Skip to content

kubernetesdaily/kubernetesdaily.github.io

Repository files navigation

Demystifying Container and Orchestration Ecosystem

Sponsors
Available Slots 1 Available Slots 2 Available Slots 3 Available Slots 4
Β 

Can't sponsor?
Consider nominating @sangam14 for a Github star.

The Ultimate ContainerD Workshop

No. Title Learn
1 History of ContainerD πŸ”—
2 Architecture of ContainerD πŸ”—
3 Introduction to runc πŸ”—
4 ContainerD CLI Ctr πŸ”—
5 Kata Containers πŸ”—
6 Firecraker - TODO πŸ”—
7 ContaiNerd + Nerdctl πŸ”—
8 contaiNERD + runwasi πŸ”—
9 Wasm + ContainerD + CRUN πŸ”—

The Ultimate Docker Workshop

git clone https://github.com/kubernetesdaily/dockerworkshop.git
50 Hands On Labs
No. Title Learn
1 Prerequisites πŸ”—
2 Hello World in Docker πŸ”—
3 Docker Image Filters πŸ”—
4 Images as Tar Files πŸ”—
5 Pushing to DockerHub πŸ”—
6 Building a Base Image πŸ”—
7 Dockerfile ADD πŸ”—
8 Dockerfile COPY πŸ”—
9 Dockerfile CMD πŸ”—
10 Dockerfile Entrypoint πŸ”—
11 Dockerfile WORKDIR πŸ”—
12 Dockerfile RUN πŸ”—
13 Dockerfile ARG πŸ”—
14 Dockerfile Volume πŸ”—
15 Dockerfile USER πŸ”—
16 Dockerfile HEALTHCHECK πŸ”—
17 Dockerfile ENV πŸ”—
18 Dockerfile ONBUILD πŸ”—
19 Multi-Container CLI πŸ”—
20 Multi-Arch Container πŸ”—
21 Docker Compose Basics πŸ”—
22 Docker Compose Volumes πŸ”—
23 Custom Dockerfile with Compose πŸ”—
24 PHP, Apache, and DB with Compose πŸ”—
25 Host Volume Mount πŸ”—
26 Named Volume Mount πŸ”—
27 Compose Build Command πŸ”—
28 Compose Config Command πŸ”—
29 Compose CP Command πŸ”—
30 Compose Create Command πŸ”—
31 Compose Down Command πŸ”—
32 Compose Events Command πŸ”—
33 Compose Exec Command πŸ”—
34 Compose Images Command πŸ”—
35 Compose Kill Command [πŸ”—](
36 Compose Logs Command [πŸ”—](
37 Compose ls Command [πŸ”—](
38 Compose Pause/Unpause [πŸ”—](
39 Compose Port Command πŸ”—](
40 Compose ps Command [πŸ”—](
41 Compose Pull Command [πŸ”—](
42 Compose Push Command [πŸ”—](
43 Compose Restart Command [πŸ”—](
44 Compose run Command [πŸ”—](
45 Compose Watch Command [πŸ”—](
46 Local Network Setup [πŸ”—](
47 Remote Network Setup [πŸ”—](
48 Networking in Compose [πŸ”—](
49 Compose Networking with Nginx [πŸ”—](
50 Docker Wordpress Example [πŸ”—](

The Ultimate Kubernetes Workshop

git clone https://github.com/kubernetesdaily/k8sworkshop.git

Cluster Architecture, Installation, and Configuration

No. Title Link
1 Includes configuring pre-requisites to install kubeadm πŸ”—
2 Use Kubeadm to install a basic cluster πŸ”—
3 Manage a highly-available Kubernetes cluster πŸ”—
4 Perform a version upgrade on a Kubernetes cluster using Kubeadm πŸ”—
5 Implement etcd backup and restore πŸ”—
6 Manage role based access control (RBAC) πŸ”—

Workloads , Scheduling, Application Design and Build

No. Title Link
1 Basics of Pod πŸ”—
2 Create POD with Command and Arguments πŸ”—
3 Multi-Container Pods πŸ”—
4 Labels & Selectors πŸ”—
5 Kubernetes Service πŸ”—
6 Understand deployments and how to perform rolling update and rollbacks πŸ”—
7 Use ConfigMaps and Secrets to configure applications πŸ”—
8 Understand the primitives used to create robust, self-healing, application deployments [πŸ”—](
9 Understand how resource limits can affect Pod scheduling
10 Awareness of manifest management and common templating tools

