Kubernetes Deep Dive
Training for Corporate Teams

Private Training

This four-day Kubernetes training introduces students to both basic and advanced Kubernetes topics. You will learn how to deploy a Kubernetes cluster to Google Cloud Platform (GCP) using Google Kubernetes Engine (GKE) or Amazon Web Services (AWS), manage workloads, administer a cluster, set policies, etc. At the end of the course, we offer an extra class to explore topics of your choice.

Kubernetes Deep Dive <br> Training for Corporate Teams

Who should attend

  • Developers
  • DevOps engineers
  • Operators
  • Architects

Why enroll

Understanding of the Kubernetes architecture

Knowledge about Kubernetes-related tooling

In-house architects, operators, and DevOps engineers prepared for the Certified Kubernetes Administrator exam


Remote training requirements

  • Access to Zoom. You can install a client (preferable) or use a web application.
  • Access to either AWS or GCP (accounts will be provided).
  • Access to GitHub.

Training program

No better time to maximize your team's talent! Design custom program

Day 1: Containers and basic Kubernetes objects

7.75 hours

  • Course introduction

    10 min
    • An introduction
    • Useful links for the course
    • The agenda
    • The schedule
    • An overview of the training methodology
  • Introduction to Kubernetes

    0.5 hour
    • Problem statement
    • Kubernetes features
    • Cloud Native Computing Foundation
    • Infrastructure as a Service vs. Containers as a Service vs. Platform as a Service


    • Setting up Google Cloud Shell
  • Kubernetes architecture overview

    1 hour
    • Kubernetes components
    • Managed Kubernetes platforms
    • Infrastructure providers
    • Deployment automation


    • Deploy Kubernetes with GKE
  • Kubernetes API objects

    0.5 hour
    • Pods
    • Deployments
    • StatefulSets
    • DaemonSets
    • Jobs
    • ConfigMaps
    • Other objects


    • Introducing API objects and providing a basic layout
    • Demonstrating kubectl explain, exploring various objects
  • Containers

    1.5 hours
    • Different ways of packaging software
    • Container benefits
    • Container implementation
    • A sample application architecture


    • Using Dockerfile to package a sample app into a container
    • Running an application in a container
    • Exposing ports
    • Mounting volumes
    • Switching between containers using DNS
    • Deploying a container, using the host and bridge mode, and examining the difference
    • Uploading an image to a container registry
  • Pods

    1 hour
    • Pods
    • Pod’s life cycle


    • Deploying a sample application to Kubernetes
    • Deploying a pod using a custom image
    • Using the exec system call to connect to a deployed container running inside a pod
  • Colocating containers

    0.5 hour
    • A multi-container pod design
    • Patterns (Ambassador, Adapter, and Sidecar containers)


    • Deploying an init container that runs application database migrations
  • Deployments

    1.5 hours
    • Deployments and ReplicaSets
    • The behavior of rolling updates in a Deployment


    • Redeploying a sample application using a Deployment object
    • Scaling a Deployment
    • Updating and rolling out a Deployment
    • Viewing Deployment history
    • Rolling back a Deployment
    • Configuring rollover parameters of a Deployment
  • Labels, selectors, and annotations

    0.5 hour
    • Labels use and format
    • How to use selectors
    • Annotations
    • The difference between labels and annotations
    • Scenarios for choosing labels over selectors


    • Labelling pods
    • Using selectors
    • Annotating pods
  • Services

    1 hour
    • Service types
    • Proxy modes
    • Service discovery (the env command, DNS)


    • Connecting sample application’s components together using a service
    • Using the DNS service discovery
    • Use the LoadBalancer service to expose an application
    • Implementing a blue-green deployment pattern
  • Ingress

    0.75 hour
    • The Ingress service vs. the LoadBalancer service
    • Types of Ingress controllers (Google Cloud Load Balancing, NGINX, etc.)
    • Configuring Ingres
    • Ingress in on-premises installations


    • Serving the application traffic from the Ingress service instead of the LoadBalancer service
    • Using a static IP with Ingress
    • Specify an application domain
    • Adding the SSL support

