Overview
Amazon Elastic Kubernetes Service (EKS) enables one to run Kubernetes on AWS without installing, operating and maintaining a Kubernetes Control Plane. This Amazon Web Services (AWS) authorized course discusses container management and orchestration for Kubernetes using Amazon EKS.
In this course, participants will build an Amazon EKS cluster, configure the environment, deploy the cluster, and then add applications to your cluster. The course covers how participants can manage container images using Amazon Elastic Container Registry (ECR) and automate application deployment. During the course, participants will learn how to deploy applications using CI/CD tools, how to monitor and scale the environment using metrics, logging, tracing, and horizontal/vertical scaling. The course covers how to design and manage a large container environment by designing for efficiency, cost, and resiliency. Participants would also learn how to configure AWS networking services to support the cluster and learn how to secure your Amazon EKS environment.
What You'll Learn
- Review and examine containers, Kubernetes, and Amazon EKS fundamentals as well as the impact of containers on workflows
- Secure your environment with AWS Identity and Access Management (IAM) authentication by creating an Amazon EKS service role for your cluster
- Publish container images to ECR and secure access via the IAM policy
- Automate and deploy applications, examine automation tools and pipelines
- Deploy an application on the cluster
- Create a GitOps pipeline using WeaveFlux
- Collect monitoring data through metrics logs, tracing with AWS X-ray, and identify metrics for performance tuning
- Review scenarios where bottlenecks that require the best scaling approach using horizontal or vertical scaling
- Build an Amazon EKS cluster by selecting the correct compute resources to support worker nodes
- Assess tradeoffs between efficiency, resiliency, and cost & impact for tuning one over the other
- Review the benefits of a service mesh
- Design for cost, efficiency, and resiliency
- Describe and outline a holistic, iterative approach to optimizing your environment
- Describe how EKS/Amazon Virtual Private Cloud (VPC) functions and simplifies inter-node communications
- Configure the AWS networking services to support the cluster
- Describe the function of the VPC Container Network Interface (CNI)
- Upgrade your Kubernetes, Amazon EKS, and third-party tools
Curriculum
- Design principles for building applications
- What are containers?
- Components of a container
- Writing Dockerfiles
- Challenges of managing many containers
- What is Kubernetes and why is it important?
- Components of the Kubernetes Control Plane
- Kubernetes worker nodes and pods
- Key Kubernetes objects
- Managing Kubernetes with kubectl
- Lab 1: Deploying Kubernetes Pods
- How Amazon EKS manages the Kubernetes control plane
- Fundamentals of Amazon EKS security
- Use cases for extending Amazon EKS to the data plane
- Running worker nodes on managed node groups
- Running containers on AWS Fargate with Amazon EKS
- Amazon EKS tasks vs. Kubernetes tasks
- Visual review of the Amazon EKS architecture to be built in labs
- Identity & Access Management (IAM) authentication
- Amazon Virtual Private Cloud (VPC) and AWS networking fundamentals
- Different methods to create a cluster
- High-level steps in cluster creation
- Function of eksctl
- Lab 2: Building an Amazon EKS Cluster
- Publishing container images to Amazon ECR
- Deploying applications with Helm
- Continuous deployment in Amazon EKS
- GitOps and Amazon EKS
- Lab 3: Deploying applications
- Configuring observability in Amazon EKS cluster
- Collecting metrics
- Using metrics to automatically scale EC2 Auto Scaling groups
- Managing logs
- Application tracing in Amazon EKS
- Gaining and applying insight from observability
- Lab 4: Monitoring Amazon EKS
- Optimizing your Amazon EKS application architecture
- Relationship between cost, efficiency, and resilience
- Anatomy of an Amazon EKS cluster from a cost perspective
- Using tagging with pod placement for cost accountability
- Sizing containers and worker nodes efficiently
- Fundamentals of the Virtual Private Cloud
- Importance of major communication components
- Communication flow in a non-containerized architecture
- Challenges of network communication in Kubernetes
- Comparing the Docker communication solution with the Kubernetes model
- How Amazon EKS and Amazon VPC simplify inter-node communications
- Managing pod communications in Amazon EKS
- Relationship between communications and scalability
- Running worker nodes in a subnet not associated with the cluster
- Managing service name resolution
- Using a service mesh with Amazon EKS
- Configuring AWS App Mesh
- Lab 5: Exploring Amazon EKS Communication
- How IAM integrates with Kubernetes Role-Based Access Control (RBAC)
- Managing cluster end-point access control
- Auditing access with AWS CloudTrail logs
- Mitigating security risks during the build of a container image
- Securing network communications
- Managing secrets
- Lab 6: Securing Amazon EKS
- Contrasting Kubernetes version updates and Amazon EKS platform version updates
- Upgrading your Amazon EKS version
- Maintaining your third-party applications
Who should attend
- Anyone who will provide container orchestration management in the AWS Cloud
- DevOps engineers
- System administrators
Prerequisites
- Basic Linux administration experience
- Basic network administration experience
- Basic knowledge of containers and Kubernetes
- Completed the Amazon Elastic Kubernetes Service Primer
- Completed the AWS Cloud Practitioner Essentials course or have equivalent real-world experience