O'Reilly logo
live online training icon Live Online training

Kubernetes in Three Weeks: Part II

enter image description here

Meshing and observability, operators and serverless, and CI/CD pipelines

Topic: System Administration
Jonathan Johnson

Distributed application architectures are hard. The complexity in building containers and designing microservices to work together across a network can be overwhelming. To successfully manage limitations on resources, failing networks, defective software, and fluctuating traffic, you need an orchestrator.

Kubernetes is designed to handle these complexities, so you don’t have to. Essentially a distributed operating system for your data center, you give Kubernetes containers, and it makes sure that they remain available and responsive. As such, Kubernetes is quickly becoming the preferred way to serve distributed, scalable, and resilient applications.

Jonathan Johnson walks you through Kubernetes building blocks to demonstrate how the tool actually works. You may already understand containers—the tricky part is getting a whole set of containers and services to consistently work together and run reliably. In this three-part series, you’ll get comfortable designing, deploying, managing, and updating a coordinated set of applications running on Kubernetes.

Although you can attend any of the three courses individually, we recommend pursuing the entire series, in this order:

  • Week 1: Meshing and Observability
  • Week 2: Operators and Serverless
  • Week 3: CI/CD Pipelines on Kubernetes

NOTE: With today’s registration, you’ll be automatically signed up for all three sessions in the Kubernetes in Three Weeks: Part II series. Part II builds on the topics in Part I.

Week 1: Meshing and Observability

Out of the box, Kubernetes is a strong platform for running and coordinating large collections of services, containers, and applications. Kubernetes does lack full observability and network meshing solutions, but because of its extensibility, observability and meshing can be added on top.

You’ll first look at the three pillars of observability: logging, tracing, and metrics. You’ll discover common observability techniques and tools. With measuring techniques in mind, you’ll further consider the pros and cons of adding meshing to your cluster.

Istio is an open, platform-independent service mesh that manages communications between services in a transparent way. With the 8 fallacies of distributed computing, Istio provides solutions to reduce the risks of distributed computing by managing:

  • Traffic management
  • Observability
  • Policy enforcement
  • Service identity and security

A mixture of concepts, terminology with hand-on examples will help you understand how and why observability and meshing techniques are applied to Kubernetes.

Week 2: Operators and Serverless

Even with all of the standard Kubernetes resources, it can't do everything. Fortunately, Kubernetes is highly configurable and extensible. As a software developer, once you understand how something works the next thing you naturally ask is how to extend it to meet your needs. Kubernetes opens its architecture that you can extend to meet your needs.

The Operator pattern has emerged from this extensibility goal. Increasingly, solutions on Kubernetes follow the Operator pattern. You’ll explore some common open-source solutions, and few frameworks commonly used to create your own Operators.

Serverless on Kubernetes is a cloud-agnostic way to rapidly serve applications. Building on your understanding of Operators, we will investigate a few serverless solutions that leverage the pattern. This is an ideal topic to give you a deeper understanding of how Kubernetes works.

Week 3: CI/CD Pipelines on Kubernetes

Kubernetes is also a fitting platform for hosting your continuous tools, pipeline engines, registries, testing, code analysis, security scans, and delivery workflows.

Your DevOps team is the spinal column to ensure the platform is healthy and your delivery system is free of as many frictions as possible. Your pipeline that promises continuous integration and delivery can all be run on Kubernetes. In this session, Jonathan will emphasize the importance of a strong team with a variety of skill sets. The Phoenix Project talks about the Three Ways; embracing continuous pipeline techniques running on Kubernetes can help to move from the 1st way to the 2nd, then 3rd way.

From this session, you will understand the latest tools and techniques for pipelining on Kubernetes. Let's raise the bar on your Maturity Model.

