The Certified DevOps Advanced Training is a thorough program that provides professionals with higher-level skills and knowledge in DevOps. It prepares participants to handle complex tasks in software delivery, infrastructure management, and teamwork.
Advanced DevOps focuses on improving collaboration, automation, and integration between development and IT operations to deliver software faster and more reliably. This training moves beyond the basics and covers more advanced areas of DevOps, giving participants the expertise needed to succeed in challenging DevOps roles.
Course Outline
Lesson 1: Understanding GitOps
- Understanding What Gitops Is
- Understanding the Need for GitOps
- Understanding the Benefits of GitOps
- Understanding the Difference between GitOps and DevOps
- Understanding the Difference between GitOps and IaC
- GitOps Principles and Practices
Lesson 2: Understanding GitOps Architecture and Tooling
- Understanding GitOps Tooling
- Understanding a GitOps Architecture
- Understanding GitOps Architectural Decision Points
- Demo: Deploy New Application Using Argo CD GitOps Too
Lesson 3: Understanding GitOps Workflow
- Enabling a GitOps IaC Workflow
- Enabling a GitOps Workflow Using Flux
- Demo: GitOps in Action with Azure Arc Enabled Kubernetes
Lesson 4: Adopting GitOps Next Steps
- Understanding How GitOps Applies to Your Career
- Selling GitOps to Your Leadership
- Understanding How to Onboard GitOps On Your Next Project
- Understanding Resources For GitOps
Lesson 5: Docker Introduction
- What is Docker?
- Why Docker?
- Containerization v/s Virtualization
- Docker Architecture
- Understanding the Docker components
- Docker Terminologies
- Docker Internals
Lesson 6: Docker Installation
- Docker Editions
- Hardware and Software Requirements
- Installing Docker
- Docker Config Files and Settings
Lab: Installing Docker on Linux
Lesson 7: Managing Container Lifecycle
- Creating, Starting and Listing Containers
- Attaching and Detaching from Container
- Fetching Container details using “inspect”
- Executing Commands inside a Container
- Pause, Stop, Start, Restart and Kill a Container
- Container Metrics via stats
- Limiting Memory and CPU utilization
- Storage Utilization of a Container
- Expose Container Application using Host Port
Lab: Managing Container Lifecycle
Lesson 8: Working with Docker Images
- Searching, Filtering and Pulling Images
- Docker Image save/load
- Commit Container State
- Understanding Docker Image Directives
- Understanding the use of Base Images
- What is “FROM scratch”?
- RUN vs CMD
- COPY vs ADD
- Building Custom Images using Dockerfile
- Understanding Image Layers
- Publishing the Custom Image
- Flatten an Image using export/import
- Tagging Images
- Working with Docker Hub
- Pushing Docker Images to Docker Hub
- Working with Local Registry Service
Lab: Working with Docker Images
Lab: Building Custom Images
Lab: Working with Docker Hub
Lab: Setting up Local Registry Service
Lesson 9: Docker Volume Management
- Understanding need of Volume service in Docker
- Understanding various Volume Plug-ins
- Create and Manage Volumes
- Start a container with a Volume
- Populate data in a Volume using a Container
- Use a read-only Volume
- Migrating Volumes between Containers
Lab: Creating and Manage volumes
Lesson 10: Docker Networking
- Understanding various Network Plug-ins
- Understanding the default Docker Networking
- Working with Bridge Network
- Working with Host and None Networks
Lab: Managing Docker Networking
Lesson 11: Docker Compose
- Introduction to Compose
- Understanding docker-compose file
- Docker Compose Use Cases
Lab: Deploying Multi-tier App with Docker Compose
Lesson 12: Docker Swarm
- Introduction to Docker Swarm
- Docker Swarm vs Kubernetes
Lesson 13: Kubernetes Platform
- Orchestration and Various Tools
- History of Kubernetes
- Features of Kubernetes
- What Kubernetes is not!
