Course Overview
Please note attendees work together in teams of 5 as a minimum and the pricing advertised is per team of 5.
Course Content
Technical Scenarios
- Application Containerization: move services to container technology and leverage the cloud using AKS
- Security: networking, RBAC and secret management to ensure correct permissions for each cluster
- Mixed-Workloads: running both Windows and Linux workloads in a single cluster
- Observability: the ability to understand and manage the health of your applications through tools like Azure Monitor
Who should attend
- Customers that are looking to modernize their applications by leveraging AKS
- Customers that are looking to improve their skill set and knowledge of running production workloads in AKS
- App Developers
- Software Engineers
- Cloud Solution Architects
Prerequisites
To be successful and get the most out of this OpenHack and to avoid any delays with downloading or installing tooling, you are encouraged to have the following ready to go and to review the links and resources listed (as needed for upskilling).
- Visual Studio or VSCode
- Docker for Windows or Docker for Mac
- Terminal environment: Powershell or Bash
- Azure CLI v2.0.70+ installed in terminal of choice
- Kubectl v1.15.x installed in terminal of choice
- Helm 2.14.2
- Git
- Review the following links and resources:
- Docker Networking
- Kubernetes Basics Tutorial
- Optional self-paced workshop on AKS for more hands on preparation prior to the OpenHack event
- Pull the SQL Server Docker image: docker pull mcr.microsoft.com/mssql/server:2017-latest
What tools will I need?
- You will need Docker, Command Prompt (powershell/bash/wsl), kubectl, and Helm. VSCode which the Kubernetes extension is also useful.
Course Objectives
The challenges in this OpenHack are inspired from real-world scenarios where customers are looking to modernize their application by moving to containers, so that they can meet the demands of their large, and scaling, workloads.
During the “hacking” attendees will focus on configuring an AKS cluster with production concerns in mind such as security (secret management and RBAC) and observability (logging and monitoring).
By the end of the OpenHack, attendees will have built out a technical solution that has cluster(s) ready for production – meeting top-quality security, observability and networking requirements.
Technologies:
Linux and Windows Containers, Azure Kubernetes Service, Azure Container Registry, Virtual Machine, Networking, Storage, Azure Monitor, Key Vault, Service Mesh
Outline: OpenHack – Containers (OHCTS)
Challenge 1: But First, Containers
- Use Docker to build and run containers locally
- Push images to Azure Container Registry
Challenge 2: Getting Ready for Orchestration
- Deploy microservices to a basic Azure Kubernetes Service cluster
- Get familiar with basic Kubernetes concepts
Challenge 3: To Orchestration and Beyond
- Use Azure Kubernetes Service to configure and create an RBAC enabled Kubernetes cluster in an existing VNET
- Use namespaces to logically separate microservices
- Implement Ingress for the application on the cluster
Challenge 4: Putting the Pieces Together
- Deploy containers from Challenge 1 to the Kubernetes cluster with proper RBAC configurations
- Manage and secure secrets with Azure Key Vault
Challenge 5: Wait, What’s Happening?
- Use Azure Monitor to monitor the health of the AKS cluster
- Create alerts to detect issues
Challenge 6: Locking it Down
- Improve cluster security using network policies and pod security policies
- Configure RBAC roles and permissions for the AKS cluster
Challenge 7: Mixed Emotions
- Add Windows nodes to AKS cluster and deploy a legacy Windows app
- Use Taints and Tolerations to implement best practices when running mixed workloads in a cluster
- Upgrade a deployment in the cluster
Challenge 8: Doing More with Service Mesh
- Use service mesh technology to expand on security and observability