Standard
Kubernetes

Kubernetes Networking Deep Dive

Excel in Kubernetes networking through hands-on labs and troubleshooting drills tailored for new SREs. Cover CNIs, services, Ingress, and security to ensure robust and secure container communication.

Kubernetes Networking Deep Dive
User profile

Weston Bassler

Site Reliability & Machine Learning Engineer

Unlock the full potential of Kubernetes with our comprehensive Kubernetes Networking course, designed for DevOps engineers, IT professionals, and system administrators. This course simplifies the complexities of Kubernetes networking, offering in-depth insights and hands-on experience with modern container networking. Immerse yourself in multiple hands-on labs designed to simulate real-world scenarios, putting you in the shoes of a recently hired SRE at Company X.

Section 1 - Networking Overview

Start with an introduction to Kubernetes networking, exploring its architecture and crucial role in container orchestration. Dive into Kubernetes Networking Models, comparing Host-Only, Overlay, and Network Policies, coupled with best practices to ensure robust and secure networking.

Section 2 - CNIs

Grasp the fundamentals of Container Networking Interfaces (CNI) like Calico, Flannel, and Weave, and learn to configure and manage Cilium as the selected CNI for this course. Enhance your understanding of network add-ons such as CoreDNS and kube-proxy. Master pod networking, intra-pod communication, and IP addressing along with network namespaces and policies to control and secure pod communications. 

Section 3 - Services

Understand the intricacies of Kubernetes Services, including Cluster IP, NodePort, LoadBalancer, and ExternalName Services. Learn about Endpoints and Endpoint Slices, their creation, and practical examples. Explore DNS-based service discovery mechanisms that enable seamless service communication within the cluster. Finally, delve into common networking issues and their resolution, along with troubleshooting tools and techniques. 

Section 4 - Ingress

Get introduced to Ingress Controllers and Ingress Resources, focusing on setting up and managing the Traefik Ingress Controller. Discover how to use ExternalDNS to configure exposed services and Ingresses with DNS Providers. Advance your knowledge with Service Mesh for multi-cluster deployments and cross-cluster communication using Cilium Cluster Mesh.

Section 5 - Security

Focus on security best practices, considering encryption, authentication, and authorization for network traffic to ensure a secure Kubernetes environment. Learn to leverage tools like Cert-manager and Let’s Encrypt for secure operations. Implement advanced security features such as Cilium Network Policies and mTLS, and utilize Hubble to troubleshoot network flows for optimal performance.

Our students work at..

Vmware logo
Microsoft logo
Google logo
Dell logo
Apple logo
Pivotal logo
Amazon logo

About the instructor

  • Weston Bassler

    Weston Bassler

    Site Reliability & Machine Learning Engineer

    A former DevOps and SRE professional recently transitioned to a Machine Learning Engineer role. He enjoys building and scaling AI/ML projects, with a passion for bridging the gap between Machine Learning and Operations, automating ML workflows, and pushing the boundaries of technology. Additionally, he is a dedicated mentor to college students, instructor, and coach, sharing his knowledge and experience to help others grow in the field. His career started as a Linux Administrator, where he developed a passion for Linux and open-source technology. Today, you can find him mostly coding in Python, training models, and deploying AI/ML applications on Kubernetes. Over the years, he has held various certifications, including RHCSA, RHCS in Containers, LFCS, and currently holds two certifications in GitOps. His background primarily consists of distributed systems architecture such as Hadoop, Apache Mesos, and Kubernetes. He also has an extensive background working with cloud providers such as AWS, Google Cloud and Azure.

Course Content