Day 2: Advanced workload management

6 hours

  • Secrets and ConfigMaps

    0.75 hour
    • Use cases for Secrets and ConfigMaps
    • Different ways of mapping Secrets into containers


    • Modifying a sample application to use Secrets and ConfigMaps to externalize application credentials and configuration
  • Health checks

    1 hour
    • The difference between a livenessProbe and readinessProbe
    • Health checks types (the exec command, TCP connections, and HTTP requests)


    • Defining a custom livenessProbe
    • Defining a custom readinessProbe
    • Testing the workability of probes
    • Experimenting with probe types
  • Management of container resource usage

    0.5 hour
    • The difference between request and limit settings in a pod
    • Limit types
    • The default behavior when limits and requests are unset


    • Setting limits for a sample application
    • Testing the limits and observing the results
  • Batch processing

    0.5 hour
    • Jobs use cases
    • The difference between jobs and CronJobs


    • Creating a CronJob to enable an automated backup of a sample application database
  • Managing clustered stateful applications

    1.5 hours
    • StatefulSets (use cases and their difference from Deployments)
    • Using headless services in combination with StatefulSets
    • Using readinessProbes in a combination with StatefulSets


    • Preparing a Docker image in a MySQL Galera cluster
    • Preparing a headless service to perform service discovery during cluster bootstrap
    • Deploying the MySQL Galera cluster as a StatefulSet
    • Attaching PersistentVolumeClaim as a template to each node in a StatefulSet
  • Volumes and data

    0.5 hour
    • Persistency in Kubernetes
    • PersistentVolumes and PersistentVolumeClaims
    • Storage classes
  • Autoscaling

    0.75 hour
    • How pod autoscaling works
    • Horizontal vs. vertical autoscaling


    • Defining a horizontal autoscaler for a sample application
    • Testing Autoscaler
  • Game: “You are an architect.”(optional)

    0.5 hour
    • A review of topics discussed. Using a whiteboard, we will describe an application with Kubernetes objects.

Day 3: Policies, CI/CD, Kubernetes components deep dive

8 hours

  • Networking

    0.75 hour
    • CNI plugins
    • A network policy
    • Cluster DNS
    • External load balancers


    • Setting and testing an ingress/egress network policy
  • Namespaces

    0.25 hour
    • Managing multiple teams/resources
    • Providing virtual clusters
  • Quotas

    0.5 hour
    • Namespace level resource control
    • Stability in a cluster


    • Create a namespace
    • Create a quota
    • Test the quota
  • Security Overview

    0.75 hour
    • Overview of the CIS benchmark
    • Authentication Methods
    • Admission controllers
    • Securing API access
    • Pod security policies
    • Securing Docker images
  • Authentication and authorization

    2 hours
    • User, groups, and service accounts
    • Authentication strategies (client certificates, bearer tokens, authenticating proxy, etc.)
    • OAuth2 and OpenID Connect
    • Role and ClusterRole
    • Binding roles


    • Creating a namespace
    • Creating ServiceAccount
    • Binding role-based access control (RBAC) roles to ServiceAccount
    • Using a kubectl container to access the Kubernetes API inside a cluster
    • Testing RBAC roles
  • Security contexts

    0.75 hour
    • How to configure a security context for a pod or container


    • Deploying an application that needs specific root access
    • Configuring a fully restricted security context
    • Adding a required root permission to SecurityContext
  • CI/CD

    1.5 hours
    • Building CI/CD pipelines with Kubernetes
    • Deployment patterns (canary deployments and blue-green deployments)
    • Using Jenkins with Kubernetes
  • Managing Kubernetes clusters

    0.5 hour
    • Kubernetes installers (kubeadm, kops, Kubespray)
    • Using managed Kubernetes services
    • Cluster updates and upgrades
    • Isolating nodes with different characteristics (node pools)

Day 4: Repeatable deployments and logging/monitoring

4 hours (plus extra topics)

