Course Taxonomy: Architecture

Advanced Kubernetes Boot Camp

Posted on October 17, 2020 by -

Part 1: Core Concepts

We’ll go deep into different terms of Kubernetes to understand what it takes to build and run scalable systems in production. There are design patterns that you can implement in Kubernetes to extend an existing application without having to change the source code, like a sidecar pattern.

  1. Kubernetes architecture
  2. Imperative commands and descriptive manifests
  3. Pods, deployments, services, namespaces, DaemonSets
  4. Exercise: Working with Pods
  5. Exercise: Working with ReplicaSet
  6. Exercise: Working with Deployments
  7. Exercise: Working with Services
  8. Multi-containers
  9. Init containers
  10. Exercise: Working with StatefulSet
  11. Working with multiple clusters (kubeconfig)
  12. Kubernetes design patterns

Part 2: Networking in Kubernetes

Understanding how networking works in Kubernetes is important because it will help you to configure networking patterns like service discovery for a microservices architecture. But another concept that is taking more relevance are service meshes. We’ll explore what a service mesh is, and we’ll practice using one of the most popular ones: Istio.

  1. Ingress networking
  2. Exercise: Working with Ingress
  3. Networking policies
  4. Exercise: Working with Networking Policies
  5. What’s a service mesh?
  6. Introduction to Istio
  7. Observability with Istio
  8. Networking security with Istio
  9. Canary releases with Istio
  10. Exercise: Working with Istio

Part 3: Creating Scalable and Fault-Tolerant Applications

Kubernetes has a lot of great features built in by implementing the controller pattern. But in many cases, our applications need to include small configurations to help Kubernetes make better decisions to support reliable applications. We’ll see what changes are needed in the applications, and then we’ll deploy and test a sample application.

  1. Working with configuration
  2. Exercise: Working with ConfigMaps
  3. Working with probes
  4. Exercise: Working with Probes
  5. Configuring requests and limits
  6. Taints and tolerations
  7. Exercise: Working with Taints and Tolerations
  8. Node selectors
  9. Configuring scaling policies
  10. Exercise: Configuring scaling policies

Part 4: Development Workflow in Kubernetes

Kubernetes doesn’t have to change the way developers build applications, but they might want to be involved or test in their local workstations when they’re done with their application changes. We’ll discuss some recommended practices and tools.

  1. Packaging and managing applications with Helm
  2. Exercise: Working with Helm
  3. Continuous delivery in Kubernetes
  4. Exercise: Continuous Delivery with Flux
  5. Logging and monitoring systems
  6. Troubleshooting application failures
  7. Exercise: Troubleshooting Applications
  8. Development Toolbox: State of the art

Part 5: Developing Stateful Services

Stateless services are great for certain use cases, but there are scenarios where an application needs to be able to store data permanently, or at least work with data that is not ephemeral. Databases are one example.

  1. Understanding persistent volumes
  2. Exercise: Working with PV and PVC
  3. Backup and restore in Kubernetes
  4. Exercise: Backup and restore with Velero
  5. Databases in Kubernetes

Part 6: Security Practices and Recommendations

Kubernetes is not secure by default, and there are many considerations that you need to be aware of if before exposing your applications to the public internet. Companies usually have existing security policies, so we’ll cover how these security practices apply in a Kubernetes ecosystem.

  1. Authentication and Authorization
  2. Integration with AWS and IAM
  3. Docker image and pods security
  4. Pod Security Context and Policies
  5. Secrets encryption using KMS
  6. Exercise: Security in Kubernetes

Part 7: Extending the Kubernetes API

There are times where we need to extend the Kubernetes API to operate systems more easily. Not everyone will need to build something to extend the Kubernetes API, but it’s very valuable to understand the what, when, and how of custom resource definitions and the operator pattern.

  1. Custom Resource Definition (CRD)
  2. Custom Controllers
  3. Operator Pattern
  4. Operator Framework
  5. Exercise: Creating an Operator

Part 8: What’s Next for Kubernetes?

We’ll discuss other topics related to Kubernetes that might not fit everyone’s use cases, but that as a Kubernetes user you might want to be aware of. For instance, we’ll talk a little bit about having federated clusters, hybrid workloads, and several important tools from the CNCF.

