Architecting with Google Kubernetes Engine

• Understand how software containers work.
• Understand the architecture of Kubernetes.
• Understand the architecture of Google Cloud.
• Understand how pod networking works in Google Kubernetes Engine.
• Create and manage Kubernetes Engine clusters using the Google Cloud Console and gcloud/kubectl commands.
• Launch, roll back, and expose jobs in Kubernetes.
• Manage access control using Kubernetes RBAC and IAM.
• Manage pod security policies and network policies.
• Use Secrets and ConfigMaps to isolate security credentials and configuration artifacts.
• Understand Google Cloud choices for managed storage services.
• Monitor applications running in Google Kubernetes Engine.

• Cloud architects, administrators, and SysOps/DevOps personnel
• Individuals using Google Cloud to create new solutions or to integrate existing systems, application environments, and infrastructure with Google Cloud.

• Completed “Google Cloud Fundamentals: Core Infrastructure” or have equivalent experience

Module 1: Introduction to Google Cloud Platform

• Use the Google Cloud Console
• Use Cloud Shell
• Define Cloud Computing
• Identify Google Cloud Compute Services
• Understand Regions and Zones
• Understand the Cloud Resource Hierarchy
• Administer your Google Cloud Resources

Module 2, Containers and Kubernetes in GCP

• Create a Container Using Cloud Build
• Store a Container in Container Registry
• Understand the Relationship Between Kubernetes and Google Kubernetes Engine (GKE)
• Understand how to Choose Among Google Cloud Compute Platforms

Module 3: Kubernetes Architecture

• Understand the Architecture of Kubernetes: Pods, Namespaces
• Understand the Control-plane Components of Kubernetes
• Create Container Images using Cloud Build
• Store Container Images in Container Registry
• Create a Kubernetes Engine Cluster

Module 4: Kubernetes Operations

• Work with the Kubectl Command.
• Inspect the Cluster and Pods.
• View a Pod’s Console Output.
• Sign in to a Pod Interactively.

Module 5: Deployments, Jobs, and Scaling

• Deployments
• Ways to Create Deployments
• Services and Scaling
• Updating Deployments
• Rolling Updates
• Blue/Green Deployments
• Canary Deployments
• Managing Deployments
• Jobs and CronJobs
• Parallel Jobs
• CronJobs
• Cluster Scaling
• Downscaling
• Node Pools
• Controlling Pod Placement
• Affinity and Anti-Affinity
• Pod Placement Example
• Taints and Tolerations
• Getting Software into your Cluster

Module 6: GKE Networking

• Introduction
• Pod Networking
• Services
• Finding Services
• Service Types and Load Balancers
• How Load Balancers Work
• Ingress Resource
• Container-Native Load Balancing
• Network Security

Module 7: Persistent Data and Storage

• Volumes
• Volume Types
• The PersistentVolume Abstraction
• More on PersistentVolumes
• StatefulSets
• ConfigMaps
• Secrets

Module 8: Access Control and Security in Kubernetes and Kubernetes Engine

• Understand Kubernetes Authentication and Authorization
• Define Kubernetes RBAC Roles and Role Bindings for Accessing Resources in Namespaces
• Define Kubernetes RBAC Cluster Roles and ClusterRole Bindings for accessing Cluster-scoped Resources
• Define Kubernetes Pod Security Policies
• Understand the Structure of IAM
• Define IAM roles and Policies for Kubernetes Engine Cluster Administration

Module 9: Logging and Monitoring

• Use Cloud Monitoring to monitor and manage availability and performance
• Locate and inspect Kubernetes logs
• Create probes for wellness checks on live applications

Module 10: Using GCP Managed Storage Services from Kubernetes Applications

• Understand Pros and Cons for Using a Managed Storage Service Versus Self-managed Containerized Storage
• Enable Applications Running in GKE to Access Google Cloud Storage Services
• Understand Use Cases for Cloud Storage, Cloud SQL, Cloud Spanner, Cloud Bigtable, Cloud Firestore, and BigQuery from within a Kubernetes Application

Module11: Logging and Monitoring

• CI/CD overview
• CI/CD for Google Kubernetes Engine
• CI/CD Examples
• Manage application code in a source repository that can trigger code changes to a continuous delivery pipeline.