Cloud Infra and DevOps Course

Contents

Cloud Infra and DevOps

Freshers Training Curriculum
August 2021

LTI Internal Use 2

 Cloud Infra and DevOps Course
Contents

High Level Agenda

Sr. No Topics Days

1 Cloud Fundamentals - AWS 1
2 AWS Administration 4
3 Azure Administration 5
4 DevOps Overview 8
5 Terraform in AWS & Azure 4
6 Certified Kubernetes Administrator 2
7 Running Containers on Amazon Elastic Kubernetes 2
Service (Amazon EKS)
8 Running Containers on Azure Kubernetes Services 2
(AKS)
9 Google Cloud Platform 2
Total Days 30 Days

1 Cloud Fundamentals - AWS 1 Day

Introduction Core AWS Services

o Learning Objectives o Core AWS architectural components

o Why Cloud Services? o Regions, Availability zones, Local Zones,
o Infrastructure-as-a-Service (IaaS), Wavelength, Edge Locations
1.1 Container-as-a-Service (CaaS), Platform- 1.2 o Core AWS Services and Products
as-a-Service (PaaS), Function-as-a-Service o AWS Solutions
(FaaS) and Software-as-a-Service (SaaS) o AWS management tools
o Public, Private, and Hybrid cloud models
o Understand general cloud computing
concepts

Security, Privacy, Compliance and Trust AWS Pricing, SLA, and Lifecycle

o Access AWS services (Portal, CLI and o AWS account – AWS Organizations,
SDKs) Management account, member account
o Securing network connectivity in AWS o Planning and managing costs
1.3 o Core AWS Identity services 1.4 o Service lifecycle in AWS
o Security tools and features o Understand pricing and service lifecycle
o Shared Service responsibility Model models available with AWS
o Monitoring, reporting and other
management tools in AWS
o Privacy, Compliance and Data Protection
standards in AWS

2 AWS Administration 4 Days

LTI Internal Use 3

Cloud Infra and DevOps Course
Contents

Identity and Access Management AWS IAM

o Root account and its best practices o Implement and manage users and groups.
2.1 Lab
o AWS IAM o Attach policies to users and groups
o Users and Groups o Creating and managing IAM roles
o IAM Roles – Cross account, service to o Policy simulator
service, federation

LTI Internal Use 4

Cloud Infra and DevOps Course
Contents

o IAM Policies

Governance and Compliance Manage Governance via AWS SCPs, OUs

o Organization unit – Core OUs and Custom o Implement and manage AWS
2.2 OUs Lab Organizations
o Overview about control tower o Implement AWS SCPs, including custom
o Service control policies (SCPs) and its policies.
uses o Use OUs to group accounts

AWS Administration AWS resources by Using the AWS Portal,

AWS CloudFormation Templates, AWS
o AWS Portal PowerShell, AWS CLI
o AWS Cloud Shell
2.3 o AWS CLI and PowerShell Lab o Leverage AWS services to organize
o AWS CloudFormation Templates resources.
o Use the AWS Portal, CLI and Cloud Shell
o Use AWS CloudFormation Templates to
deploy resources.

Networking Implement Networking

o Virtual Private Cloud (VPC) o Implement VPC and subnets.

o IP Addressing -CIDR allowed ranges – o Configure public and private subnets
2.4 Primary and Secondary Lab o Configure ACLs and security groups.
o Security groups and Network ACLs o Configure AWS Firewall.
o Internet gateways
o NAT Gateways and NAT instances
o Route tables

AWS EC2 – Elastic Compute cloud Manage EC2

o EC2 Instance types and families o Plan for EC2 implementations

o Amazon Machine Images (AMI) o Create EC2
o ENI – Elastic network interface o Use user data
2.5 o Elastic Block Store – Volumes and types Lab
o User data
o EC2 Lifecycle – Shutdown and
termination
o Public and Elastic IPs
o Autoscaling groups

Network Connectivity Implement Connectivity

o VNet Peering o Configure VNet Peering.