- Kubernetes Versions
Lesson 14: Kubernetes Architecture
- Kubernetes Terminology
- Kubernetes Components
- Kubernetes Cluster Architecture
- Understanding Kubernetes Master Components
- Kube-apiserver
- ETCD
- Kube-scheduler
- Kube-controller
- Kube-DNS
- Understanding Kubernetes Node Components
- Kube-proxy
- Kubelet
- Container Runtime
- Understanding the difference between the master and worker nodes
Lesson 15: Kubernetes Setup and Validation
- Understanding different tools for deploying Kubernetes Cluster
- Release Binaries, Provisioning and Types of Clusters
- Building the Kubernetes Cluster using kubeadm
- Installing Kubernetes Master and Nodes
- Configuring Secure Cluster Communications
- Testing the Cluster
Lab: Deploying Kubernetes Cluster using Kubeadm
Lab: Adding Nodes to Kubernetes Cluster
Lesson 16: Working with Pod
- Pod Overview
- Creating a Pod with imperative syntax
- Creating a Pod with declarative syntax
- Reading the Pod’s information and metadata
- Listing the objects in JSON or YAML
- Backing up your resource using the list operation
- Getting more information from the list operation
- Accessing a Pod from the outside world
- Entering a container inside a Pod
- Deleting a Pod
- Understanding Pod Lifecycle
- Multi-container Pod
- Concrete scenarios where you need multi-container Pods
- When not to create a multi-container Pod
- Creating a Pod made up of two containers
- What happens when Kubernetes fails to launch one container in a Pod?
- Deleting a multi-container Pod
- Understanding the Pod deletion grace period
- Accessing a specific container inside a multi-container Pod
- Running commands in containers
- Overriding the default commands run by your containers
- Static Pod
- Init Containers
- Sidecar container pattern
- Labeling and annotating the Pods
- What are labels and why do we need them
- What are annotations and how do they differ from labels
- Adding a label
- Listing labels attached to a Pod
- Adding or updating a label to/of a running Pod
- Deleting a label attached to a running Pod
- Adding an annotation
Lab: Imperative Commands and Formatting Output with kubectl
Lab: Working with Single Container Pods
Lab: Creating multi container Pod
Lab: Creating init container Pod
Lab: Working with Static Pod
Lab: Working with label and selector
Lesson 17: Kubernetes Networking and Service
- Cluster Communications
- Pod and Node Networking
- Container Network Interface (CNI)
- Service Networking
- ClusterIP, NodePort & Load Balancer
- Understanding Pod IP assignment
- Understanding Pod IP assignment is dynamic
- Never hardcode a pod’s IP addresses in your application code
- Understanding how services route traffic to Pods
- Understanding how DNS names are generated for services
- Understanding the different types of services
- Why do you need ClusterIP services?
- ClusterIP services to expose my Pods?
- Listing ClusterIP services
- Creating ClusterIP services using the imperative way
- Describing ClusterIP services
- Creating ClusterIP services using the declarative way
- Deleting ClusterIP services
- Understanding headless services
- Why do you need NodePort services?
- Understanding NodePort
- YAML definition
- Making sure NodePort works as expected
- Listing NodePort services
- Adding more Pods to NodePort services
- Describing NodePort services
- Deleting NodePort services
- NodePort or kubectl port-forward?
- Ingress Rules
- Cluster DNS
Lab: Exposing Applications using various types of Services
Lab: Install and Configure Ingress Controller to expose nginx based Service
Lesson 18: Application Lifecycle Management using kubernetes Controllers
- Controllers:
- Creating a ReplicaSet object
- Testing the behavior of ReplicaSet
- Scaling ReplicaSet
- Deleting a ReplicaSet object
- Creating a Deployment object
- Exposing Deployment Pods using Service objects
- Scaling a Deployment object
- Deleting a Deployment object
- How does a Deployment object manage revisions and version rollout?
