Istio Service Mesh course

Course description:

This Istio Service Mesh introduction course covers using a service mesh (Istio) to control network traffic between microservices deployed on Kubernetes.
In this course you will learn how to control the flow of traffic and API calls between services, test various failure scenarios, automatically secure your services through managed authentication, authorization and encryption of communication between services, apply polices and ensure that they’re enforced, and observe everything with rich automatic tracing, monitoring and logging of all your services.

Target audience:​

• People familiar with containerized applications and container orchestration technologies, wishing to improve the security of their environment
• DevOps engineers
• Linux system administrators
• Systems design engineers
• Architects

Prerequisites for Istio Service Mesh course:

• Strong grasp of container basics (recommended training: Docker Fundamentals course)
• Strong grasp of Kubernetes terminology and Kubernetes cluster operation fundamentals (recommended training: Kubernetes Fundamentals course)

Nice to have:

• Working knowledge of the following Kubernetes topics: Role-Based Access Control (RBAC), resource control, logging and monitoring (recommended training: Kubernetes Advanced course)

Module 1: K8s-Network Policy
– Why use network policies
– What is MetalLB and how it works
– Configuring Layer2 and Layer3 MetalLB
– Additional MetalLB configuration samples
Hands-on Lab: Network Policies

Module 2: Istio – Introduction
– What is a service mash
-What is Istio
-Istio architecture and components
-Setting up Istio
Hands-on Lab: Istio – Introduction

Module 3: Istio – Advanced Routing
– Why route traffic?
– Traffic shifting
– Request routing
– External Resources
Hands-on Lab: Istio – Traffic routing

Module 4: Istio – Fault Injection
– Controlling Ingress traffic
– Fault injection
– Circuit breaking
– Traffic mirroring
Hands-on Lab: Istio – Fault injection

Module 5: Istio – mTLS
– Securing pod communication with Istio
– mTLS
– Authorization policies
– Policy target
– Authenticated and unauthenticated identity
Hands-on Lab: Istio – mTLS and Authorization

Module 6: Istio – Observability
– Viewing the mesh with Kiali
– Kiali features
– Generating a service graph
– Tracing Calls with Jaeger
– Observability (Metrics, Distributed Tracers, Access Logs)
Hands-on Lab: Istio – Observability

Module 7: Open Policy Agent
– How OPA works
– OPA and Kubernetes
– Integrating OPA with K8s
– Rego Expressions
Hands-on Lab: OPA Gatekeeper

Module 8: Cert Manager
– What Cert Manager is?
– Cert Manager overview
– Cert Manager concepts
– Installing Cert Manger
– Cert Manager walkthrough
Hands-on Lab: Cert Manager

Note:​​

Every student has assigned to him his own virtual lab environment setup.

Additional details:

To attend this course, you need to have:
• PC/Laptop with internet access
• Updated web browser

Istio Service Mesh course

840
  • DURATION: 2 days
  • SKILL LEVEL: Specialized
  • LECTURES: 8 lessons

Register
  • PRICE: 840 €
  • DURATION: 2 days
  • SKILL LEVEL: Specialized
  • LECTURES: 8 lessons

Course description:

This Istio Service Mesh introduction course covers using a service mesh (Istio) to control network traffic between microservices deployed on Kubernetes.
In this course you will learn how to control the flow of traffic and API calls between services, test various failure scenarios, automatically secure your services through managed authentication, authorization and encryption of communication between services, apply polices and ensure that they’re enforced, and observe everything with rich automatic tracing, monitoring and logging of all your services.

Target audience:​

• People familiar with containerized applications and container orchestration technologies, wishing to improve the security of their environment
• DevOps engineers
• Linux system administrators
• Systems design engineers
• Architects

Prerequisites for Istio Service Mesh course:

• Strong grasp of container basics (recommended training: Docker Fundamentals course)
• Strong grasp of Kubernetes terminology and Kubernetes cluster operation fundamentals (recommended training: Kubernetes Fundamentals course)

Nice to have:

• Working knowledge of the following Kubernetes topics: Role-Based Access Control (RBAC), resource control, logging and monitoring (recommended training: Kubernetes Advanced course)

Module 1: K8s-Network Policy
– Why use network policies
– What is MetalLB and how it works
– Configuring Layer2 and Layer3 MetalLB
– Additional MetalLB configuration samples
Hands-on Lab: Network Policies

Module 2: Istio – Introduction
– What is a service mash
-What is Istio
-Istio architecture and components
-Setting up Istio
Hands-on Lab: Istio – Introduction

Module 3: Istio – Advanced Routing
– Why route traffic?
– Traffic shifting
– Request routing
– External Resources
Hands-on Lab: Istio – Traffic routing

Module 4: Istio – Fault Injection
– Controlling Ingress traffic
– Fault injection
– Circuit breaking
– Traffic mirroring
Hands-on Lab: Istio – Fault injection

Module 5: Istio – mTLS
– Securing pod communication with Istio
– mTLS
– Authorization policies
– Policy target
– Authenticated and unauthenticated identity
Hands-on Lab: Istio – mTLS and Authorization

Module 6: Istio – Observability
– Viewing the mesh with Kiali
– Kiali features
– Generating a service graph
– Tracing Calls with Jaeger
– Observability (Metrics, Distributed Tracers, Access Logs)
Hands-on Lab: Istio – Observability

Module 7: Open Policy Agent
– How OPA works
– OPA and Kubernetes
– Integrating OPA with K8s
– Rego Expressions
Hands-on Lab: OPA Gatekeeper

Module 8: Cert Manager
– What Cert Manager is?
– Cert Manager overview
– Cert Manager concepts
– Installing Cert Manger
– Cert Manager walkthrough
Hands-on Lab: Cert Manager

Note:​​

Every student has assigned to him his own virtual lab environment setup.

Additional details:

To attend this course, you need to have:
• PC/Laptop with internet access
• Updated web browser

Register

We're committed to your privacy. DevOps Artisan a Bittnet project uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Personal Data Protection Policy.
Loading...