2.6 o VPN Gateway Connections Lab o Configure VPN gateways.
o Direct Connect o Choose the appropriate Inter-site
o AWS Transit Gateway connectivity solution.
o Client VPN endpoints
o Service Endpoints

LTI Internal Use 5

Cloud Infra and DevOps Course
Contents

Network Traffic Management Implement Traffic Management

o AWS – Application load balancer, o Configure EC2 Autoscaling groups

2.7 network load balancer, Gateway Load Lab o Configure an AWS Application Load
balancer Balancer
o Route 53 o Configure private and public DNS zones
o CloudFront
o Health checks

AWS Storage AWS storage

o Types of Storage o Create and configure AWS storage

2.8 o S3-Object storage Lab services
o S3 Lifecycle management, tiering / ACLs o Static website hosting on S3
o Elastic file share and FSx o Upload files to S3
o Elastic Block store – Disk types o Create and map file shares.

Containers and Serverless Computing Implement Web Apps, Elastic Kubernetes

Service
o AWS Elastic beanstalk
o Elastic Container Services overview o Create a web app on beanstalk
2.9 o Elastic container registry Lab
o Implement Elastic Kubernetes Service
o Elastic Kubernetes Service -Pods, o Create lambda functions
networking
o AWS Lambda-Serverless computing
o Overview of AWS Farqgate

Migration and Data Protection Implement Data Protection

2.10 o AWS Backups and snapshots Lab o Configure AWS Backups
o AWS Application Migration service or
CloudEndure

Database services Implement Monitoring

o AWS RDS – MySQL, MSSQL, Oracle and o Create and configure AWS RDS - MySQL
2.11 PostgreSQL Lab
o Read replicas and automated backups
o AWS Dynamo DB
o Overview about other database offerings
- Aurora

Monitoring and other services Implement Monitoring

o AWS CloudWatch o Use AWS CloudWatch and create

o Log groups dashboards
2.12 o AWS CloudTrail Lab o Create AWS alerts.
o Network flow logs
o AWS Cost monitoring
o EC2 Instance purchasing models
o SNS, SQS and SES

LTI Internal Use 6

Cloud Infra and DevOps Course
Contents

Assessment - 1

3 Azure Administration 5 Days

Identity Manage Azure Active Directory Identities

3.1 o Azure Active Directory Lab o Secure and manage identities with Azure
o Users and Groups Active Directory.
o Implement and manage users and groups.

Governance and Compliance Manage Governance via Azure Policy,

Subscriptions and RBAC
o Subscriptions and Accounts
3.2 o Azure Policy Lab o Implement and manage Azure
o Role-based Access Control (RBAC) subscriptions and accounts.
o Implement Azure Policy, including custom
policies.
o Use RBAC to assign permissions.

Azure Administration Manage Azure resources by Using the

Azure Portal, ARM Templates, Azure
o Azure Resource Manager PowerShell, Azure CLI
o Azure Portal and Cloud Shell
3.3 o Azure PowerShell and CLI Lab o Leverage Azure Resource Manager to
o ARM Templates organize resources.
o Use the Azure Portal and Cloud Shell.
o Use Azure PowerShell and CLI.
o Use ARM Templates to deploy resources.

Virtual Networking & Security Implement Virtual Networking, Azure

Security Centre & Key Vault
o Virtual Networks
o IP Addressing o Implement virtual networks and subnets.
o Network Security groups o Configure public and private IP addressing.
o Azure Firewall o Configure network security groups.
o Azure Key Vault o Configure Azure Firewall.
3.4 o Azure Security Center Lab o Implement Azure Key Vault including
o Azure DNS certificates, keys, and secretes.
Implementing Secure Data by setting up
Always Encrypted.
o Implement Azure Security Center
including policies, recommendations, and
just in time virtual machine access.
o Configure private and public DNS zones.

