0% completed

All LessonsFree Lessons (4)

Kubernetes Primer

Kubernetes Background Where Did Kubernetes Come From?The Operating System of the Cloud Quiz: Kubernetes Primer Summary: Kubernetes Primer

Kubernetes Principles of Operation

Kubernetes from 40K Feet Control Plane and Nodes: Control Plane Control Plane and Nodes: Worker Nodes Packaging Apps for Kubernetes The Declarative Model and the Desired State Pods Deployments Quiz: Kubernetes Principles Summary: Kubernetes Principles

Getting Kubernetes

Local Kubernetes Cluster Hosted Kubernetes Cluster Working with kubectl Summary: Getting Kubernetes

Working With Pods: Theory

Pod Theory Pods and Scheduling Pod Life Cycle How Do We Deploy Pods?Multi-Container Pods: Init Containers Quiz: Theory of Working with Pods Summary: Theory of Working with Pods

Working with Pods: Hands-On

Pod Manifest Files Manifest Files: Empathy as Code Introspecting Pods kubectl exec: Running Commands in Pods Check Pod Immutability Multi-Container Pod Example: Init Container Multi-Container Pod Example: Sidecar Container Quiz: Working Hands-On with Pods Summary: Working Hands-On with Pods

Virtual Clusters with Namespaces

Namespaces Namespace Use Cases Default Namespaces Creating and Managing Namespaces Deploying Objects to Namespaces Quiz: Virtual Clusters with Namespaces Summary: Virtual Clusters with Namespaces

Kubernetes Deployments

Deployment Theory ReplicaSets and Scaling Rolling Updates with Deployments How to Create a Deployment Accessing Deployments Accessing the Apps Performing a Rolling Update How to Perform a Rollback Quiz: Kubernetes Deployments Summary Kubernetes Deployments

Kubernetes Services: Theory

Introduction to Services Labels and Loose Coupling Services and Endpoints Objects Accessing Apps from Inside the Cluster Accessing Apps from Outside the Cluster Quiz: Theory of Kubernetes Services Summary: Theory of Kubernetes Services

Kubernetes Services: Hands-On

Create a Service—The Imperative Way Create a Service—The Declarative Way Introspecting Services and Endpoint Objects Quiz: Hands-On with Kubernetes Services Summary: Hands-On with Kubernetes Services

Ingress

Setting the Scene for Ingress Ingress Architecture Working with NGINX Controller Configure Host-Based and Path-Based Routing Inspecting Ingress Objects Quiz: Ingress Summary: Ingress

WebAssembly on Kubernetes

WebAssembly Primer Wasm on Kubernetes Build and Prepare the Wasm App Build and Configure Kubernetes for Wasm Deploy and Test the App Quiz: WebAssembly on Kubernetes Summary: WebAssembly on Kubernetes

Service Discovery: Deep Dive

Understanding Service Discovery The Service Registry Service Registration Service Discovery Service Discovery and Namespaces Troubleshooting Service Discovery Quiz: Service Discovery Summary: Service Discovery

Kubernetes Storage

The Big Picture Storage Providers and Container Storage Interface The Kubernetes Persistent Volume Subsystem Storage Classes and Dynamic Provisioning Provision Volume Using an Existing StorageClass Provision Volume by Creating a New StorageClass Quiz: Kubernetes Storage Summary: Kubernetes Storage

ConfigMaps

Introduction to ConfigMaps ConfigMap Theory Hands-On: Creating ConfigMaps Imperatively Hands-On: Creating ConfigMaps Declaratively Injecting ConfigMap and Secret Data into Pods and Containers Hands-On with Secrets Quiz: ConfigMaps Summary: ConfigMaps

StatefulSets

Introduction to StatefulSets Ordered Creation and Deletion Volumes and Handling Failures Network and Headless Services Hands-On with StatefulSets Creating a Governing Headless Service Deploy the StatefulSet Testing Peer Discovery Scaling StatefulSets Test a Pod Failure Quiz: StatefulSets Summary: StatefulSets

API Security and RBAC

API Security Big Picture

Authorization (RBAC)

Cluster-Level Users and Permissions

Admission Control

Quiz: API Security and RBAC

Summary: API Security and RBAC

Kubernetes API

Introduction to Kubernetes API API Analogy The API Server A Word on CRUD The API Inspecting the API Alpha, Beta, and Stable Quiz: Kubernetes API Summary: Kubernetes API

Threat Modeling Kubernetes

Introduction to Threat Modeling Spoofing Tampering Repudiation Information Disclosure Denial-of-Service Elevation of Privilege Protecting Pods Pod Security Admission Quiz: Threat Modeling Kubernetes Summary: Threat Modeling Kubernetes

Real-World Kubernetes Security

CI/CD Pipeline Moving Images From Non-Production to Production Workload Isolation Identity and Access Management (IAM)Auditing and Security Monitoring Quiz: Real-World Kubernetes Security Summary: Real-World Kubernetes Security

Conclusion

Glossary Wrap Up

Learn Kubernetes: A Deep Dive/

...

/

API Security Big Picture

API Security Big Picture

Learn about Kubernetes API request flow and policy checks for secure access.

We'll cover the following...

API security

Kubernetes is API-centric and the API is served through the API server. In this chapter, we’ll follow a typical API request as it passes through various security-related checks.

API security

All of the following make CRUD-style requests to the API server (create, read, update, delete):

Operators and developers using kubectl ...