, logging, tracing, and horizontal/vertical scaling. You will also learn how to design and manage a large container environment for efficiency, cost, and resiliency. Lastly, you will configure AWS networking services to support the cluster and learn how to secure your Amazon EKS environment.
II. Duration: 03 days
III. Objectives:
In this course, you will learn to:
- Review and examine containers, Kubernetes, and Amazon EKS fundamentals—and the impact of containers on workflows
- Build an Amazon EKS cluster by selecting the correct compute resources to support worker nodes
- Secure your environment with AWS Identity and Access Management (IAM) authentication by creating an Amazon EKS service role for your cluster
- Deploy an application on the cluster, then publish container images to ECR and secure access via IAM policy
- Automate and deploy applications; examine automation tools and pipelines; and create a GitOps pipeline using WeaveFlux
- Collect monitoring data through metrics, logs, and tracing with AWS X-Ray and identify metrics for performance tuning
- Review scenarios where bottlenecks require the best scaling approach using horizontal or vertical scaling
- Assess the tradeoffs between efficiency, resiliency, and cost—along with the impact of tuning one instead of the other
- Describe and outline a holistic, iterative approach to optimizing your environment, designing for cost, efficiency, and resiliency
- Configure AWS networking services to support the cluster and describe how EKS/Amazon Virtual Private Cloud (VPC) functions simplify inter-node communications
- Describe the function of the VPC Container Network Interface (CNI) and review the benefits of a service mesh
- Upgrade your Kubernetes, Amazon EKS, and third-party tools
IV. Intended Audience:
This course is intended for anyone who will provide container orchestration management in the AWS Cloud, including DevOps engineers and systems administrators.
V. Course outlines:
Module 0
- Course Introduction
- Course preparation activities and agenda
Module 1
- Container Fundamentals
- Design principles for building applications
- What are containers? Components of a container Writing Dockerfiles
Module 2
- Kubernetes Fundamentals
- Challenges of managing many containers
- What is Kubernetes and why is it important?
- Components of the Kubernetes control plane
- Kubernetes worker nodes and pods Key
- Kubernetes objects
- Managing Kubernetes with kubectl
- Hands-On Lab 1: Deploying Kubernetes Pods
Module 3
- Amazon EKS Fundamentals
- How Amazon EKS manages the Kubernetes control plane
- Fundamentals of Amazon EKS security
- Use cases for extending Amazon EKS to the data plane
- Running worker nodes on managed node groups
- Running containers on AWS Fargate with Amazon EKS
- Amazon EKS tasks versus Kubernetes tasks
Module 4
- Building an Amazon EKS Cluster
- Visual review of the Amazon EKS architecture to be built in labs
- IAM authentication
- Amazon VPC and AWS networking fundamentals
- Different methods to create a cluster
- High-level steps in cluster creation
- Function of eksctl
- Preparing for labs: Review the lab activities for the course
- Hands-On Lab 02: Building an Amazon EKS cluster
Module 5
- Deploying Applications to Your Amazon EKS Cluster
- Publishing container images to Amazon ECR
- Deploying applications with Helm
- Continuous deployment in Amazon EKS GitOps and Amazon EKS
- Hands-On Lab 03: Deploying applications
Module 6
- Architecting on Amazon EKS Part 1: Observe and Optimise
- Configuring observability in an Amazon EKS cluster
- Collecting metrics
- Using metrics to automatically scale EC2 Auto Scaling groups
- Managing logs
- Application tracing in Amazon EKS
- Gaining and applying insight from observability
- Hands-On Lab 04: Monitoring Amazon EKS
Module 7
- Architecting on Amazon EKS Part 2: Balancing Efficiency, Resiliency, and Cost
- Optimising your Amazon EKS application architecture
- Relationship between cost, efficiency, and resilience
- Anatomy of an Amazon EKS cluster from a cost perspective
- Using tagging with pod placement for cost accountability
- Sizing containers and worker nodes efficiently
Module 8
- Managing Networking in Amazon EKS
- Review: VPC fundamentals
- The importance of major communication components
- Communication flow in a non-containerised architecture
- Challenges of network communication in Kubernetes
- Comparing the Docker communication solution with the Kubernetes model
- How Amazon EKS and Amazon VPC simplify inter- node communications
- Managing pod communication in Amazon EKS
- The relationship between communications and scalability
- Running worker nodes in a subnet not associated with the cluster
- Managing service name resolution
- Using a service mesh with Amazon EKS
- Configuring AWS App Mesh
- Hands-On Lab 05: Exploring Amazon EKS Communication
Module 9
- Securing Amazon EKS Clusters
- How IAM integrates with Kubernetes Role Based Access Control (RBAC)
- Managing cluster endpoint access control
- Auditing access with AWS CloudTrail logs
- Mitigating security risks during the build of a container image
- Securing network communications
- Managing secrets
- Hands-On Lab 06: Securing Amazon EKS
Module 10
- Managing Upgrades in Amazon EKS
- Contrasting Kubernetes version updates and Amazon EKS platform version updates
- Upgrading your Kubernetes version
- Upgrading your Amazon EKS version
- Maintaining your third- party applications
Học trực tuyến
Học tại Hồ Chí Minh
Học tại Hà Nội