Intersite Connectivity Implement Intersite Connectivity

3.5 o VNet Peering Lab o Configure VNet Peering.
o VPN Gateway Connections o Configure VPN gateways.
o ExpressRoute and Virtual WAN

LTI Internal Use 7

Cloud Infra and DevOps Course
Contents

o Choose the appropriate Intersite

connectivity solution.

Network Traffic Management Implement Traffic Management

3.6 o Network Routing and Endpoints Lab o Configure network routing including
o Azure Load Balancer custom routes and service endpoints.
o Azure Application Gateway o Configure an Azure Load Balancer.
o Configure and Azure Application Gateway.

Azure Storage Manage Azure storage

o Types of Storage Accounts o Create Azure storage accounts.

3.7 o Blob Storage Lab o Configure blob containers.
o Storage Security o Secure Azure storage.
o Azure Files and File Sync o Configure Azure files shares and file sync.
o Managing Storage o Manage storage with tools such as Storage
Explorer.

Azure Virtual Machines Manage virtual machines

o Virtual Machine Planning o Plan for virtual machine implementations.

3.8 o Creating Virtual Machines Lab o Create virtual machines.
o Virtual Machine Availability o Configure virtual machine availability,
o Virtual Machine Extensions including scale sets.
o Use virtual machine extensions.

Serverless Computing Implement Web Apps, Azure Container

Instances, Azure Kubernetes Service
o Azure App Service Plans
3.9 o Azure App Service Lab o Create an app service plan.
o Container Services o Create a web app.
o Azure Kubernetes Service o Implement Azure Container Instances.
o Implement Azure Kubernetes Service.

Data Protection Implement Data Protection

3.10 Lab
o File and Folder Backups o Backup and restore file and folders.
o Virtual Machine Backups o Backup and restore virtual machines.

Monitoring Implement Monitoring

3.11 o Azure Monitor Lab o Use Azure Monitor.

o Azure Alerts o Create Azure alerts.
o Log Analytics o Query using Log Analytics.
o Network Watcher o Use Network Watcher.

Assessment - 2

4 DevOps Overview 8 Days

LTI Internal Use 8

Cloud Infra and DevOps Course
Contents

Quiz
Introduction to DevOps (8 Hours)

o Define DevOps o Q & A session

o What is DevOps
o SDLC models, Lean, ITIL, Agile
o Why DevOps?
4.1 o DevOps Goals & Benefits
o DevOps CI/CD Process
o DevOps Tools
o Source Code Management
o Purpose of Build & Release process
o Configuration management
o Monitoring – Significance and how to
o What is DevSecOps

GIT: Version Control (8 hours) Git Hands On

o Introduction o Creating repository

o What is Git o Cloning, check-in and committing
4.2 o About Version Control System and Types Lab o Fetch pull and remote
o Difference between CVCS and DVCS o Branching
o GIT Basics o Creating the Branches, switching the
o GIT Command Line branches, merging the branches.
o Branching & Merging Strategies
o Different type of GIT based tools

Jenkins - CI/CD Orchestration (16 Hours) Jenkins hands on

o Understanding Continuous Integration Vs o Creating Jobs

Continuous Delivery Vs Continuous o Running the Jobs
4.3 Deployment Lab o Setting up the global environments for
o Introduction about Jenkins Jobs
o Jenkins Architecture o Adding and updating Plugins
o Build Cycle - Java o Disabling and deleting jobs
o Jenkins – Plugins
o Pipeline as Code – Declarative Vs Scripted

Ansible - Config Management (8 Hours) Ansible

o What Is Ansible o Creating an Ansible Home Base

o Why Ansible o Setting up Test Environment
o Basic Ansible Terminology o Creating Playbooks
4.4 o Infra as Code Lab o Jenkins integration
o Introduction to Playbooks o Trigger playbooks form Jenkins
o Playbook Structure
o Introduction to Modules
o Variables and Facts
o Ansible Configuration Hierarchy
o Ansible in the Cloud