What you'll learn-and how you can apply it

Week 1: Meshing and Observability

  • When it’s appropriate to add a Service Mesh
  • Controlling and monitoring traffic between services
  • Controlling application delivery using declarative controllers
  • Observing traffic between services
  • Gathering and observing logs, tracing and metrics
  • Debugging and observing applications running on a cluster

Week 2: Operators and Serverless

  • Leveraging serverless concepts and run “functions” on the platform
  • Extending Kubernetes to deliver managed solutions using the Operator Pattern
  • How serverless architectures work and how they leverage Kubernetes

Week 3: CI/CD Pipelines and Lifecycle Tools

  • Running continuous integration pipeline on Kubernetes
  • Running Registries on Kubernetes
  • Running Chaos solutions on Kubernetes
  • Running static and runtime security scanning

And you’ll be able to:

Week 1: Meshing and Observability

  • Add observability output to your code for logging, tracing, and metrics
  • Understand the primary benefits and drawbacks for adding messing
  • Understand how to install meshing and experiment with more of its features
  • Understand how to experiment more with observability techniques
  • Navigate the decisions between different meshing and observability solutions

Week 2: Operators and Serverless

  • Search the open-source community of Operators for solutions you may need
  • Understand how Operators allow you to extend Kubernetes with more native objects
  • Understand the various frameworks to use for writing you own Operator
  • Navigate the pros/con of various Serverless solutions that leverage Kubernetes
  • Recognize how Serverless can be a significant addition to your architecture toolbox
  • See how Serverless builds on Kubernetes Operators to remain cloud vendor agnostic

Week 3: CI/CD Pipelines and Lifecycle Tools

  • Know if you are ready to move to distributed computing by creating your own checklist to gauge your team’s maturity model
  • Recognize how Kubernetes is in ideal platform to host your CI/CD pipelines and testing
  • Understand the common pipeline components that you may want to assemble onto a Kubernetes cluster
  • Recognize that Kubernetes CI/CD pipelines are a great way to get started on distributed computing before releasing commercial applications.
  • Navigate the decision dilemma of solutions available for Kubernetes hosted pipelines.
  • Recognize the significance of Tekton and Knative

This training course is for you because...

  • You’re a software engineer who wants to understand what it takes to move your applications to a distributed platform.
  • You’re a solutions architect who wants to see how various architecture topologies can be deployed to your data center machines.
  • You work with various languages and containers but want to coordinate them into a larger and more reliable offering for your customers.
  • You need to decompose your application into more modular components to ease the business needs for faster feature releases and updates.
  • You need to scale your application to a larger data center to address larger user base and compute needs.
  • You’re a team leader who wants to understand the skills and team organization to support delivery of your enterprise applications to a highly available and scaling cloud native target.
  • You want to better understand the role and skills of a cloud native engineer.


  • Comfort with Linux
  • Familiarity with the basics of CI/CD (continuous integration/continuous development)
  • Experience writing applications in a variety of languages (although this course will address writing microservices and containers specifically for Kubernetes)

Recommended preparation:

  • No preparation or local installation is needed, as all exercise materials will be provided using Katacoda scenarios.

Recommended follow-up:

You are encouraged to retry any scenarios that were covered and discussed during class.

About your instructor

  • Jonathan Johnson is an independent software architect focused on helping others unpack the riches in the cloud native and Kubernetes ecosystems. Jonathan is halfway into his second score of engineering commercial software, driven by his desire to design helpful software to move us forward. His applications began with laboratory instrument software and managing its data. Jonathan was enticed by the advent of object-oriented design to develop personal banking software. Banking soon turned to the internet, and enterprise applications took off. Java exploded onto the scene, and since then he’s inhabited that ecosystem. At 454 Life Sciences and Roche Diagnostics, Jonathan returned to laboratory software and leveraged Java-based state machines and enterprise services to manage the terabytes of data flowing out of DNA sequencing instruments. Then as a hands-on architect at Thermo Fisher Scientific, he applied the advantages of microservices, containers, and Kubernetes to the company’s laboratory management platform. Jonathan enjoys comparing and sharing his adventures with peers—particularly ways to modernize application architectures while adhering to the fundamentals of high modularity and low coupling.


