Advanced Docker & Kubernetes

Inquire now

Duration 5 days – 35 hrs

 

Overview

 

This hands-on, lab-intensive program is designed for engineers who already use containers and want to level up to production-grade Docker and Kubernetes. Participants will build optimized container images, design secure container networks and storage, and deploy real workloads on Kubernetes using enterprise patterns: deployments, autoscaling, services/ingress, configuration/secrets, RBAC, network policies, observability (monitoring/logging), and operational best practices.

The course is aligned to CKA/CKAD-style competencies and enterprise Kubernetes standards (secure-by-default, repeatable delivery, and troubleshoot-ready).

 

Objectives 

  • Build optimized, secure Docker images (multi-stage builds, caching, minimal base, SBOM/scanning concepts).
  • Implement container networking and storage patterns (bridge/host/overlay concepts, volumes, bind mounts).
  • Explain Kubernetes architecture (control plane, etcd, scheduler, kubelet, CNI/CSI) and how components interact.
  • Deploy and manage workloads using Deployments, StatefulSets, DaemonSets, Jobs/CronJobs.
  • Configure Services, Ingress, and troubleshoot common networking issues.
  • Use ConfigMaps, Secrets, resource requests/limits, and scheduling controls for reliability.
  • Apply Kubernetes security practices: RBAC, service accounts, admission/pod security standards, image policies (enterprise approach).
  • Implement observability: health probes, metrics, logging patterns, and production monitoring fundamentals.
  • Troubleshoot pods, nodes, DNS, networking, storage, and deployment rollouts using a structured approach.
  • Follow operational best practices aligned with CKA/CKAD or enterprise cluster standards.

 

Audience

 

  • DevOps Engineers / SREs
  • Platform / Cloud Engineers
  • Backend Engineers deploying microservices
  • System Administrators transitioning to Kubernetes operations
  • Tech Leads responsible for container platform reliability and delivery standards

 

Pre-requisites

  • Basic Linux CLI skills (files, processes, networking basics)
  • Working knowledge of containers (build/run images, basic Docker usage)
  • Basic understanding of YAML
  • Familiarity with CI/CD concepts (helpful, not required)
  • Optional but helpful: basic Kubernetes exposure (kubectl basics)

Course Content

 

Day 1 — Advanced Docker: Image Optimization, Networking, Storage

 

  • Deep dive into Docker architecture (layers, build cache, runtime concepts)
  • Image optimization patterns
    • Multi-stage builds, build caching, minimal images, tagging strategies
    • Intro to supply-chain hygiene: signing/scanning concepts, SBOM overview (high level)
  • Advanced Docker networking
    • Bridge vs host, port mapping, DNS basics, network drivers overview
  • Storage & persistence
    • Volumes vs bind mounts, permissions, backup/restore patterns

Labs

  • Create multi-stage builds and reduce image size significantly
  • Implement best-practice Dockerfiles (non-root user, minimal base, env handling)
  • Build and run multi-container app with custom Docker networks
  • Persist data using volumes and validate recovery

 

Day 2 — Kubernetes Foundations: Architecture, kubectl Mastery, Core Workloads

 

  • Kubernetes architecture
    • Control plane components, worker node components, etcd role
    • CNI/CSI overview and how networking/storage integrate
  • kubectl power skills: contexts, namespaces, dry-run, diff, jsonpath, debugging patterns
  • Core objects and workflow
    • Pods, ReplicaSets, Deployments: rollout/rollback strategies
    • Labels/selectors and how they drive operations

Labs

  • Spin up a training cluster (local or provided) and validate access
  • Deploy a microservice using Deployments; perform rollout + rollback
  • Use labels/selectors to route and manage workloads
  • Debug CrashLoopBackOff and image pull errors

 

Day 3 — Services, Ingress, Scaling, Scheduling, Config Management

 

  • Service discovery and traffic routing
    • ClusterIP, NodePort, LoadBalancer, headless services
  • Ingress fundamentals and routing patterns (path/host-based)
  • Scaling & resiliency
    • HPA basics, resource requests/limits, disruption awareness
  • Configuration management
    • ConfigMaps, Secrets, env vars, mounted configs
  • Scheduling & placement
    • Node selectors, taints/tolerations, affinities (intro-to-practical)

Labs

  • Expose apps via Services; validate DNS + connectivity
  • Configure an Ingress and test routes
  • Apply requests/limits and configure HPA for a deployment
  • Externalize configs with ConfigMaps/Secrets and rotate safely
  • Use taints/tolerations to control placement

 

Day 4 — Security & Cluster Operations (Enterprise Patterns)

 

  • Kubernetes security essentials
    • RBAC, Roles/ClusterRoles, RoleBindings
    • Service accounts and workload identity patterns
  • Pod security and policy direction
    • Pod Security Standards / admission concepts (enterprise-ready approach)
  • Network security
    • NetworkPolicies and zero-trust basics inside the cluster
  • Operational readiness
    • Namespaces as tenancy boundaries, quotas/limits, multi-team patterns
    • Backup/restore concepts for cluster components (high-level best practices)

Labs

  • Build RBAC roles for dev vs ops personas; validate permissions
  • Apply Pod security hardening (non-root, read-only FS where applicable, capability drops)
  • Implement NetworkPolicies to restrict east-west traffic
  • Apply resource quotas/limit ranges to enforce standards

 

Day 5 — Observability, Logging, Troubleshooting & Production Best Practices

 

  • Health and reliability
    • Liveness/readiness/startup probes, graceful shutdown, rollout strategies
  • Monitoring fundamentals
    • Metrics concepts, what to monitor (nodes, pods, app SLO signals)
  • Logging patterns
    • Structured logs, sidecar patterns (conceptual), centralized logging approach
  • Troubleshooting playbook (CKA-style)
    • Pods, deployments, services/ingress, DNS, nodes, storage, RBAC issues
  • Production best practices
    • Release strategies, config/secret handling, least privilege, cost controls, governance

Labs

  • Add probes and validate zero-downtime rollout behavior
  • Diagnose networking issue (service selector/port mismatch, DNS misconfig, ingress routing)
  • Diagnose storage issue (PVC binding, access modes, permissions)
  • Fix RBAC denial and validate least-privilege access
  • “Troubleshooting gauntlet”: timed multi-scenario lab (CKA/enterprise aligned)

 

Inquire now

Best selling courses

We use cookies on our website to personalize your experience by storing your preferences and recognizing repeat visits. By clicking “Accept”, you agree to the use of all cookies. You can also select “Cookie Settings” to adjust your preferences and provide more specific consent. Cookie Policy