Platform Engineering Bootcamp

CECG is a growing consultancy specialised in solving high-impact problems for our clients. We focus on the hardest infrastructure and software challenges that organisations face. Often working on projects that have failed several times before. Our people have learnt their skills, insights and pragmatism through battle hardened real-world experience in the largest companies in the world.

Module: Continuous Delivery - Fast Feedback

What should you understand at the end of the module?

  • Consolidated Path to Production a.k.a Paved Paths
  • Microservice structure Continuous Delivery
    • Service Encapsulation & Trunk Based Development
    • Testing strategies
  • Basic intro to Containers and Kubernetes

What should you be by the end of the module?

Build a service in Java with the Spring Boot framework or with GoLang and the gin web framework.

  • Test it: unit tests, stubbed functional tests, stubbed non-functional tests
  • Package it with Docker
  • Deploy it to Kubernetes

Module: Continuous Delivery - Extended Testing and Promotion

What should you understand at the end of the module?

  • The later stages of a mature Path to Production
    • Promotion: Gates, steps
    • Extended testing
    • Promotion based on time in environments, alerts, monitoring etc
  • Monitoring and alerting
    • Metrics, aggregated logs, tracing
    • The four golden metrics
    • Three pillars of observability
  • Grafana, prometheus, and alert manager
  • Monitoring as code
  • Right sizing for migration to Cloud
    • Vertical scaling + resource limits
    • Horizontal scaling
  • NFT test types
    • Smoke
    • Soak
    • Peak load
    • Resiliency

What should you be by the end of the module?

  • Install prometheus, grafana, and alert manager to minikube
  • Add metrics to your applications and use them to:
    • Analyse performance issues
  • Defining dashboards, alerts in their service repo
    • Unit test alerts using Promtool
  • Write NFT tests
  • Prove linear via horizontal scalability

Module: Multi Tenant Kubernetes

What should you understand at the end of the module?

  • Kubernetes, as a user, in depth, in a multi tenanted environment
    • Deployment models: Canary, Blue Green
    • Services, Ingress, DNS
    • Configuration via ConfigMaps, Secrets
    • Multi-tenancy & Tenant boundary: namespace scoping
    • Hierarchical Namespaces
    • RBAC
    • NetworkPolicy
    • Kubernetes users / kubeconf
  • Minimising environment configuration
    • Templating configuration to minimise changes between environments
    • Service discovery
    • Secrets
  • The difference between a CECG Core Platform, and plain Kubernetes

What should you be by the end of the module?

  • How to implement Canary Deployments with Kubernetes
    • Combination of Ingress, Services & Deployments
  • Implement default deny for your services
  • Multi tenancy
    • Understand Kubernetes RBAC + service accounts + limited access
    • Namespace vs cluster scoped resources
  • Kubernetes Command line tools
    • Helm
    • Kustomize

Module: Extending Kubernetes with Golang

What should you understand at the end of the module?

  • Platform engineering benefits
    • Building features into the platform that are leveraged by many teams and applications
    • The art of defining the interface between the platform and the tenant
    • Giving the tenant teams autonomy with self-service APIs
    • Keeping the overhead low on a platform engineering team
  • How to extend Kubernetes to build Core Platform features
    • Admission Controllers
    • Operations
    • Features as custom platform services
  • The difference between a CECG Core Platform, and plain Kubernetes

What should you be by the end of the module?

  • Basic programming with GoLang
  • Implement an admission controller
  • Design an CRD and build an operator for it

Module: IaC, Cloud, and Managed Kubernetes

What should you understand at the end of the module?

  • At least one cloud provider
    • Cloud Networking, Software Defined Networking, IAM
  • The place for IaC in the infrastructure path to production
  • Methods for setting up a IaC path to production
  • Platform path to production
    • The benefits of decoupling the base infrastructure from platform services

What should you be by the end of the module?

  • Provision cloud resources with an IaC tool
    • GKE or EKS clusters
    • IAM
    • Base networking
  • Implement platform features with IaC such as
    • Platform Ingress

Module: Debugging Linux, Containers, and Kubernetes

What should you understand at the end of the module?

  • Root cause analysis in a Linux / Containers / Kubernetes environment
  • Badly designed applications
    • Not handling signals correctly: pods get killed because they didn’t gracefully shut down
  • How Cilium network policies fit in
  • Memory constraints
  • CPU constraints

What should you be by the end of the module?

  • Debug and resolve the following issues in Kubernetes
    • Kubernetes probe issues
    • Signal handling & graceful shutdown
    • Application level misconfiguration
    • Networking issues
    • Resource related issues