Services and Networking

No. Title
1 Understand host networking configuration on the cluster nodes
2 Understand connectivity between Pods
3 Understand ClusterIP, NodePort, LoadBalancer service types and endpoints
4 Know how to use Ingress controllers and Ingress resources
5 Know how to configure and use CoreDNS
6 Choose an appropriate container network interface plugin

Storage

No. Title
1 Understand storage classes, persistent volumes
2 Understand volume mode, access modes and reclaim policies for volumes
3 Understand persistent volume claims primitive
4 Know how to configure applications with persistent storage

Troubleshooting

No. Title
1 Evaluate cluster and node logging
2 Understand how to monitor applications
3 Manage container stdout & stderr logs
4 Troubleshoot application failure
5 Troubleshoot cluster component failure
6 Troubleshoot networking

Application Design and Build

No. Title
1 Define, Build, and Modify Container Images
2 Understand Jobs and CronJobs
3 Understand Multi-Container Pod Design Patterns
4 Utilize Persistent and Ephemeral Volumes

Application Deployment

No. Title
1 Deployments and Rolling Updates
2 Deployments and Rollbacks
3 Scale Applications
4 Deployment Patterns
5 Use the Helm Package Manager to Deploy Existing Packages

Application Environment, Configuration, and Security

No. Title
1 Discover and Use Resources that Extend Kubernetes
2 Understanding Authentication, Authorization and Admission Control
3 Resource Requests and Limits
4 LimitRanges
5 Namespace Quotas
6 ConfigMaps
7 Secrets
8 Mounting ConfigMaps/Secrets as Volumes or Environment Variables
9 Service Accounts
10 SecurityContext

Services and networking

No. Title
1 Services and Other Network Primitives
2 Ingress Controllers and Ingress Resources
3 Using Network Policies

Application Observability and Maintenance

No. Title
1 Understand API Deprecations
2 Liveness Probes and Readiness Probes
3 Container Logging
4 Monitoring Applications
5 Debugging

Cluster Setup

No. Title
1 Using Network Security Policies to restrict cluster level access
2 Use CIS benchmark to review the security configuration of Kubernetes components
3 Properly set up Ingress objects with security control
4 Protect Node Metadata and endpoint
5 Minimize the use of, and access to GUI elements
6 Verifying platform binaries before deploying

Cluster Hardening

No. Title
1 Restrict access to Kubernetes API
2 Use Role Based Access Controls to minimize exposure
3 Exercise caution in using service accounts
4 Update Kubernetes frequently

System Hardening

No. Title
1 Minimize Host OS Footprint
2 Minimize IAM roles
3 Minimize external access to the network
4 Appropriately use kernel hardening tools such as AppArmor, seccomp

Minimize Microservice Vulnerabilities

No. Title
1 Setup appropriate OS-level security domains
2 Managing Kubernetes Secrets
3 Use Container Runtime Sandboxes in Multi-tenant environments
4 Implement pod-to-pod encryption by use of mTLS

Supply Chain Security

No. Title
1 Minimize Base Image Footprint
2 Secure Supply Chain: Allowing image registries, sign and validate images
3 Use Static Analysis of User Workloads
4 Scan Images for Known Vulnerabilities

Monitoring, Logging, and Runtime Security

No. Title
1 Perform behavior analytics of syscall process and file activities at the host and container level to detect malicious activities
2 Detect threats within the physical infrastructure, apps, networks, data, users, and workloads
3 Detect all phases of attack regardless of where it occurs and how it spreads
4 Perform deep analytical investigation and identification of bad actors within an environment
5 Ensure immutability of containers at runtime
6 Use Audit Logs to monitor access

The Ultimate Helm Workshop

git clone https://github.com/kubernetesdaily/helm-workshop.git
No. Title Learn
1 Basics of Helm πŸ”—
2 Deep Dive into Charts πŸ”—
3 Work with Multiple Values πŸ”—
4 Create Template file πŸ”—
5 advance Template with If statement πŸ”—
6 Else and Else If statement πŸ”—
7 50 Helm Template Cheatsheets πŸ”—

List of tools

Title Link Tag Author
Okteto Learn Development Tools Sangam Biradar
cert-manager Learn Networking Sangam Biradar
flannel Learn Networking Sangam Biradar
werf Learn Continuous Integration & Delivery Sangam Biradar

Contributor Note

This Is Not

  • This is not a replacement for the official documentations.
  • This is not an exhaustive guide.

This Is

  • This is a collaborative and personal effort.
  • This is a project that is expected to evolve and gain from others' inputs.

meaningful contributions welcome πŸ™