Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Coursera

Advanced Networking, Security, and Traffic Management in AKS

Packt via Coursera

Go to class Write review

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
This course features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. In this course, you will gain hands-on experience configuring and securing an Azure Kubernetes Service (AKS) environment, focusing on advanced networking, security, and traffic management. By diving deep into topics like HTTP proxies, egress traffic filtering, and preserving client IP addresses, you'll develop the skills to manage secure and efficient networking solutions in AKS. The course is designed to help you leverage powerful tools such as Calico, Cilium, and Cilium’s Hubble for granular traffic management, as well as integrating security measures like TLS/HTTPS for inter-pod communication and ingress controllers. The course begins with foundational lessons on managing outbound traffic using HTTP proxies and progresses into more complex scenarios like filtering egress traffic and assigning static IPs. You’ll also explore how to secure communications within the AKS environment, from preserving client IP addresses to managing secrets through Azure Key Vault and Kubernetes CSI Volumes. Each module is complemented by detailed demonstrations and real-world scenarios to help reinforce key concepts and provide practical, actionable knowledge. This course is ideal for IT professionals, network engineers, and cloud architects looking to deepen their understanding of Kubernetes security and networking in a cloud-native environment. It is especially beneficial for individuals working with AKS in production environments, or those planning to manage secure and scalable applications using Kubernetes on Azure. By the end of the course, you will be able to confidently configure and secure AKS environments, manage traffic and network policies, ensure data persistence, and implement best practices for securing your Kubernetes workloads.

Syllabus

  • HTTP Proxy with AKS
    • In this module, we will explore how to configure and manage HTTP proxy settings in Azure Kubernetes Service (AKS). You'll gain practical knowledge on setting up a MITM proxy server to monitor and control traffic, and ensure non-HTTP traffic is appropriately handled.
  • Filtering Egress Traffic Using Network Policies
    • In this module, we will dive into filtering egress traffic in AKS using Kubernetes network policies. You'll learn to set up network policies with Calico and Cilium to restrict traffic, while leveraging monitoring tools for traffic logging and troubleshooting.
  • Assigning Static IP Addresses Using Kube Static Egress Gateway
    • In this module, we will examine the Kube Static Egress Gateway and its role in assigning static IP addresses for outbound traffic. You'll gain practical insights through a demo on configuring your AKS cluster for precise IP address assignments.
  • Preserving Client IP for Pods
    • In this module, we will cover how to preserve client IP addresses in an AKS environment. You’ll learn to configure your cluster for accurate traffic tracing and apply best practices using the Nginx Ingress Controller for enhanced security.
  • Working with Kubernetes StatefulSet for Data Persistence
    • In this module, we will delve into Kubernetes StatefulSet and its application in managing stateful applications with persistent data. You'll gain practical experience by deploying a MySQL cluster using StatefulSets in AKS for high availability and resilience.
  • Persist AKS Data Using Azure Disk
    • In this module, we will focus on using Azure Disk for ensuring persistent data storage within AKS. You will explore best practices for creating disks with redundancy options like LRS and ZRS, ensuring data integrity across multiple zones.
  • Persist AKS Data Using Azure Storage Blob
    • In this module, we will explore how Azure Blob Storage can be used to persist data for AKS workloads. You’ll learn to configure Blob Fuse with Managed Identity for secure and scalable storage solutions.
  • Creating a Snapshot for a Persistent Volume
    • In this module, we will explore the Kubernetes Snapshot API to create reliable backups for persistent volumes in AKS. You'll gain hands-on experience in securing your data with snapshot management techniques.
  • Copying Disks and File Shares in Kubernetes
    • In this module, we will cover the essential steps for copying Azure disks and file shares in AKS. You'll gain practical knowledge in migrating and backing up your data for greater flexibility and disaster recovery.
  • Creating an AKS Backup Using Azure Backup Vault
    • In this module, we will explore how to back up AKS clusters using Azure Backup Vault. You’ll learn to configure backup policies, trigger manual backups, and restore clusters to ensure business continuity in your Kubernetes environment.
  • Securing Cluster Secrets Using Secret Store CSI Volume
    • In this module, we will explore how to secure Kubernetes secrets with Azure Key Vault using the Secret Store CSI Volume. You’ll learn how to integrate and manage secrets efficiently while maintaining a high level of security.
  • Scheduling Pods on Nodepools
    • In this module, we will cover how to configure AKS namespaces and schedule Pods on specific node pools. You'll see how to manage resources efficiently by segmenting workloads across node pools.
  • Securing Traffic in Kubernetes
    • In this module, we will focus on securing traffic within your AKS environment, particularly ingress and inter-Pod communication. You’ll learn methods to safeguard sensitive data and secure communication channels in Kubernetes.
  • Securing Ingress Using TLS/HTTPS
    • In this module, we will explore how to secure ingress traffic with TLS/HTTPS in AKS. You will learn to manage TLS certificates for secure communication and implement security best practices with Azure Key Vault.
  • Securing Inter-Pod Communication Using TLS Certificates
    • In this module, we will focus on securing communication between Pods in AKS using TLS certificates. You’ll learn how to use Cert Manager for seamless HTTPS configuration to enhance inter-Pod security in your Kubernetes cluster.

Taught by

Packt - Course Instructors

Reviews

Start your review of Advanced Networking, Security, and Traffic Management in AKS

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.