Learning Tracks
Pick a track based on your experience level. Each track builds on the previous one. You can also skip around; every lab is self-contained.
Beginner Track (~2 hours)
Section titled “Beginner Track (~2 hours)”Your first day with Kubernetes. Covers the fundamentals every developer needs.
| # | Lab | What You Learn | Time |
|---|---|---|---|
| 01 | Simple App | Your first Deployment and Service | ~5 min |
| 17 | ConfigMaps & Secrets | