- Virtualization: types, why to use
- Hypervisors: types, which to choose
- Proxmox: how does it work
- Demo: how to create a VM on Proxmox
- What is a Container
- Why did Containers appear
- Containers vs Virtual Machines
- How Containers are used
- Basic Concepts
ZFS (Zettabyte file system)
- History, Advantages, Limitations
- Features: Pooled Storage, Copy-on-write, Snapshots
ZFS Features
- Data integrity verification and automatic repair
- RAID handling
- Deduplication, Compression
Demo
- Some Tools (LXC, Docker, Kubernetes, Podman)
- Managing images and containers
- Demo: run PostgreSQL in a container, connect via psql from host
- LVM Disk resize
- Setting access via SSH
- Backup and Restore
- Dockerfile instructions
- Image parameterization
- Example 1: Simple Spring Boot application in a container with multi-stage build
- Example 2: pgAdmin in a container
- Multistage builds
- Example 1: Simple Spring Boot application improved
- Example 2: Dockerfile of pytorch
- Example 3: Python dependencies in a separate image parameterized by hash
- Example 4: CMD vs ENTRYPOINT
- Example 5: Isolation of containers by user-defined network
- Example 6: Put ca-certificates into base image, parameterize the image by certificates hash
- LVM extend with additional PV
- Alternative to resize2fs for XFS
- Different Storage Types
- systemd: how to create your own service
- Timers for fstrim
- SSH ciphers
- Cloud-Init
- Proxmox Command Line
- Ansible
- Terraform
- Hosts
- IP Address, Network, Repeater, Hub, Bridge, Switch, Router
- OSI and TCP/IP model
- How packets move through a network
- Protocols
Kubernetes deployment types
-
in the cloud (EKS, AKS, GKE)
-
prod-like on-prem / on bare metal (k0s, k3s, rke, rke2, kubespray, kubeadm, etc.)
-
local (k3s, k3d, Kind, MicroK8S, Minikube, Docker Desktop, Rancher Desktop)
-
Kubernetes development tools (k3d, kubectl + krew, vscode + plugin)
-
Demo: managing clusters, contexts, namespaces. Running an app in a pod.
- Practice (nmtui, nmcli, arp, ip route)
- DNS (Root level domain, Top level domains, Second level domains, Recursive and Caching, Forwarding)
- TLS/SSL (what is, how protects data, CA)
- Hashing, Data integrity
- Encryption (asymmetric, symmetric; algorithms, public and private keys)
- How SSL/TLS uses Cryptography
- Kubernetes development tools (code-server, k9s, openlens)
- Display Kubernetes current context in zsh command separator
Deployment variants of Spring Boot Application with PostgerSQL database
- Example 1. Single pod with sidecar, ephemeral volume
- Example 2. Two pods, database in ephemeral volume
- Https, Certificates (DSA,CA, Cipher Suites, HSTS, SSL certificates)
- Demo: SSL termination with self-signed certificate
- Demo: SSL termination with self-signed certificate (ending)
- Demo: configure in opnsense plugin nginx for load balancing
- ACME protocol
- Demo: SSL termination with public certificate, using ACME and Route53
Deployment variants of Spring Boot Application with PostgerSQL database
- Example 3. Added services and persistence via PVC
- Example 4. ReplicaSets, Readiness and Liveness probes
Deployment variants of Spring Boot Application with PostgerSQL database
- Example 5. Deployment, StatefulSet, ConfigMap, Secret
Backup jobs configuration variants
- Example 6. Simple job with Minio S3 storage
Backup jobs configuration variants
- Example 7a. CronJob with Localstack AWS S3 Bucket
- Example 7b. CronJob with real AWS S3 Bucket
Installing useful tools in Kubernetes
- Example 8. Installing pgAdmin
Using already existing Helm charts and operators
- Example 9. Installing PostgreSQL with metrics view via Grafana
- Network virtualization, VLANs
- Example: Proxmox cluster with three VLANs for VMs and separate VLAN for Proxmox nodes
- Example: Proxmox cluster with three VLANs for VMs and separate VLAN for Proxmox nodes (ending)
- SDN VLAN setup
- Cloud-init scripts
- resolv.conf & netplan - correct network configuration setup on ubuntu
- Cloud-Init regenerate image & CLI
- SSH StrictHostKeyChecking
- Customize VMs via libguestfs-tools: virt-customize
- Example: Hyper-V with three VLANs for VMs and separate VLAN for Proxmox nodes
- Operators and Custom Resource Definitions
- Adding nodes to k3d cluster
- Step 1 of Example 10. Installing scalable PostgreSQL via Kubernetes operator
- CRDs and Custom Resources
- PostgreSQL High Availability
- How to create a Helm Chart from manifests
- Steps from 2 to 7 of Example 10. Installing scalable PostgreSQL via Kubernetes operator
- Testing Helm chart
- Helm templates, template functions and pipelines
- Packaging Helm chart with versioning, upgrading Helm release to a new revision, rolling back to an old revision
- Installing PGAdmin4 via Helm chart
- Steps from 7 to 12 of Example 10. Installing scalable PostgreSQL via Kubernetes operator
- Create in Proxmox new VM, install OPNsense and convert to template