The timeframes are only estimates and may vary according to how the class is progressing

WEEK 1 — Meshing and Observability

Introduction, orientation and recap (10 minutes)

Meshing (30 minutes)

  • Why make your life more complicated
  • What a mesh provides and what it costs
  • Deployment models
  • Architecture
  • Istio vs Conduit
  • Security
  • Traffic routing
  • Traffic policies
  • Observability

Meshing Demonstration (20 minutes)

  • Istio
  • Observing with Kiali
  • Break (10 minutes)

Observability (30 minutes)

  • Tactics on Day-2
  • Logging, Tracing, Metrics
  • Metrics-server and metrics API
  • Time series databases - Prometheus
  • Chaos engineering
  • Runtime security scanning

Logging with EFK (15 minutes)

Tracing (10 minutes)

  • OpenTracing, Zipkin, Jaeger tracing

Metrics (20 minutes)

  • Exposing metrics
  • Prometheus
  • Grafana
  • Alert manager

Dashboards (15 minutes)

  • Weaveworks
  • Commercial options

Chaos (15 minutes)

  • Embracing antifragility
  • Types of chaos
  • Kube Monkey, ChaosKube, KubeInvaders
  • Q&A (15 minutes)

WEEK 2 — Operators and Serverless

Introduction, orientation and recap (10 minutes)

Operator Pattern (30 minutes)

  • An architecture to extending Kubernetes
  • Custom Resource Definitions
  • Controllers and reconciliation loops
  • Role-based Access Control (BRAC)
  • Using public operators, operatorhub.io
  • Developer frameworks (comparisons)
  • Redhat - Operator framework
  • Google - Kubebuild
  • Google - Metacontroller
  • D2IQ - Kudo

Usage of etcd operator (Red Hat) (10 minutes)

  • Break (5 minutes)

Creating a memcached Ansible Operator (Red Hat) (20 minutes)

Memcached operator with Kudo (15 minutes)

  • Break (5 minutes)

Serverless (30 minutes)

  • Architecture and the rise of better tooling and abstractions
  • Serverless relationship with functions
  • Abstracting away: Building, Running and Eventing
  • Autoscaling, resilience, and resource management
  • Serverless.com
  • CNCF serverless section

Kubeless (15 minutes)

  • Break (5 minutes)

OpenFaaS (15 minutes)

Knative (15 minutes)

  • Native framework for serverless
  • Kaniko
  • Q&A (15 minutes)

WEEK 3 — CI/CD Pipelines on Kubernetes

Introduction, orientation and recap (10 minutes)

  • Continuous everything (30 minutes)
  • Significance of DevOps
  • Organizing teams around distributed computing
  • Using Kubernetes internally for CI/CD
  • CNCF and Continuous Delivery Foundation
  • Deployment vs delivery and delivery models

Tekton pipelines (15 minutes)

  • Declarative pipelines
  • Knative and Kaniko
  • Relationship with Jenkins X and others
  • Using Tekton (15 minutes)
  • Break (5 minutes)

Spinnaker (20 minutes)

  • Push delivery
  • Weaveworks Flagger (15 minutes)
  • Progressive delivery
  • Registries (5 minutes)
  • Storing and managing containers and charts
  • Security scanning
  • Public and private registry solutions
  • Harbor (15 minutes)
  • Install and usage
  • Clair security scanner
  • Break (5 minutes)

Sonarqube (15 minutes) - Static code analysis - Developer Workflows (15 minutes) - Telepresence - Draft - Squash

Administration APIs and Tools (10 minutes)

  • Kubernetes cluster installers - Cloud, Kubeadm, Terraform, Ansible
  • Infrastructure Languages: Metaparticle, Ballerina, and Pulumi
  • KubeAdm and KOPS
  • ChatOps

Take it from here (10 minutes)

  • Build vs Buy - KaaS, Security, Observability, Storage, Services
  • CNCF certifications
  • Contributing to open source
  • Books, podcasts, conference and other places to learn and contribute

Q&A (15 minutes)