Course Overview
Learn how to deploy and manage containerized applications on Google Kubernetes Engine (GKE). Learn how to use other tools on Google Cloud that interact with GKE deployments. This course features a combination of lectures, demos, and hands-on labs to help you explore and deploy solution elements—including infrastructure components like pods, containers, deployments, and services—along with networks and application services. You'll also learn how to deploy practical solutions, including security and access management, resource management, and resource monitoring.
Who should attend
- Cloud architects, administrators, and SysOps/DevOps personnel.
- Individuals using Google Cloud to create new solutions or to integrate existing systems, application environments, and infrastructure with Google Cloud.
Prerequisites
Complete Getting Started with Google Kubernetes Engine (GCP-GSGKE) or have equivalent experience.
Course Objectives
- Create and manage workloads in Google Kubernetes Engine.
- Explain how pod networking works in Google Kubernetes Engine.
- Define and work with different Kubernetes storage abstractions.
- Describe and manage authentication, authorization, and security in Google Kubernetes Engine.
- Monitor applications running in Google Kubernetes Engine.
- Explore Google Cloud managed storage services options.
- Configure CI/CD pipelines for Google Kubernetes Engine.
Follow On Courses
Outline: Architecting with Google Kubernetes Engine (AGKE)
Module 1 - Workloads: Deployments and Jobs
- Creating deployments.
- Inspecting deployments.
- Updating deployments.
- Adopting other deployment strategies.
- Using Jobs and Cronjobs
- Cluster scaling.
- Controlling Pod placement with labels and affinity rules.
- Controlling Pod placement with taints and tolerations.
- Getting software into your cluster.
Module 2 - Google Kubernetes Engine Networking
- Pod networking
- Kubernetes Services
- Service type and load balancers
- Ingress
- Container-native load balancing
- Network policies
Module 3 - Persistent Data and Storage
- Volumes
- Ephemeral volumes
- Durable volumes
- Statefulsets
- Configmaps
- Secrets
Module 4 - Access Control and Security in Kubernetes and Google Kubernetes Engine
- Explore Kubernetes authentication and authorization.
- Define Kubernetes RBAC and how it works with IAM to secure GKE clusters.
- Configure Workload Identity to access Google Cloud services from within GKE.
- Secure GKE with Pod Security Standards and Pod Security Admission.
- Implement Role-Based Access Control with GKE.
Module 5 - Google Kubernetes Engine Logging and Monitoring
- Cloud Observability
- Cloud Logging
- Cloud Monitoring
- Inspecting logs with the kubectl command
- Inspecting logs with Cloud Logging and logging agents
Module 6 - Using Google Cloud Managed Storage Services with Google Kubernetes Engine
- Using Google Cloud services
- Using Cloud Storage
- Using Google Cloud databases
- Using Cloud SQL and SQL Auth Proxy.
- Comparing storage options.
Module 7 - Using CI/CD with Google Kubernetes Engine
- What is CI/CD?
- CI/CD pipeline construction
- CI/CD tools available in Google Cloud
- Best practices for using CI/CD on Google Cloud
Module 8 - Course Summary