LTI Internal Use 9

Cloud Infra and DevOps Course
Contents

Docker– Containers (8 hours) Docker

4.5 o Introduction Lab o Create different environments with

o What is a Docker Docker
o Understanding the Docker components o Build Containerized pipeline using Docker
o Platforms for Docker for Sample Web application

LTI Internal Use 10

Cloud Infra and DevOps Course
Contents

o Dockers vs. Virtualization

o Docker Architecture
o Use case of Docker

DevOps with Azure (8 Hours) Azure DevOps in Action

o Azure Pipelines o Azure Pipelines

o Azure Repos o Azure Repos
4.6 o Azure Test Plans Lab o Azure Test Plans
Azure Boards o Azure Boards
o Azure Artefacts o Azure Artefacts
o Azure Extensions Marketplace o Azure Extensions Marketplace
o Implement CI/CD in Azure DevOps o Implement CI/CD in Azure DevOps

DevOps with AWS ( 8 Hours) AWS DevOps in Action

o AWS Code commit o Create pipeline using AWS DevOps

4.7 o AWS Code pipeline Lab services
o AWS Code Build
o AWS Code star
o Implement CI/CD in AWS DevOps

5 Terraform in AWS & Azure 4 Days

Getting Started with Terraform Terraform Hands-on

5.1 o Introduction to Terraform Lab o Install Terraform

o Authentication o Install AWS and Azure CLI
o Terraform Overview o Running Basic Terraform Templates
o Running Terraform

Variables, Interpolation Lab

5.2 o Variables Lab o Use of Variables and Syntax
o Syntax o Interpolation
o Dependencies

Conditionals, Terraform State

o Conditional Blocks and Use cases

5.3 o Terraform State in S3
o AWS Resource providers
o Azure Market Place Images
o Azure Hardware Models

Iteration, Functions Lab

5.4 o Iteration Lab o Functions, using count, using for-each

o Functions, using count, using for-each o Controlling Resource Creation
o Controlling Resource Creation o Logging and Troubleshooting
o Logging and Troubleshooting

LTI Internal Use 11

Cloud Infra and DevOps Course
Contents

CloudFormation Templates Lab

o Introduction to AWS CloudFormation o Deploy AWS CloudFormation template

Templates
o Components of AWS CloudFormation
5.5 o Design and Review AWS CloudFormation Lab
templates in AWS
o AWS CloudFormation template structure
o AWS CloudFormation template - best
practices
o Automated rollbacks and IAM roles

Nested CFN stacks and Deployment Lab

5.6 o AWS template parameters Lab o Deploy nested AWS CloudFormation

o Nested AWS CloudFormation Templates Templates
o AWS template deployment modes o Automate AWS IaaS deployments
o Automate AWS PaaS deployments

Arm Templates

o Introduction to Azure ARM Templates

o Components of Azure ARM templates
5.6 o Review Azure ARM template in Azure Lab o Deploy Azure ARM template
portal
o Understanding Azure ARM template
components
o Azure ARM template structure
o Azure ARM template - best practices
o Deploy nested Azure ARM templates
Nested ARM Templates and Deployment o Deploy Azure storage account with Azure
ARM template
5.7 o Azure ARM template parameters Lab o Automate Azure IaaS deployments
o Nested Azure ARM templates o Automate Azure PaaS deployments
o Azure ARM template deployment modes o Deploy PaaS Azure ARM template
o PaaS Azure ARM template

Assessment - 3

6 Certified Kubernetes Administrator 2 Days

Cluster Architecture, Installation &

Configuration

o Manage role-based access control (RBAC)

o Use Kubeadm to install a basic cluster
6.1 o Manage a highly available Kubernetes
cluster
o Provision underlying infrastructure to
deploy a Kubernetes cluster
o Perform a version upgrade on a
Kubernetes cluster using Kubeadm
o Implement etcd backup and restore

