Advanced Operations, Security & App Management in Kubernetes

Packt via Coursera

Go to class Write review

Details

Go to class

Provider

Coursera
Pricing

Paid Course
Languages

English
Certificate

Certificate Available
Effort

9 weeks, 1 hour a week
Sessions

Self-Paced
Level

Advanced
Subtitles

English

Found in

Overview

This course is designed to elevate your expertise in Kubernetes operations by focusing on advanced security enforcement, monitoring, service mesh integration, and platform automation. You will learn to optimize, secure, and scale Kubernetes environments for large-scale enterprise applications. Through detailed lectures and practical guidance, you will gain the skills necessary to implement robust security measures, manage runtime environments, and monitor clusters effectively. The course covers advanced topics like policy enforcement using Open Policy Agent and Gatekeeper, runtime security with KubeArmor, and backup strategies. You will also explore the fundamentals of Istio service mesh, best practices for application deployment, and provisioning a multitenant platform. The course combines in-depth theory with real-world applications to ensure that you can apply the concepts to your own Kubernetes deployments immediately. This course is ideal for Kubernetes professionals and cloud architects who want to deepen their knowledge of security and management in Kubernetes environments. Some familiarity with Kubernetes is required for this advanced course. This course is part three of a three-course Specialization designed to provide a comprehensive learning pathway in this subject area. While it delivers standalone value and practical skills, learners seeking a more integrated and in-depth progression may benefit from completing the full Specialization.

Syllabus

Extending Security Using Open Policy Agent

This module introduces learners to the Open Policy Agent (OPA) and its integration with Kubernetes for advanced security policy enforcement. You will explore writing, testing, and debugging policies using the Rego language, as well as building dynamic and reusable policy frameworks. Alternatives to Rego-based policies and practical deployment strategies are also discussed.

Node Security with Gatekeeper

This module explores advanced node security in Kubernetes, focusing on preventing container breakouts, designing secure containers, and leveraging Gatekeeper for policy enforcement. Learners will examine vulnerability scanning, compare policy mechanisms, and address challenges in multi-tenant environments. Practical debugging and authorization strategies are also covered to strengthen cluster security.

KubeArmor Securing Your Runtime

This module introduces the fundamentals of securing Kubernetes clusters at runtime using KubeArmor. Learners will explore multi-tenancy security, real-time policy logging, and practical tools for managing and monitoring cluster security. By the end, participants will be able to implement and troubleshoot KubeArmor in multi-tenant environments.

Backing Up Workloads

This module guides learners through the essentials of backing up and restoring Kubernetes workloads using Velero. You will explore setup, configuration, and management of Velero, including backing up persistent volumes, scheduling backups, and restoring data to the same or a new cluster. By the end, you'll be equipped to ensure data resilience and disaster recovery in Kubernetes environments.

Monitoring Clusters and Workloads

This module guides learners through monitoring Kubernetes clusters and workloads using tools like Prometheus, Alertmanager, Grafana, and OpenSearch. You will explore how to collect, visualize, and secure metrics and logs, as well as set up effective alerting and access controls. By the end, you'll be able to ensure cluster health and respond proactively to operational issues.

An Introduction to Istio

This module introduces learners to Istio, a service mesh for Kubernetes, focusing on its core concepts, security features, and resource management. You will explore how Istio manages traffic, enforces security policies, and provides observability through tools like Kiali. Practical examples and guided walkthroughs will help you understand and apply Istio's capabilities in real-world Kubernetes environments.

Building and Deploying Applications on Istio

This module explores how to design, build, and deploy applications within an Istio service mesh, focusing on both monolithic and microservices architectures. Learners will gain hands-on experience configuring authentication, authorization, and secure service-to-service communication using Istio features. Practical scenarios such as sticky sessions, JWT enforcement, and advanced authorization rules are covered to enhance application security and scalability.

Provisioning a Multitenant Platform

This module guides learners through the process of deploying applications on a multitenant Kubernetes platform, focusing on secure pipeline integration, technology stack selection, and platform architecture design. Learners will explore best practices for automating tenant onboarding, managing image registries, and implementing a GitOps workflow. By the end, participants will be equipped to design and provision scalable, secure multitenant environments.

Building a Developer Portal

This module guides learners through the process of setting up an internal developer portal, including customizing Kubernetes nodes, deploying infrastructure as code with Pulumi, and integrating essential DevOps tools like Vault and GitLab. Learners will also explore GitOps bootstrapping, tenant onboarding, and application deployment workflows. By the end, participants will understand how to promote applications from development to production in a secure, automated environment.