Workshop Time - 09:00 am - 01:00 am (SGT)

Are you ready to be the Ship’s Captain and sailing through the realm of Kubernetes? Kubernetes, also known as K8s is an open-source tool that is widely used by organisations for automating deployment, scaling and management of containerised applications.

This course will guide you through an exciting journey of getting to know the fundamentals of K8s. Participants who have no prior knowledge in K8s or containerisation technology are most welcome as we will be teaching you some of the basic and core concepts of a K8s cluster such as pod deployment, cluster networking and Role-Based Access Control (RBAC). Besides, the security element of each concept will also be presented during the workshop.

These concepts serve as a good starting point for someone who is new to this domain and would want to go deeper into this area. We will also navigate you through various hands-on sessions, that allows you to use tools we normally use when dealing with K8s. You will also be able to learn to identify security misconfiguration that could happen within a K8s cluster and follow the best practices to secure a K8s environment.

By the end of this workshop, you will have a better understanding of what K8s is, how K8s operates and the core components that are supporting K8s. You will also learn how to use CLI tools, such as kubectl to interact with a k8s cluster. Last but not least, you will also learn some of the basic security concepts that are critical in securing a K8s cluster.

This workshop is composed of the following topics:

• Introduction to K8s

  • Brief overview of the history of K8s and how it is being used in modern DevOps environment

• Components in K8s

  • Overview (Master Node & Worker Node)
  • Namespace
  • API Server
  • ETCD
  • Kube Scheduler
  • Controller Manager
  • Kubelet
  • Kube Proxy
  • Container Runtime

• CLI Tool: kubectl

  • Briefly go through and show example usage of kubectl
  • Some exercises for the participants to get familiar with kubectl
  • Walk through the exercises

• Pod deployment

  • Can be simple as “kubectl -f apply pod.yaml”
  • Deployment
  • DaemonSet
  • StatefulSet
  • Exercises for participants to experience pod deployment and understand vulnerabilities that could exist in pod / container
  • Walk through the exercises

• Cluster Networking

  • Intra-Pod communication
  • Inter-Pod communication
  • Pod-to-Worker-Node communication
  • Cluster-External communication
  • Exercises for participants to visualise cluster networking
    • Show K8s comes with flat network by default
    • Access control (Ingress)
  • Walk through the exercises

• Role-based Access Control (RBAC)

  • Role
  • Cluster
  • RoleBinding
  • ClusterRoleBinding
  • Exercises for participants to create K8s object and experience the implementation of RBAC
    • create a Service Account for a namespace
    • create a Role
    • create a RoleBinding
    • verify if RBAC works as intended
  • Walk through the exercises

• Open-Source educational kit - “Kubernetes-goat” will be used for the hands-on part of this workshop

• Cluster environment will be set up in an automated manner as an installation script will be shared with the participants one week in advance

• Link to the github repo: https://github.com/madhuakula/kubernetes-goat