- Updating a Deployment object
- Rolling back a Deployment object
- Deployment object best practices
- Use declarative object management for Deployments
- Do not use the Recreate strategy for production workloads
- Do not create Pods that match an existing Deployment label selector
- Carefully set up your container probes
- Use meaningful and semantic image tags
- Migrating from older versions of Kubernetes
Lab: Deploying Application using Replication Controller
Lab: Deploying Application using Replica Set
Lab: Rolling Updates and Rollbacks using Deployment
Lab: Deploying Application using Daemon Set
Lab: Deploying StatefulSet Application
Lab: Deploying Multi-Tier Application
Lab: working with Job and CronJob
Lesson 19: Logging and Monitoring
- Describe Resources
- Pod/container logs
- Metric Server & top command
- Events
Lab: Working on Logs and Events
Lab: Working with Metric Server
Lab: working with HPA
Lesson 20: Working with Kubernetes Scheduler (Advance Scheduling)
- Pod Scheduling within the Kubernetes Cluster
- Configuring the Kubernetes Scheduler
- Running Multiple Schedulers for Multiple Pods
- NodeName Taints, Tolerances, Node Selector, labels & Selectors
- Taint vs Tolerations vs Node Affinity/AntiAffinity
- Scheduling Pods with Resource Limits and Label Selectors
- Displaying Scheduler Events
Lesson 21: Storage
- Managing Data in the Kubernetes Cluster
- EmptyDir, hostPath, PV, PVC, StorageClass
- Volume Access Modes
- Applications with Persistent Storage
- ConfigMaps
- Secrets
Lab: Working with Kubernetes Volume Service
Lab: Configuring Dynamic Volume Service
Lab: Working with ConfigMaps and Secrets
Lesson 22: Application Health
- Application LivenessProbe
- What is LivenessProbe and why do you need it?
- Implementing LivenessProbe
- Application ReadinessProbe
- Why do you need ReadinessProbe?
- Implementing ReadinessProbe
- Using ReadinessProbe and LivenessProbe together
- Application Startupprobe
Lab: Working with LivenessProbe and ReadinessProbe
Lesson 23: Using RBAC Authorization
- Role and ClusterRole
- RoleBinding and ClusterRoleBinding
- Referring to resources
- Aggregated ClusterRoles
- Referring to subjects
- Default roles and role bindings
- Auto-reconciliation
- API discovery roles
- User-facing roles
- Privilege escalation prevention and bootstrapping
- Restrictions on role creation or update
- Restrictions on role binding creation or update
Lesson 24: Securing your Pods using the NetworkPolicy object
- Why do you need NetworkPolicy?
- Understanding Pods are not isolated by default
- Basics
- DENY all traffic to an application
- LIMIT traffic to an application
- ALLOW all traffic to an application
- Namespace’s level
- ALLOW traffic to an application from all namespaces
- ALLOW all traffic from a namespace
- ALLOW traffic from some pods in another namespace
- Advanced
- ALLOW traffic only to certain port numbers of an application
- ALLOW traffic from apps using multiple selectors
Managing Clusters
- Managing the Kubernetes Cluster
- Upgrading the Kubernetes Cluster
- ETCD Backing Up and Restoring a Kubernetes Cluster
Lab: Upgrading Kubernetes Cluster
Lab: ETCD Backing Up and Restoring a Kubernetes Cluster
Lesson 25: Helm-Introduction
- Installing Helm
- Using Helm
- Chart Development Tips And Tricks
- Syncing Your Chart Repository
- Chart Releaser Action To Automate GitHub Page Charts
- Charts
- Chart Hooks
- Chart Tests
- Library Charts
- Helm Provenance And Integrity
- The Chart Repository Guide
- Registries
- Helm Architecture
Lesson 26: Introduction to Ansible
- What is Ansible and Features
- History and Releases
- Agent versus Agentless
- Ansible Architecture
- Infrastructure as Code
- Idempotency
- Use cases
Lesson 27: Installing Ansible
- Environment Setup
- Hardware and Software requirements
- How to install Ansible?
- How Ansible works?
- Ansible CLI
Lesson 28: Deploying Ansible
- Building an Ansible Inventory
- Ansible Configuration Files
- Running Ad Hoc Commands
- Managing Dynamic Inventories
- Ansible Modules
- Ansible Plugins
Lesson 29: Ansible Playbooks Anatomy
- Hosts
- Tasks
- Plays
- Playbook Execution
Lesson 30: Ansible Foundation
- Managing Variables
- Managing Facts
Lesson 31: Ansible Task control execution
- Loops and Conditionals
- Handlers
- Limiting Execution by Hosts (limit)
- Limiting Execution by Tasks (tag)
- Adding and Meeting Conditionals
- Handling Errors
Lesson 32: Modular Configuration with Ansible Roles and Galaxy
- Ansible Roles Structure
- Creating Roles
- Deploying Roles with Ansible Galaxy
Lesson 33: Optimizing Ansible
- Selecting Hosts with Host Pattern
- Configuring Delegation
- Configuring Parallelism
Lesson 34: SSH Key and Credentials Management
- SSH Keys
- Configure Ansible Vault
- Securing Passwords Using Vault
- Executing with Ansible Vault
Lesson 35: Automate Linux administration tasks
- Automate common Linux system administration tasks with Ansible.
