AMA31 – Running Containers on Amazon Elastic Kubernetes Service (Amazon EKS)
AMA31 - Running Containers on Amazon Elastic Kubernetes Service (Amazon EKS)
Course description
Amazon EKS makes it easy for you to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane. In this course, you will learn container management and
orchestration for Kubernetes using Amazon EKS.
You will build an Amazon EKS cluster, configure the environment, deploy the cluster, and then add applications to your cluster. You will manage container images using Amazon Elastic Container Registry (ECR) and learn how to automate application deployment. You will deploy applications using CI/CD tools. You will learn how to monitor and scale your environment by using metrics, logging, tracing, and
horizontal/vertical scaling. You will learn how to design and manage a large container environment by designing for efficiency, cost, and resiliency. You will configure AWS networking services to support the cluster and learn how to secure your Amazon EKS environment.
Activities
This course includes instructor lecture, presentations, hands-on labs, demonstrations, and group exercises/discussions.
Course objectives
In this course, you will learn to:
Describe Kubernetes and Amazon EKS fundamentals and the impact of containers on workflows.
Build an Amazon EKS cluster by selecting the correct compute resources to support worker nodes.
Secure your environment with AWS Identity and Access Management (IAM) authentication and
Kubernetes Role Based Access Control (RBAC) authorization.
Deploy an application on the cluster. Publish container images to Amazon ECR and secure access via IAM policy.
Deploy applications using automated tools and pipelines. Create a GitOps pipeline using WeaveFlux.
Collect monitoring data through metrics, logs, and tracing with AWS X-Ray and identify metrics for performance tuning. Review scenarios where bottlenecks require the best scaling approach using horizontal or vertical scaling.
Assess the tradeoffs between efficiency, resiliency, and cost and the impact of tuning for one over the others. Describe and outline a holistic, iterative approach to optimizing your environment.
Design for cost, efficiency, and resiliency
Configure AWS networking services to support the cluster. Describe how Amazon Virtual Private
Cloud (VPC) supports Amazon EKS clusters and simplifies inter-node communications. Describe the
function of the VPC Container Network Interface (CNI). Review the benefits of a service mesh.
Upgrade your Kubernetes, Amazon EKS, and third party tools.
Intended audience
This course is intended for people who provide container orchestration management in the AWS Cloud including:DevOps engineers
Systems administrators
Prerequisites
We recommend that attendees of this course have:
Completed Introduction to Containers
Completed Amazon Elastic Kubernetes Service (EKS) Primer
Completed AWS Cloud Practitioner Essentials (or equivalent real-world experience)
Basic Linux administration experience
Basic network administration experience
Basic knowledge of containers and microservices
Course outline
Day 1
Module 0: Course Introduction
Course preparation activities and agenda
Module 1: Kubernetes Fundamentals
Container orchestration
Kubernetes objects
Kubernetes internals
Module 2: Amazon EKS Fundamentals
Introduction to Amazon EKS
Amazon EKS control plane
Amazon EKS data plane
Fundamentals of Amazon EKS security
Amazon EKS API
Module 3: Building an Amazon EKS Cluster
Configuring your environment
Creating an Amazon EKS cluster
Demo: Deploying a cluster
Deploying worker nodes
Demo: Completing a cluster configuration
Preparing for Lab 1: Building an Amazon EKS Cluster
Module 4: Deploying Applications to Your Amazon EKS Cluster
Configuring Amazon Elastic Container Registry (Amazon ECR)
Demo: Configuring Amazon ECR
Deploying applications with Helm
Demo: Deploying applications with Helm
Continuous deployment in Amazon EKS
GitOps and Amazon EKS
Preparing for Lab 2: Deploying Applications
Day 2
Module 5: Configuring Observability in Amazon EKS
Configuring observability in an Amazon EKS cluster
Collecting metrics
Using metrics for automatic scaling
Managing logs
Application tracing in Amazon EKS
Gaining and applying insight from observability
Preparing for Lab 3: Monitoring Amazon EKS
Module 6: Balancing Efficiency, Resilience, and Cost Optimization in Amazon EKS
The high level overview
Designing for resilience
Designing for cost optimization
Designing for efficiency
Module 7: Managing Networking in Amazon EKS
Review: Networking in AWS
Communicating in Amazon EKS
Managing your IP space
Deploying a service mesh
Preparing for Lab 4: Exploring Amazon EKS Communication
Day 3
Module 8: Managing Authentication and Authorization in Amazon EKS
Understanding the AWS shared responsibility model
Authentication and authorization
Managing IAM and RBAC
Demo: Customizing RBAC roles
Managing pod permissions using RBAC service accounts
Module 9: Implementing Secure Workflows
Securing cluster endpoint access
Improving the security of your workflows
Improving host and network security
Managing secrets
Preparing for Lab 5: Securing Amazon EKS
Module 10: Managing Upgrades in Amazon EKS
Planning for an upgrade
Upgrading your Kubernetes version
Amazon EKS platform versions