  • Helm

    1.5 hours
    • The Helm architecture
    • How to secure Helm


    • Using Helm to deploy the ELK stack logging and Prometheus
    • Reviewing the ELK stack Helm chart
    • Writing a sample Helm chart
  • Logging

    1.5 hours
    • The logging architecture in Kubernetes
    • Logging patterns (the sidecar pattern, a node agent, etc.)
    • The ELK architecture
    • ELK authentication and authorization


    • Accessing cluster components logs
    • Accessing application logs
    • Using filters in Kibana, setting up custom dashboards
  • Monitoring

    1 hour
    • The monitoring architecture in Kubernetes
    • Metric sources (container metrics, API metrics, etc.)
    • The Prometheus architecture


    • Checking default dashboards in Grafana
    • Creating a custom dashboard
    • Using Prometheus UI to run queries

Day 4: Extra topics (customer choice, up to 4 hours)

  • Machine learning workloads

    1 hour
    • An introduction to machine learning on Kubernetes
    • CI/CD practices in machine learning
    • Tooling
    • How to manage special hardware, such as GPUs
  • Service meshes

    2 hours
    • An introduction to a service mesh (common features)
    • A service mesh interface
    • A comparison of service meshes
    • Service mesh tooling (Jaeger, Kiali, and Flagger)


    • Deploying Istio
    • Deploying sample applications
    • Observing the results with Kiali and Jaeger
  • Multi-cluster design (across clouds)

    0.75 hour
    • An introduction to a multi-cluster design
    • Management tools
    • Scaling requirements
  • Working with mandated restrictions

    0.75 hour
    • An introduction
    • The Health Insurance Portability and Accountability Act
    • Personally identifiable information
    • Payment Card Industry Data Security Standard
  • Affinity and anti-affinity

    0.75 hour
    • Pod/node affinity/anti-affinity
    • Taints and tolerations
    • Use cases


    • Configuring node/pod affinity and anti-affinity to see Kubernetes schedules containers
  • Game: “Pin the tail on the Donkey”

    0.5 hour
    • A review of Kubernetes components architecture in an interactive game
  • Questions and answers

    0.5 hour or more
    • An ask-me-anything session


What you get with Altoros

  • Understanding of how Kubernetes handles container-based distributed workloads
  • Practical skills needed to spin up a Kubernetes cluster
  • Experience required to successfully operate and manage fault-tolerant Kubernetes clusters
  • Cluster security guidance
  • Hands-on practice around deploying and managing multi-tier applications
  • Training materials, including slides and examples
  • Sending notifications to the customer on resolving the issue

Maximize your talent with customized hands-on training

Maximize your talent with customized hands-on training

We work with

VMware TanzuAzure kubernetes serviceAmazonEKSGoogle kubernetes engine

Select online training close to you

Public classes are not scheduled at the moment. Please contact us at training@altoros.com if you’d like to join our waitlist or request private training for your team.

Showing online training courses {{ filterTickets.length }} of {{ tickets.length }}

Show All Courses

{{ ticket.title }}

{{ ticket.country }},

{{ ticket.city }}

{{ ticket.date }}

{{ ticket.tickets_sold }} out of 10 sold

0 out of 10 sold

Buy ticket

Prerequisites. Altoros recommends that all students have a laptop with:

  • An SSH terminal client (like SSH or Putty)
  • A tool to transfer files over SSH (like scp)
  • A web browser (Chrome/Firefox)
  • Internet connection (outgoing connections on TCP ports 22, 80, 8080, and 443)
  • Access to Google Cloud Platform and Google Cloud Console

Get updates on upcoming events and new courses, discounts and special offers

Why train with Altoros?

Through expertly led, hands-on custom training courses, Altoros helps IT professionals around the globe to advance their skills in cloud-native development and PaaS, blockchain, artificial intelligence, and deep learning.


Years of experience


Satisfied customers


Successfully implemented projects


Global 2000 organizations as customers


Full-time engineers


Global offices

What our customers say


“This program is really good and gives a deep understanding of Kubernetes. Christian (the trainer) was very friendly and helpful.”

