Anthos and GKE

Modernize, manage, and observe their applications using Kubernetes and Anthos

Through presentations, and hands-on labs, participants explore and deploy using Kubernetes Engine (GKE), Connect ,Istio service mesh and Anthos Config Management capabilities that enable operators to work with modern applications even when split among multiple clusters hosted by multiple providers, or on-premises. This is a continuation of Architecting with GKE and assumes hands-on experience with the technologies covered in that course.
More Information
Special Product No
Key Note Agilitics courses information , Agilitics courses information
Course feature 24x7 Support, Real-time code analysis and feedback, 100% Money Back Guarantee
Funding

This course is IMDA CITREP+ Funded for Delivery. Singaporeans can also use their SkillsFuture credit for this course.

Category

Type

Singapore Citizen

Permanent Residents(* with effect from 1 August 2017)

Training Course and Certification

Certification Only

Training Course and Certification

Certification Only

Organisation-Sponsored

Non SMEs

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

SMEs

Up to 90% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 90% of the nett payable course and certification fees, capped at $3,000 per trainee

Professionals (40 years old and above)

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Self-Sponsored

Professionals

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

Professionals (40 years old and above)

Up to 90% of the nett payable course and certification fees, capped at $3,000 per trainee

Students and/or Full Time National Service (NSF)

Up to 100% of the nett payable course and certification fees, capped at $2,500 per trainee

Up to 100% of the nett payable certification fees, capped at $500 per trainee

Not eligible

1) Professionals category includes displaced workers.2) This has been harmonised with SkillsFuture initiatives.*  CITREP+ funding does not support GST, VAT, registration fees, membership fees, rebates, renewal of certification, incentives, discounts or any training grant offered by any course providers or any other organisation in relation to the endorsed courses/certifications.

** For more details on CITREP+ funding support for students/NSF, please refer to CITREP+ Claim Application Guide.

Interested Audience You learn about, and compare, many of the computing and storage services available in Google Cloud Platform, including Google App Engine, Google Compute Engine, Google Kubernetes Engine, Google Cloud Storage, Google Cloud SQL, and BigQuery. You learn about important resource and policy management tools, such as the Google Cloud Resource Manager hierarchy and Google Cloud Identity and Access Management.

Agilitics courses information , Agilitics courses information

  • 24x7 Support

  • Real-time code analysis and feedback

  • 100% Money Back Guarantee

Course Description

This course is suitable for Cloud architects, administrators, and those working in SysOps/DevOps. Individuals using Google Cloud Platform to create new solutions or to integrate existing systems, application environments, and infrastructure with the Google Cloud Platform will also benefit from this course.

Walk away with the ability to:
  • Deploy Istio service mesh control-plane and proxies using the Helm Kubernetes package manager or using the Istio on GKE add-on

  • Centrally observe, discover, and monitor your microservices-based applications across clusters using Istio service mesh adapters, including Prometheus, Grafana, or Kiali, or Stackdriver

  • Define and manage multi-cluster services, with ingress, using open-source Istio via shared and multi-control plane topologies

  • Connect and manage on-premises clusters, and workloads using GKE On-Prem

  • Enable consistent policy enforcement across multi-cluster environments using a configuration-as-code approach and your secure Git repository

Target Audience

This course is intended for the following participants:

  • Technical employees using GCP, including customer companies, partners and system integrators: deployment engineers, cloud architects, cloud administrators, system engineers, and SysOps/DevOps engineers.

  • Individuals using GCP to create, integrate, or modernize solutions using secure, scalable microservices architectures in hybrid environments.

Prerequisites

To get the most of out of this course, you should have:

  • Completed Google Cloud Platform Fundamentals: Core Infrastructure or have equivalent experience

  • Completed Architecting with Google Kubernetes Engine or have equivalent experience

Key Objectives

The Objectives are: 

  • Explain how software containers work and the architecture of Kubernetes

  • Understand how pod networking works in Kubernetes Engine

  • Create and manage Kubernetes Engine clusters using the GCP Console and gcloud/ kubectl commands

  • Launch, roll back and expose jobs in Kubernetes

  • Manage access control using Kubernetes RBAC and Google Cloud IAM

  • Manage pod security policies and network policies

  • Use Secrets and ConfigMaps to isolate security credentials and configuration artifacts

  • Understand GCP choices for managed storage services

  • Monitor applications running in Kubernetes Engine

  • Deploy Istio service mesh control-plane and proxies using the Helm Kubernetes package manager or using the Istio on GKE add-on

