LI530: Kubernetes Advanced

Training: Linux/Unix

Experienced Linux/Unix administrators with solid Kubernetes knowledge deepen their expertise in advanced concepts. The course covers container deployments, Helm templates, and the creation of custom charts. It addresses access controls, authentication, PodSecurityPolicy, NetworkPolicies, as well as image security, CVE scanning, and container signing. The training is complemented by service mesh with Istio and Kubernetes operators.

Hybrid training Hybrid training

Start: 2025-11-03 | 10:00 am

End: 2025-11-07 | 01:30 pm

Location: Nürnberg

Price: 2.990,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-03-23 | 10:00 am

End: 2026-03-27 | 01:30 pm

Location: Nürnberg

Price: 2.990,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-06-08 | 10:00 am

End: 2026-06-12 | 01:30 pm

Location: Nürnberg

Price: 2.990,00 € plus VAT.

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Deployment of applications in containers
    • Overview of deployment and template engines
    • Helm, charts and repo
    • Structure of Helm charts

  • Access permissions to the Kubernetes API
    • Overview:
      • Service account tokens (JWT)
      • OpenID connect tokens (JWT)
      • Webhook token authentication
    • Examples and exercises

  • Security settings for the Kubernetes cluster
    • Securing Kubernetes server components
    • Policies in Kubernetes cluster
      • PodSecurePolicy
      • NetworkPolicies
      • Webhook Admission Controller
      • Examples and exercises
    • Image & container security
      • Container image CVE scanning
      • Container image signing

  • ServiceMesh
    • What is a ServiceMesh?
    • Overview
    • ServiceMesh using Istio as an example

  • Kubernetes operators
    • Functionality of operators in Kubernetes
    • Creating an operator

Objectives:

After completion of the course LI530 Kubernetes Advanced, participants will be able to effectively implement the presented concepts, particularly the security concept and the ServiceMesh technology built upon it, in their own projects.

Target audience:

The seminar LI530 Kubernetes Advanced is primarily targeted at Linux/Unix administrators.

Prerequisites:

To be able to follow the course content and learning pace of the workshop LI530 Kubernetes Advanced effectively, solid prior knowledge in the areas of Linux and Kubernetes is required.

We recommend prior attendance of the following courses:

Description:

The workshop LI530 Kubernetes Advanced targets experienced Linux/Unix administrators with solid knowledge in Kubernetes and Linux. It provides in-depth insights into advanced Kubernetes topics such as application deployment in containers, deployment and template engines with Helm, as well as the setup and management of Helm charts. A focus lies on security: participants learn access controls to the Kubernetes API, various authentication methods and cluster security policies like PodSecurityPolicy and NetworkPolicies and apply them.

The seminar is complemented by practice-oriented exercises on image security, CVE scanning and container signing. Additionally, participants receive a comprehensive overview of ServiceMesh technologies with focus on Istio and the functionality as well as creation of Kubernetes operators. After completion, they are enabled to deploy these concepts securely and efficiently in projects.

We recommend as advanced courses:
- LI560 Kubernetes Security
- LI590 Kubernetes Cluster Management with SUSE™ Rancher
check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

2.990,00 € plus VAT.

(including lunch & drinks)

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.