Microservices Engineering Boot Camp

Posted on October 17, 2020 by -

Part 1: Intro to Microservices

  1. Optimize for speed, not efficiency
  2. Case Study: General Electric
    1. Throughput
    2. Waste
  3. Amazon Web Services Case Study (SOA/Microservices)
    1. Problem: Scaling the Organization and the ‘Big ball of mud’
    2. Conway’s Law
    3. Service Oriented Architecture
    4. Forced Self Service Mandate
    5. Result: Amazon dominance of cloud
    6. Result: High velocity at scale
  4. Intro to Containers (encapsulation)
    1. What is Docker
    2. Exercise: Install Docker
    3. Exercise: Docker Hello World
    4. Docker ecosystem
    5. Docker concepts
    6. Container encapsulation/ideal use cases
      1. Encapsulation
      2. Speed
      3. Increased utilization of computing resources
    7. Benefits
      1. Configure once, run everywhere
    8. VM’s vs Container use cases
      1. Databases & stateless workloads
    9. Docker Architecture
    10. Exercise: Docker 101 – Web App
    11. Docker File System
    12. Docker Images
    13. Exercise: Stateless Web App
    14. Local Registry
    15. Data Volumes
    16. Exercise: Docker 201 – Compose Multi-tier app
    17. Continuous integration patterns
    18. Docker Security
    19. Continuous Integration
      1. Canary Release
      2. Blue Green Deployment
      3. A/B Testing
      4. Rolling Update
      5. Jenkins Plugin
  5. Microservice challenge: Continuous Integration Service
    1. On-Premise
      1. Jenkins
    2. SaaS Service
      1. Shippable
      2. Jenkins
      3. TravisCI
    3. Exercise: Trigger build/tests from change

Part 2: Microservices in Development

  1. Uber Case Study
    1. 2000 services, 1000 engineers
    2. Tradeoffs
      1. Plus – overall development speed
      2. Cons – technical challenges
  2. Box Case Study
    1. Traditional service deployment with bare metal
    2. 10x faster workflow with DevOps practices
  3. Microservice challenge: Image repository
    1. Docker repository development instance
    2. On-Premise Service
      1. Quay by CoreOS
    3. SaaS solution
      1. Docker Hub
      2. JFrog
    4. Exercise: Submit image to service
    5. Exercise: Pull image from service
  4. Intro to Kubernetes (Containers at Google)
    1. Prerequisites
    2. Containers
    3. Linux Kernel Features
    4. Container User Experience
    5. New Container Capabilities
    6. Gaps using Containers in Production
  5. Exercise: Kubernetes 100: Hello World
  6. Core Concepts
    1. Cluster Orchestration
    2. Originated at Google
    3. Open Source
    4. Benefits
    5. Design Principles
  7. Architecture
    1. Master/Node
    2. Kubectl
    3. Replication Controller
    4. Kubelet
    5. Kube-Proxy
    6. Persistent Volumes
    7. Etcd
    8. High Availability
    9. Exercise: Kubernetes 101: Stateless web app
  8. Kubernetes Features
    1. Pods
    2. Labels
    3. Services
    4. Namespaces
    5. Resource Quota
  9. Exercise: Kubernetes 201: Guestbook app

Part 3: Microservices in Production

  1. Spotify Case Study
    1. 810 Services, 477 engineers
  2. Microservice challenge: Service discovery
    1. Skydns
    2. Consul
  3. Exercise: Resolve service with DNS
  4. Security
    1. Goals
    2. Roles
    3. Attribute Based Access Control
    4. Policies
    5. Service Accounts
    6. Secrets
  5. Forth Microservice challenge: Secrets
    1. Vault
    2. Kubernetes Secrets API
  6. Exercise: Kubernetes – Store database credentials in cluster
  7. Cluster Add-ons
    1. Cluster DNS
    2. Logging with Elasticsearch and Fluentd
    3. Container Level Monitoring
    4. cAdvisor
    5. InfluxDB
    6. Prometheus
  8. Exercise: WordPress on Kubernetes
  9. Managing state with disposable architectures
    1. Tradeoffs, standalone vs containerized databases
    2. CAP Theorem
    3. SQL Databases
    4. NOSQL Databases
  10. Exercise: Cassandra on Kubernetes
  11. Practicing Failure
    1. Optimize MTTR
  12. Netflix Case Study
    1. Simian Army
    2. Graceful handling of failure

Part 4: Putting it all together

  1. Why Microservices?
    1. Scale an organization
    2. Tradeoffs
    3. Fault Tolerance
    4. Throughput
    5. Waste
  2. Kubernetes Alpha Features
    1. Multi-Datacenter Control Plane
    2. RBAC/Multi-tenancy
  3. Openshift/Mesos/Other PaaS platforms
  4. Exercise: Customize Microservice App
  5. Exercise: Scale app for simulated demand
  6. Review of Microservice Challenges
    1. Secure Images
    2. Highly available application
    3. Secrets
    4. Continuous Integration
    5. DNS Name resolution
  7. Summary