  • Centrally observe, discover, and monitor your microservices-based applications across clusters using Istio service mesh adapters, including Prometheus, Grafana, or Kiali, or Stackdriver

  • Define and manage multi-cluster services, with ingress, using open-source Istio via shared and multi-control plane topologies

  • Connect and manage on-premises clusters, and workloads using GKE On-Prem

  • Enable consistent policy enforcement across multi-cluster environments using a configuration-as-code approach and your secure Git repository

Prequisitives
You learn about, and compare, many of the computing and storage services available in Google Cloud Platform, including Google App Engine, Google Compute Engine, Google Kubernetes Engine, Google Cloud Storage, Google Cloud SQL, and BigQuery. You learn about important resource and policy management tools, such as the Google Cloud Resource Manager hierarchy and Google Cloud Identity and Access Management.
Interested Audience
You learn about, and compare, many of the computing and storage services available in Google Cloud Platform, including Google App Engine, Google Compute Engine, Google Kubernetes Engine, Google Cloud Storage, Google Cloud SQL, and BigQuery. You learn about important resource and policy management tools, such as the Google Cloud Resource Manager hierarchy and Google Cloud Identity and Access Management.

Get a Peek at Our Success Stories

Featured Review

Puli

Develpoer

One of best I have encountered in my life. Freedom to interact and respond candidly and with courage for every question is not an easy task for Trainers which they did it exceptionally well.

Chun Ngee

Develpoer

The course is well structure. Timing is also right. The trainer Mr Raj is professional. And he asnwer all my question and doubts.

Sarbojit Bose

Develpoer

The course is one of the two in the track of Agile Professional Coach. It is designed to provide both wide and deep knowledge to become a competent Coach with the addirional skills of a Trainer and a Mentor. The two trainers, Preeth Panday and Naveen K Singh, are excellent Facilitators and Coaches with patience and promptness. Their mastery in this area stands out while their mode of delivery captures the interest of the trainees. They demonstrated professionalism with a personal touch.

About Funding Details

This course is IMDA CITREP+ Funded for Delivery. Singaporeans can also use their SkillsFuture credit for this course.

Category

Type

Singapore Citizen

Permanent Residents(* with effect from 1 August 2017)

Training Course and Certification

Certification Only

Training Course and Certification

Certification Only

Organisation-Sponsored

Non SMEs

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

SMEs

Up to 90% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 90% of the nett payable course and certification fees, capped at $3,000 per trainee

Professionals (40 years old and above)

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Self-Sponsored

Professionals

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

Up to 70% of the nett payable course and certification fees, capped at $3,000 per trainee

Up to 70% of the nett payable certification fees, capped at $500 per trainee

Professionals (40 years old and above)

Up to 90% of the nett payable course and certification fees, capped at $3,000 per trainee

Students and/or Full Time National Service (NSF)

Up to 100% of the nett payable course and certification fees, capped at $2,500 per trainee

Up to 100% of the nett payable certification fees, capped at $500 per trainee

Not eligible

1) Professionals category includes displaced workers.2) This has been harmonised with SkillsFuture initiatives.*  CITREP+ funding does not support GST, VAT, registration fees, membership fees, rebates, renewal of certification, incentives, discounts or any training grant offered by any course providers or any other organisation in relation to the endorsed courses/certifications.