LTI Internal Use 12

Cloud Infra and DevOps Course
Contents

Services & Networking

o Understand host networking

configuration on the cluster nodes
o Understand connectivity between Pods
o Understand ClusterIP, NodePort, Load
6.2 Balancer service types and endpoints
o Know how to use Ingress controllers and
Ingress resources
o Know how to configure and use CoreDNS
o Choose an appropriate container
network interface plugin

Workloads & Scheduling

o Understand deployments and how to
perform rolling update and rollbacks
o Use ConfigMaps and Secrets to configure
applications
o Know how to scale applications
o Understand the primitives used to create
6.3 robust, self-healing, application
deployments
o Understand how resource limits can
affect Pod scheduling
o Awareness of manifest management and
common templating tools

Storage
o Understand storage classes, persistent
volumes
o Understand volume mode, access modes
and reclaim policies for volumes
6.4 o Understand persistent volume claims
primitive
o Know how to configure applications with
persistent storage

Troubleshooting
o Evaluate cluster and node logging
o Understand how to monitor applications
o Manage container stdout & stderr logs
6.5 o Troubleshoot application failure
o Troubleshoot cluster component failure
o Troubleshoot networking

Running Containers on Amazon Elastic 2 Days

7
Kubernetes Service (Amazon EKS)

AMAZON EKS FUNDAMENTALS

7.1
o Introduction to Amazon EKS

LTI Internal Use 13

Cloud Infra and DevOps Course
Contents

o Amazon EKS control plane

o Amazon EKS data plane
o Fundamentals of Amazon EKS security
o Amazon EKS API

BUILDING AN AMAZON EKS CLUSTER

o Configuring your environment

7.2 o Creating an Amazon EKS cluster o Building an Amazon EKS Cluster
o Demo: Configuring and deploying
clusters in the AWS Management
Console
o Working with eksctl

DEPLOYING APPLICATIONS TO YOUR

AMAZON EKS CLUSTER

o Configuring Amazon Elastic Container

o Deploying App
7.3 Registry (Amazon ECR)
o Demo: Configuring Amazon ECR
o Deploying applications with Helm
o Demo: Deploying applications with Helm
o Continuous deployment in Amazon EKS
o GitOps and Amazon EKS

CONFIGURING OBSERVABILITY IN
AMAZON EKS

o Configuring observability in an Amazon

EKS cluster o Monitoring Amazon EKS
7.4 o Collecting metrics
o Using metrics for automatic scaling
o Managing logs
o Application tracing in Amazon EKS
o Gaining and applying insight from
observability

BALANCING EFFICIENCY, RESILIENCE, AND

COST OPTIMIZATION IN AMAZON EKS
7.5 o The high level overview
o Designing for resilience
o Designing for cost optimization
o Designing for efficiency

MANAGING NETWORKING IN AMAZON

EKS
o Exploring Amazon EKS Communication
7.6 o Review: Networking in AWS
o Communicating in Amazon EKS
o Managing your IP space
o Deploying a service mesh

LTI Internal Use 14

Cloud Infra and DevOps Course
Contents

IMPLEMENTING SECURE WORKFLOWS

o Securing Amazon EKS
7.7 o Securing cluster endpoint access
o Improving the security of your workflows
o Improving host and network security
o Managing secrets

MANAGING UPGRADES IN AMAZON EKS

7.8 o Planning for an upgrade
o Upgrading your Kubernetes version
o Amazon EKS platform versions

Running Containers on Azure Kubernetes

8 2 Days
Services (AKS)

AKS FUNDAMENTALS

o Introduction to Azure AKS

8.1 o AKS Cluster
o AKS Identity
o AKS Storage and Disk
o AKS Network and Security

BUILDING AN AZURE AKS CLUSTER

o Configuring your environment

8.2 o Creating an Azure AKS cluster Building an Azure AKS Cluster
o Demo: Configuring and deploying
clusters in the Azure Portal
o Working with kubectl

DEPLOYING APPLICATIONS TO YOUR

AZURE AKS CLUSTER
o Deploying App
o Configuring Azure Container Registry
8.3 (ACR)
o Deploying applications with Helm
o Demo: Deploying applications with Helm
o Continuous deployment in Azure AKS
o GitOps and AKS