- Clone vm from opnsense-template, configuring OPNsense - adding firewall rules and setup nginx - Load Balancer
- Create in Proxmox node vms via Alliedium devops-course-2022 scripts
- Create manual in Proxmox node vm using cloud-init image
- Add IP route on router or workstation for 10.10.0.0 subnet
- Install k3sup on k3s-config VM
- Install k3s cluster via k3sup, in OpenLens open k3s cluster
- Add Longhorn repository and install longhorn chart in k3s cluster
- Install WSL, chocolatey on Windows, kubectl, krew, ns, ctx, konfig, using konfig
- Kubernetes performance testing using kubernetes-iperf3
- Automatic upgrades/downgrades kubernetes cluster via k3s-Automated Upgrades
- Creating in Hyper-V vms via Hyper-V-Automation scripts, configure OPNsense network interface port as trunk
- SLA,
- High Availability
- WAF
- Certificates
- Kubernetes garbage collection
- K8s distributions
- Hardening
- Load balancers and Ingress
- Cloud Native Ecosystem
- Persistent Storage
- Backups
- Private artifacts repositories
- Autoscaling
- Install ansible
- Create inventory: hosts, groups, variables
- Commands: ansible-inventory, ansible, ansible-playbook
- Ansible tasks, gathering facts
- Ansible modules: ping, debug, apt, pacman, command
- Understanding privilege escalation: become
- Ansible conditionals
- Create training environment of several VMs within Proxmox node, both using cloud-init (Ubuntu, Arch)
- Create training environment of several VMs within Proxmox node, both using cloud-init (Ubuntu, Arch) & manually (Manjaro)
- Configuring and establishing SSH connection
- Installing packages depending on host type: package, cloud_init_data_facts and stat modules
- Debugger for ansible playbooks
- Registering new variables in playbook, return values
- Variables in inventory, templates in tasks, hostname module
- Regular expressions, replace module
- Learned about Nexus analogues (Amazon ECR, Harbor, Chartmuseum, local Arch linux repo)
- Covered Installation methods: via package manager, manual, docker, kubernetes
- Backup and restore of Nexus instance
- Post-install steps: Nexus directories, anonymous access & local authorizing realm, setup and applying cleanup policies, Cleanup tasks setup
- Using group_vars and host_vars, variables' precedence
- Asking for sudo password: -K/--ask-sudo-pass argument for ansible-playbook command
- wait_for_connection module
- Command module
- Why do we need qemu-guest-agent
- What is snapd and why we get rid of it
- What is a role in Ansible
- Installing a role from ansible-galaxy (GitHub, GitLab)
- Installing multiple roles using requirements.yml
- Using roles in playbooks
- What is an NTP server
- Converting bash scripts into ansible playbooks
- Editing sudoers
- Package module
- What is yay
- How to run Nexus in as Docker container without docker-compose
- Which scheduled tasks should be setup in Nexus initially
- How to setup properly Docker Proxy repository in Nexus
- What does HTTP connector means for Docker repositories in Nexus
- How to setup properly Docker Hosted repository in Nexus and what it is used for
- How to setup properly Docker Group repository in Nexus and what it is used for
- How to setup Docker tool in local system to interact with Nexus
- How to create user roles and assign them to users in order to give limited access for contributing into particular Nexus repositories
- How to Pull from Docker-group repository and Push to Docker-hosted repository in Nexus with examples
- How to check Nexus logs (if it's up in Docker)
- How to inspect and cleanup system via ncdu
- How to setup Kubernetes cluster to refer to Nexus docker images (k3s configuration, k3d configuration)
- How to interact with containerd images via crictl
- How to setup properly Helm Proxy repository in Nexus and what it is used for
- How to setup properly Helm Hosted repository in Nexus and what it is used for
- How to use nelm-nexus-push addon for Nexus to push Helm charts avoiding curl
- How to setup Maven Proxy, Maven Hosted and Maven Group repositories in Nexus
- How to configure settings.xml and pom.xml so that Maven can refer to Nexus repositories
- How to configure Gradle to use Nexus Maven repositories
- How to setup Conda Proxy repository in Nexus
- What is Conda environments, how to use them
- How to configure Conda-based tools (e.g. Micromamaba) to use Nexus Prosy repository
- How to setup npm Proxy, npm Hosted and npm Group repositories in Nexus
- How to configure npm client to use Nexus - pull and push examples
- How to workaround npm audit calls
- How to setup Pypi Proxy, Pypi Hosted and npm Pypi repositories in Nexus
- How to configure pip (and other tools e.g. twine) to use Nexus
- How to package Python project before pushing
- What is Realworld projects
- How to setup Apt Proxy and Apt Hosted repositories in Nexus
- How to configure client side to use Apt repositories from Nexus
- How to add Ansible format to list of supported formats in Nexus
- How to add S3 blobstore to Nexus