Home / Programs / Container orchestration

Container orchestration program

Container orchestration

Run production workloads on Kubernetes or OpenShift. Go beyond kubectl cheat sheets — learn scheduling, networking, security, and day-two operations with CKA-oriented practice.

Weekends only 7 weekends · 42 hours CKA / CKAD prep

What you will learn

  • Explain how Kubernetes control plane and worker nodes cooperate to run workloads
  • Deploy, expose, scale, and troubleshoot stateless and stateful applications
  • Implement network policies, ingress, storage, and RBAC for multi-tenant clusters
  • Operate clusters day-two: upgrades, node maintenance, Helm, and incident debugging
  • Navigate OpenShift's enterprise features: Routes, BuildConfigs, SCCs, and Operators
  • Practice for CKA, CKAD, and CKS exams with realistic lab scenarios

Certification alignment

Hands-on drills mirror the CNCF exam environment. Weekend 6–7 include timed challenges similar to CKA/CKAD format.

CKA CKAD CKS Red Hat EX280 (OpenShift)

Kubernetes curriculum

Weekend 1

Cluster architecture & first workloads

Before you run apps, understand what you're running on. API server, etcd, scheduler, kubelet, CRI, CNI, CSI — how they connect when you apply a manifest.

  • Control plane vs worker responsibilities
  • Pods as the atomic unit — lifecycle, restart policies, multi-container patterns
  • kubectl imperatives vs declarative workflows
  • Local clusters (kind/minikube) vs managed (EKS, GKE, AKS) trade-offs
LabSpin up a cluster; deploy pods; inspect events and describe resources under failure.

Weekend 2

Deployments, scaling & workload types

ReplicaSets, Deployments, rolling updates and rollbacks. StatefulSets for stable identity, Jobs and CronJobs for batch work.

  • Deployment strategies: rolling, recreate, and blue/green concepts
  • Horizontal Pod Autoscaler — metrics server and custom metrics intro
  • StatefulSets, headless services, and persistent identity
  • Resource requests and limits — scheduling implications
LabRolling update with rollback; deploy a StatefulSet with ordered pod startup.

Weekend 3

Networking & ingress

ClusterIP, NodePort, LoadBalancer, Ingress controllers, CoreDNS, and NetworkPolicies — how traffic finds your pods and how to lock it down.

  • Service discovery and kube-proxy modes
  • Ingress controllers (nginx, traefik) and TLS termination
  • NetworkPolicy — default deny and explicit allow rules
  • Debugging connectivity: dns lookup, port-forward, ephemeral debug containers
LabExpose a web app via Ingress; block east-west traffic with NetworkPolicy.

Weekend 4

Configuration, secrets & health

ConfigMaps and Secrets, liveness/readiness/startup probes, and the difference between a crashing container and an unready pod.

  • Mounting config as files vs environment variables
  • Secrets management — sealed secrets and external secret stores intro
  • Probe design that avoids false positives during deploys
  • Init containers and sidecar patterns
LabConfigure probes that survive rolling deploys; inject config without rebuilding images.

Weekend 5

Storage & RBAC security

Persistent volumes, storage classes, dynamic provisioning, backup thinking. Then RBAC, service accounts, and pod security standards.

  • PV, PVC, StorageClass, and reclaim policies
  • ReadWriteOnce vs ReadWriteMany — real constraints
  • Roles, ClusterRoles, bindings, and least privilege for apps
  • Pod Security Admission / legacy PSP concepts
LabDynamic PVC for a database; namespace-scoped RBAC for a team.

Weekend 6

Helm, troubleshooting & cluster operations

Package apps with Helm. Drain and cordon nodes. Read logs at scale. Know what breaks during upgrades.

  • Helm charts, values, and release lifecycle
  • Node maintenance without dropping traffic
  • Common failure modes: CrashLoopBackOff, ImagePullBackOff, pending pods
  • etcd backup awareness (managed vs self-hosted)
LabDeploy with Helm; simulate node failure and recovery.

Weekend 7

Capstone & CKA exam prep

Multi-tier app with ingress, persistence, and RBAC. Timed CKA-style tasks under exam conditions. Study plan until exam day.

  • Full stack deploy from scratch in under 90 minutes
  • Exam tips: kubectl speed, imperative shortcuts, documentation navigation
  • CKS security topics overview for follow-on study
CapstoneProduction-style microservice with runbook and failure injection exercise.

OpenShift curriculum

Enterprise Kubernetes with Red Hat OpenShift — available as alternate weekend track or extension modules.

OpenShift weekends 1–4

Platform, builds, routes & security

OpenShift layers developer UX and enterprise guardrails on upstream Kubernetes. Projects, Routes, ImageStreams, BuildConfigs, SCCs, and the developer console.

  • Developer vs admin perspectives in the web console
  • Source-to-image and Dockerfile builds triggered from Git
  • Routes with TLS edge termination and split routing
  • Security Context Constraints — why your pod spec works differently here
  • OAuth integration and group-based RBAC
LabBuild from Git → ImageStream → Deployment → Route with TLS.

OpenShift weekends 5–7

Operators, registry & multi-cluster intro

Day-two automation with Operators and OLM. Integrated registry workflows. Fleet management concepts with ACM.

  • Install and manage an Operator via OLM
  • Image promotion between namespaces and clusters
  • Backup patterns for etcd and application data
  • Policy-driven governance across clusters (overview)
CapstoneEnterprise app on OpenShift with documented differences from vanilla K8s ops.

Enroll in Container orchestration

Submit your details for this program — we will confirm batch dates and next steps.

Enrollment form

Step 1: Enter email and click Send code.

Step 2: Check inbox and spam, then enter the code.