CONFIGURING OBSERVABILITY IN AKS

o Configuring observability in an AKS

cluster
o Monitoring AKS
8.4 o Collecting metrics
o Using metrics for automatic scaling
o Managing logs
o Application tracing in AKS
o Gaining and applying insight from
observability

LTI Internal Use 15

Cloud Infra and DevOps Course
Contents

BALANCING EFFICIENCY, RESILIENCE, AND

COST OPTIMIZATION IN AMAZON EKS
8.5 o The high level overview
o Designing for resilience
o Designing for cost optimization
o Designing for efficiency

MANAGING NETWORKING IN AZURE AKS

o Networking in AKS o Exploring AKS Communication

8.6 o Managing your IP space
o Ingress Controllers
o Network Policies
o Deploying a service mesh

IMPLEMENTING SECURE WORKFLOWS

o Securing AKS
8.7 o Securing cluster endpoint access
o Improving the security of your workflows
o Improving host and network security
o Managing secrets using Azure Key Vault

MANAGING UPGRADES IN AKS

8.8 o Planning for an upgrade
o Upgrading your Kubernetes version
o Azure AKS platform versions

AZURE DISK

o Azure Disk - Dynamic

8.9 o Azure Disk - Static
o Azure Files - Dynamic
o Azure Files - Static
o NFS Server - Static

Assessment - 4

9 Google Cloud Platform 2 Days

Introduction to Google Cloud

o Understanding the fundamentals of

Google Cloud Platform
o The Google Global infrastructure
o Products for storage, compute,
networking, Machine Learning, and more
o Availability zones
o Different projects running on the GCP
infrastructure, including Google projects

LTI Internal Use 16

Cloud Infra and DevOps Course
Contents

Google Cloud Services

o Introduction to Google Cloud services

o Managing Google services using
command-line tools, app, and console
o Installing and configuring SDK
o Deploying Cloud Shell for GCP
environment management
o Deploying Gsutil

Google Computing Services

o Understanding Google computing

services
o Creating and managing virtual machines
in Google Cloud
o Launching VMs on-demand using Google
Compute Engine
o Choosing the right computing solutions
based on the workload like memory or
CPU
o Important actions with Compute Engine
o Balancing the load

Google Storage Services

o Various storage services offered with

Google Cloud
o The process of storing and retrieving data
o Rich content management
o Hosting a website
o Choosing the right storage options
o Integrating on-premises with the cloud
storage environment
o Nearline and Coldline storage
o Cloud Datastore
o Managing cloud storage using Gsutil

Google Cloud APIs

o Deploying Google Cloud for developing

applications and for debugging and
monitoring purposes
o Choosing the right data storage for
application data
o Automating infrastructure
o Managing the API
o Cloud source
o Functions and special APIs
o Implementing and configuring Cloud
Launcher and Deployment Manager
o Application deployment using Cloud
Engine

LTI Internal Use 17

Cloud Infra and DevOps Course
Contents

Google Networking Services

o Introduction to Google networking

o Setting up the Google network
o Connecting various Google Cloud
Platform resources
o Isolation using firewalls and network
policies
o Creating and managing of Virtual Private
Network
o Working with cloud routers and
interconnecting networks

IAM & Security Services

o Different security and identity and access

management (IAM) services
o Various roles in IAM
o Creating and managing Google resources
permissions
o IAM APIs
o The creation of custom roles
o Sharing resources and isolation
o Deploying penetration testing, auditing,
and security controls

Migrating to Google Cloud

o Understanding how to migrate to Google

Cloud
o Various criteria to be considered
o Choosing the right options as per the
specific needs
o Managing a hybrid cloud model
o Complete migration from the on-
premises model to the cloud
o Choosing an automation framework for
resource provisioning

Final Assessment with all above Topics

LTI Internal Use 18