Lead DevOps Engineer at Accenture

Kubernetes Deep Dive training in San Francisco


“Ryan was very knowledagle & made the training interesting. He focuses on enabling us to actually use the technology in the field with practical examples, highlighting common problems & solutions to the same.”

Senior Solutions Architect at State Farm

Kubernetes Deep Dive Training in NYC


“It was great to interact face to face with instructor and ask questions, the training was very intensive and hands-on.”

Lead Architect at Macy's

Kubernetes Deep Dive Training in Chicago


“Training was fantastic. Everything was great and the trainers were great guys.”

Platform Architect at IBM

Kubernetes Deep Dive Training in Los Angeles


“What was the biggest value of the course? Definitely understanding the basics of Kubernetes, and doing some troubleshooting of problems.”

DevOps Engineer at Hanu

Kubernetes Deep Dive Training in Los Angeles


“What was the biggest value of the course? Lots of hands-on exercises and adding additional topics as we asked before.”

Kubernetes Deep Dive training



“The format is great, training customization content is appreciated too. The trainer was accommodative and adaptive, he was good at going around and helping everyone to work through exercise.”

Lead Platform Architect at Nestle

Kubernetes Deep Dive training in San Francisco


What trainees say about Altoros courses

Kubernetes Deep Dive Training in San Jose
Kubernetes Deep Dive Training in San Jose
Kubernetes Deep Dive Training, Washington DC
Kubernetes Deep Dive Training, Washington DC
Cloud Foundry for DevOps Training
Cloud Foundry Training at Cloud Foundry Summit, 2017
Kubernetes Deep Dive Training, Los Angeles

Frequently asked questions

Did not find the answer to your question? Drop us a line at training@altoros.com

  • Will I get a certificate after completion?

    Yes! Once you have completed our training, you will be issued a certificate that you can print or add to your LinkedIn profile for others to see.

    Note: the certificate does not represent official academic credit.

  • What are the available payment options?

    We accept all major credit cards including Visa, American Express, MasterCard, Discovery, and more. You can pay by credit card, bank transfer, PayPal or check.

    If you would like to get an invoice for your company to pay for this training, please email to training@altoros.com and provide us with the following info:

    • Name of your Company/Division which you would like to be invoiced
    • Name of the person the invoice should be addressed to
    • Billing Address
    • Purchase order # to put on the invoice (if required by your company)
  • Do you offer discounts?

    Yes, we offer discounts of up to 20% off for early birds who register for the training in advance. Each discount tier has a limited number of seats and all of our discounts are available in limited quantities. Once we sell all of our discounted seats, we move to full price.

  • Do you offer group discounts?

    Yes, we also offer a discount for groups of 3 or more people who register together.

  • What size are the groups?

    The standard group size is 7-10 people. Small class sizes provide students unparalleled access to instructors. This way each student can have enough attention and assistance from the instructor.

    Note: The class is contingent upon having 7 attendees. If there aren’t enough students, we will offer you to attend the class in a different location or make a full refund. That is also the reason why we ask not to buy flight tickets before the class is confirmed.

  • I need to travel to participate in training. Do you help with visa?

    We do not participate in the process of application for visa. However, we can provide a confirmation that you have registered for our class and bought a ticket for it. This should support your visa application.

    If your application is declined, we will refund the ticket, except for a small administrative fee.

  • What services do you offer after the training?

    Advanced training options or classes on different domain to widen your expertise and technical skill set (Kubernetes, Cloud Foundry, Microservices)

  • Why should I trust Altoros Training?

    We have 19 years of experience in the delivery of various projects with wide range of technologies.

    Our trainers are first of all engineers and developers who build Kubernetes solutions for our clients on daily basis

    We’ve already trained 500+ people all over the world.

Contact us

Ryan Meharg

Ryan Meharg

Technical Director

ryan.m@altoros.com650 265-2266

4900 Hopyard Rd. Suite 100 Pleasanton, CA 94588