Lesson 36: Troubleshooting, Testing, and Validation
- Troubleshooting Playbooks
- Troubleshooting Ansible Managed Hosts
- Ordering Problems
- Jumping to Specific Tasks
- Retrying Failed Hosts
- Syntax-Check and Dry-Run
- Debugging
Lesson 37: Infrastructure as Code
- Introduction to IaC
- Difference between GUI, CLI and IaC
- Why IaC
- Multiple Tools and services available for IaC
- Terraform Basics
Lesson 38: Terraform Introduction
- Why Terraform – picking the right tool
- Desired and current states
- Understanding Resources and Providers
- Terraform Code
- AWS Fundamentals & Services offered
- Automated deployment on AWS
Lesson 39: Terraform Fundamentals
- Terraform commands & state files.
- Destroying Infra with Terraform
- Understanding Attributes and Output Values in Terraform
- Understanding Provisioners in Terraform
- Understanding terraform HCL
- Terraform Variable
- Terraform Variable Types
- Outputting attributes
- Data Sources
- Terraform Modules
- Interpolation
- Conditionals
- For & For-Each loop
Lesson 40: DevOps Practices and Methodologies
- Continuous Integration
- Continuous Delivery
- Continuous Deployment
- Source Control Management
- Branches
- Artifacts
- Code Testing
- Code Vulnerabilities Scan
- Distributed Builds
- Jenkins Installation
- Ubuntu
- CentOS/RedHat
- MacOS
- Windows
- Docker Container
- Deploying Jenkins in Public Cloud (AWS)
Lesson 41: Jenkins Installation
- Ubuntu
- CentOS/RedHat
- MacOS
- Windows
- Docker Container
- Deploying Jenkins in Public Cloud (AWS)
Lesson 42: Jenkins Graphical User Interface
- Exploring the GUI
- System Configuration
- Security Configuration
- Jenkins
- Job Configuration
Lesson 43: Jenkins Plugins
- Managing Plugins
- Updating Plugins
- Adding Plugins
Lesson 44: Freestyle Jobs
- Basic Job Structure
- Parameters
- Build Environment
- Build Step
- Post Build Step
- Notifications
- Building a Free Style Job in Jenkins
Lesson 45: Agents and Distributed Builds
- Setting up a Build Agent
- Distributing a Build
- Monitoring Build Agents
Lesson 46: Source Control Management, Build Tools and Test Reports
- SCM in Builds
- Build Tools (Maven)
- Testing and Test Reports
Lesson 47: Upstream, Downstream and Triggers
- Artifacts and Fingerprints
- Linking Jobs
- Automating Jobs
- Triggering Builds with Git Hooks
Lesson 48: Jenkins Pipeline
- Pipeline Jobs
- The Blue Ocean Editor
- Scripted Pipelines
- Declarative Pipelines
- Groovy and DSL
- Jenkins File Basics
- Pipeline Triggers
- Multi branch Pipelines
- Global Libraries
- Variables and Credentials
- Dockerizing an app
- Deploying a Docker Container with Jenkins Pipelines
Lesson 49: Jenkins in Docker
- Introduction
- Docker and the Kernel
- A Linux Container Running on Windows 10
- What Is a Kernel?
- Running Linux Containers on Windows
- Jenkins on Docker
- Jenkins in a Container
- Maintaining State outside the Container
- The Docker File System
- Understanding Copy on Write
- Mounting a Volume to Your Container
Lesson 50: Jenkins Integrations
- Upload Artifacts to Jfrog artifactory
- Send Build Notifications using Slack
- Continuous Deployment to Tomcat Apache using Deploy plugin
- Integration with SonarQube to scan source code with vulnerabilities
Lesson 51: Jenkins Administration
- Permissions
- Configuration
- Updates and Maintenance
- Notifications and Alerts (Email) and Logging