Overview
Learn how to deploy and manage containerized applications on Google Kubernetes Engine (GKE). Learn how to use other tools on Google Cloud that interact with GKE deployments. This course features a combination of lectures, demos, and hands-on labs to help you explore and deploy solution elements—including infrastructure components like pods, containers, deployments, and services—along with networks and application services. You'll also learn how to deploy practical solutions, including security and access management, resource management, and resource monitoring.
Who this course is for
Cloud architects, administrators, and SysOps/DevOps personnel.
Individuals using Google Cloud to create new solutions or to integrate existing systems, application environments, and infrastructure with Google Cloud
Products
- Google Kubernetes Engine
- Google Cloud networking
- Google Cloud Storage
- Cloud IAM
- Cloud Observability
- Cloud SQL
- Cloud Deploy
Content Breakdown
7 modules · 6 labs · 14 classroom activities
Prerequisites
Completed “Getting Started with Google Kubernetes Engine” or have equivalent experience
Learning Outcomes
- Create and manage workloads in Google Kubernetes Engine.
- Explain how pod networking works in Google Kubernetes Engine.
- Define and work with different Kubernetes storage abstractions.
- Describe and manage authentication, authorization, and security in Google Kubernetes Engine.
- Monitor applications running in Google Kubernetes Engine.
- Explore Google Cloud managed storage services options.
- Configure CI/CD pipelines for Google Kubernetes Engine.
Course Outline
Module 0 Course Introduction
Topics
-
Course introduction
Objectives
-
Introduce the course goals and preview each section of the course.
Module 01 Workloads: Deployments and Jobs
Topics
-
Creating deployments.
-
Inspecting deployments.
-
Updating deployments.
-
Adopting other deployment strategies.
-
Using Jobs and Cronjobs
-
Cluster scaling.
-
Controlling Pod placement with labels and affinity rules.
-
Controlling Pod placement with taints and tolerations.
-
Getting software into your cluster.
Objectives
-
Define, configure, inspect, manage, and update Deployments.
-
Define what Jobs and CronJobs are in GKE, and explore relevant use cases. Create and run Jobs.
-
Explain how to scale clusters manually and automatically.
-
Configure node and pod affinity
Activities
-
Quiz
-
(Lab) Creating Google Kubernetes Engine Deployments
Module 02 Google Kubernetes Engine Networking
Topics
-
Pod networking
-
Kubernetes Services
-
Service type and load balancers
-
Ingress
-
Container-native load balancing
-
Network policies
Objectives
-
Explore Kubernetes networking, including Pod and cluster networking.
-
Create services to expose to applications running within Pods.
-
Configure load balancers to expose services to external clients. Explore containernative load balancing in GKE.
-
Configure Google Kubernetes Engine networking
Activities
-
Quiz
-
(Lab) Configuring Google Kubernetes Engine (GKE) Networking
Module 03 Persistent Data and Storage
Topics
- Volumes
- Ephemeral volumes
- Durable volumes
- Statefulsets
- Configmaps
- Secrets
Objectives
- Define and work with Kubernetes storage abstractions.
- Run and maintain sets of pods using StatefulSets.
- Use ConfigMaps to decouple configuration from Pods.
- Manage and store sensitive access and authentication data.
- Configure persistent storage for Google Kubernetes Engine.
Activities
- Quiz
- (Lab) Configuring Persistent Storage for Google Kubernetes Engine
Module 04 Access Control and Security in Kubernetes and Google Kubernetes Engine
Topics
- Explore Kubernetes authentication and authorization.
- Define Kubernetes RBAC and how it works with IAM to secure GKE clusters.
- Configure Workload Identity to access Google Cloud services from within GKE.
- Secure GKE with Pod Security Standards and Pod Security Admission.
- Implement Role-Based Access Control with GKE.
Objectives
- Authentication and authorization
- Kubernetes role-based access control
- Workload Identity
- Kubernetes control plane security
- Pod security
Activities
- Quiz
- (Lab) Securing Google Kubernetes Engine with Cloud IAM and Pod Security Admission
Module 05 Google Kubernetes Engine Logging and Monitoring
Topics
- Cloud Observability
- Cloud Logging
- Cloud Monitoring
- Inspecting logs with the kubectl command
- Inspecting logs with Cloud Logging and logging agents
Objectives
- Identify the tools included in the Google Cloud Observability .
- Configure the Google Cloud operations suite to monitor and manage the availability and performance.
- Inspect logs using the kubectl command.
- Inspect Kubernetes logs using Google Cloud Observability.
- Configure GKE-native Monitoring and Logging.
Activities
- Quiz
- Lab: Configuring GKE-Native Monitoring and Logging
Module 06 Using Google Cloud Managed Storage Services with Google Kubernetes Engine
Topics
- Using Google Cloud services.
- Using Cloud Storage
- Using Google Cloud databases
- Using Cloud SQL and SQL Auth Proxy.
- Comparing storage options.
Objectives
- Contrast managed storage services with self-managed storage.
- Identify use cases for Cloud Storage for Kubernetes applications.
- Compare the range of Google Cloud managed database services.
- Explore Cloud SQL Auth Proxy and how it connects to Cloud SQL from within GKE.
- Use Cloud SQL with Google Kubernetes Engine.
Activities
- Quiz
- (Lab) Using Cloud SQL with Google Kubernetes Engine and Workload Identity
Module 07 Using CI/CD with Google Kubernetes Engine
Topics
- What is CI/CD?
- CI/CD pipeline construction
- CI/CD tools available in Google Cloud
- Best practices for using CI/CD on Google Cloud
Objectives
- Define continuous integration and continuous delivery and identify why it is important.
- Examine CI/CD pipelines and how they can optimize app releases.
- Explore first-party and third-party CI/CD tools supported by Google Cloud.
- Explore Google’s best practices for a GKE CI/CD pipeline
Activities
- Quiz
Module 08 Course Summary
Topics
- Course Summary
Objectives
- Review the main objectives from each section of the course
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.