Duration 8 days – 56 hrs
Overview
This comprehensive training course is designed to provide participants with the knowledge and skills needed to deploy, manage, and maintain Kubernetes clusters on AWS using Terraform. The course focuses on the principles of Site Reliability Engineering (SRE) and Infrastructure as Code (IaC) to ensure efficient, scalable, and reliable infrastructure management. Participants will gain hands-on experience in setting up AWS EKS clusters, writing Terraform scripts, and applying SRE practices to manage and monitor Kubernetes environments.
Objectives
- Understand the fundamentals of Kubernetes and AWS EKS.
- Use Terraform to define and provision AWS infrastructure.
- Apply SRE principles to ensure reliability, scalability, and maintainability.
- Automate the deployment and management of Kubernetes clusters using Terraform.
- Implement monitoring, logging, and alerting for EKS clusters.
- Manage infrastructure as code with best practices for collaboration and version control.
- Secure and optimize Kubernetes environments on AWS.
Audience
- DevOps engineers
- Site Reliability Engineers (SREs)
- Infrastructure engineers
- Cloud architects
- IT professionals looking to automate and manage AWS Kubernetes infrastructure
Pre-requisites
- Basic understanding of AWS services and concepts
- Familiarity with Kubernetes fundamentals
- Basic knowledge of Terraform and IaC principles
- Experience with command-line interfaces and version control systems (e.g., Git)
Course Content
Terraform
- Introduction to Infrastructure as Code (IaC)
- Terraform Install Tools, Command and Language Basics
- Terraform Settings, Providers, and Resources
- Terraform Input Variables, Output Values, Datasources
- Terraform Loops, MetaArguments, Splat Operator and Functions
- AWS VPC 3-Tier Architecture Design using Terraform
- Bastion Host AWS EC2 Instances, Security Groups, TF Provisioners with Terraform
- AWS EKS Cluster, Public and Private Node Groups using Terraform
Kubernetes
- Kubernetes Fundamentals
- Kubernetes Deployment and Service using YAML
- Terraform Kubernetes Provider – Kubernetes Deployment & Service
- Terraform Remote State Storage – AWS S3 & DynamoDB
- AWS EKS IAM Roles for Service Accounts (IRSA) using Terraform
- AWS EKS EBS CSI Driver Install with Self-Managed AddOn Option using Terraform
- AWS EKS EBS Demo using k8s YAML (UserMgmt WebApp with MySQL DB)
- AWS EKS EBS Demo using k8s Terraform (UserMgmt WebApp with MySQL DB)
- AWS EKS EBS Volumes Retain and Resize Settings
- AWS EBS CSI EKS Add-On
Roles and Permission
- Provision AWS IAM Admin User as EKS Admin
- Provision AWS IAM Basic User as EKS Admin
- Provision of AWS Users (Admin & Basic) as EKS Admins using Terraform
- Provision EKS Admins using IAM Roles & IAM Groups
- Provision EKS Admins using IAM Roles & IAM Groups using Terraform
- Provision EKS ReadOnly User using IAM Roles, Groups & k8s CR, CRB Provision EKS Developer Users using IAM Roles, Groups & k8s R, RB
- AWS Load Balancer Controller Install using Terraform Helm Provider
Ingress
- Ingress Basics
- Ingress Context Path based Routing
- Ingress SSL and SSL Redirect
- Install ExternalDNS using Terraform Helm Provider
- Ingress with ExternalDNS
- Kubernetes LB Service with ExternalDNS
- Ingress Name based Virtual Host Routing
- Ingress SSL Discovery Host
- Ingress SSL Discovery TLS
- Ingress Groups
- Ingress Target Type IP
- Ingress Internal Load Balancer
- Ingress Cross Namespaces
Network Load Balancer
- AWS Network Load Balancer with AWS Load Balancer Controller
- AWS NLB TLS, External DNS with AWS LBC
- AWS NLB Internal LB with AWS LBC
Deploy AWS Fargate using Terraform
- AWS EKS Fargate Profiles using Terraform
- Run EKS Workloads on AWS Fargate
- AWS Fargate Only EKS Cluster using Terraform
Deploy AWS EFS using Terraform
- AWS EFS CSI Controller Install using Terraform Helm Provider
- AWS EFS Static Provisioning – Automate with Terraform
- AWS EFS Dynamic Provisioning – Automate with Terraform
- AWS EFS File System Mount for Fargate Workloads
Scaling
- Kubernetes Cluster Autoscaler Controller Install
- Kubernetes Cluster Autoscaler Controller Test
- Kubernetes Horizontal Pod Autoscaling with Terraform
- Kubernetes Vertical Pod Autoscaling with Terraform
Monitoring
- AWS EKS Monitoring and Logging with kubectl
- AWS EKS Monitoring and Logging with Terraform
Kubernetes Concepts Covered
- Kubernetes Deployments
- Kubernetes Pods
- Kubernetes Service of Type LoadBalancer
- Kubernetes Service of Type ClusterIP
- Kubernetes Ingress Service
- Kubernetes Ingress Class
- Kubernetes Storage Class
- Kubernetes Storage Persistent Volume
- Kubernetes Storage Persistent Volume Claim
- Kubernetes RBAC
- Kubernetes Role
- Kubernetes Role Binding
- Kubernetes Cluster Role
- Kubernetes Cluster Role Binding
- Kubernetes Cluster Autoscaler
- Kubernetes Vertical Pod Autoscaler
- Kubernetes Horizontal Pod Autoscaler
- Kubernetes DaemonSets
- Kubernetes Namespaces
- Kubernetes Service Accounts
- Kubernetes Groups
- Kubernetes ConfigMaps
- Kubernetes Requests and Limits
- Kubernetes Worker Nodes
Terraform Concepts covered
- Settings Block
- Providers Block
- Multiple Providers usage
- Dependency Lock File Importance
- Resources Syntax and Behavior
- Resources Meta-Argument – depends_on
- Resources Meta-Argument – count
- Resources Meta-Argument – for_each
- Resources Meta-Argument – lifecycle
- Input Variables – Basics
- Input Variables – Assign When Prompted
- Input Variables – Assign with terraform.tfvars
- Input Variables – Assign with auto tfvars
- Input Variables – Lists
- Input Variables – Maps
- File Function
- Output Values
- Local Values
- Datasources
- Backends – Remote State Storage
- File Provisioner
- remote-exec Provisioner
- local-exec Provisioner
- Null Resource
- Modules from Public Registry
- element function
- Remote State Datasource
- Terraform Datasources
Terraform Providers used
- AWS Terraform Provider
- Kubernetes Terraform Provider
- Kubectl Terraform Provider
- HTTP Terraform Provider
- Null Terraform Provider
- Helm Terraform Provider