** For more details on CITREP+ funding support for students/NSF, please refer to CITREP+ Claim Application Guide.

Training FAQ

Course Outline

Architecting with GKE
Module 1: Introduction to Google Cloud Platform
  • The Google Cloud Platform Console
  • Cloud Shell
  • Define cloud computing
  • Identify GCPs compute services
  • Regions and zones
  • The cloud resource hierarchy
  • Administer your GCP resources
Module 2: Containers and Kubernetes in GCP
  • Create a container using Cloud Build
  • Store a container in Container Registry
  • The relationship between Kubernetes and Google Kubernetes Engine (GKE)
  • How to choose among GCP compute platforms
Module 3: Kubernetes Architecture
  • The architecture of Kubernetes: pods, namespaces
  • The control-plane components of Kubernetes
  • Create container images using Google Cloud Build
  • Store container images in Google Container Registry
  • Create a Kubernetes Engine cluster
Module 4: Kubernetes Operations
  • Work with the kubectl command
  • Inspect the cluster and Pods
  • View a Pods console output
  • Sign in to a Pod interactively
Module 5: Deployments, Jobs, and Scaling
  • Create and use Deployments
  • Create and run Jobs and CronJobs
  • Scale clusters manually and automatically
  • Configure Node and Pod affinity
  • Get software into your cluster with Helm charts and Kubernetes Marketplace
Module 6: GKE Networking
  • Create Services to expose applications that are running within Pods
  • Use load balancers to expose Services to external clients
  • Create Ingress resources for HTTP(S) load balancing
  • Leverage container-native load balancing to improve Pod load balancing
  • Define Kubernetes network policies to allow and block traffic to pods
Module 7: Persistent Data and Storage
  • Use Secrets to isolate security credentials
  • Use ConfigMaps to isolate configuration artifacts
  • Push out and roll back updates to Secrets and ConfigMaps
  • Configure Persistent Storage Volumes for Kubernetes Pods
  • Use StatefulSets to ensure that claims on persistent storage volumes persist across restarts
Module 8: Access Control and Security in Kubernetes and Kubernetes Engine
  • Kubernetes authentication and authorisation
  • Kubernetes RBAC roles and role bindings for accessing resources in namespaces
  • Kubernetes RBAC cluster roles and cluster role bindings for accessing cluster-scoped resources
  • Define Kubernetes pod security policies
  • The structure of GCP IAM
  • IAM roles and policies for Kubernetes Engine cluster administration
Module 9: Logging and Monitoring
  • Use Stackdriver to monitor and manage availability and performance
  • Locate and inspect Kubernetes logs
  • Create probes for wellness checks on live applications
Module 10: Using GCP Managed Storage Services from Kubernetes Applications
  • Pros and cons for using a managed storage service versus self-managed containerised storage
  • Enable applications running in GKE to access GCP storage services
  • Use cases for Cloud Storage, Cloud SQL, Cloud Spanner, Cloud Bigtable, Cloud Firestore, and BigQuery from within a Kubernetes application

Anthos
Module 1: Anthos Overview
  • Understand Hybrid environments connected using Anthos
  • Explain problems identified and addressed when using Anthos with modern solution patterns
  • Describe the components of the Anthos technology stack
Module 2: Managing Hybrid Clusters using Kubernetes Engine
  • Understand the Anthos Compute Layer
  • Introduce the Anthos deployed on VMware cluster architecture
  • Explain the Anthos deployed on VMware components
  • Review initial networking considerations
  • Lab: Managing Hybrid Clusters using Kubernetes Engine
Module 3: Introduction to Service Mesh
  • Understand monolith to microservices evolution/transition and the benefits of service mesh
  • Discover how Istio is designed to resolve the challenges of microservices complexity using key control-plane components: Pilot, Mixer, and Citadel
  • Explain request routing whether service to service, or inbound when using Istio service mesh and the Envoy proxy
  • Lab A: Installing Open Source Istio on Kubernetes Engine
  • Lab B: Installing the Istio on GKE Add-On with Kubernetes Engine
Module 4: Observing Services using Service Mesh Adapters
  • Understand how the Mixer control-plane component enables telemetry collection, in on-premises and GCP environments, with the Istio adapter architecture
  • Observe telemetry with dashboards using Prometheus and Grafana
  • Trace application timing through services with Jaeger
  • Observe service topologies, relationships, and live traffic using Kiali
Module 5: Manage Traffic Routing with Service Mesh
  • Understand the Istio control-plane Pilot component
  • Review traffic management use cases including ingress and service to service flows
  • Configure and observe multiple methods of traffic management including version-specific routing, and shifting traffic gradually from one version of a microservice to another
  • Lab: Manage Traffic Routing with Istio and Envoy
Module 6: Manage Policies and Security with Service Mesh
  • Incrementally adopt Istio security across services using mTLS
  • Configure inbound authentication from outside the service mesh
  • Lab: Manage Policies and Security with Istio and Citadel
Module 7: Managing Policies using Anthos Config Management
  • Explain configuration challenges introduced when using multi-cluster topologies
  • Install Anthos Config Management, and connect your Git repository
  • Verify manual configuration changes (drift) are reversed, ensuring consistent policy
  • Update configuration using the Git repository and verify changes are applied
  • Lab: Managing Policies in Kubernetes Engine using Anthos Config Management
Module 8: Configuring Anthos GKE for Multi-Cluster Operation
  • Deploy shared control-plane, and multi control-plane architectures for multi-cluster deployments
  • Understand and configure DNS when locating external services
  • Understand and configure Citadel and certificates when enabling multi-cluster applications
  • Lab: Configuring GKE for Multi-Cluster Operation with Istio
  • Lab: Configuring GKE for Shared Control Plane Multi-Cluster Operation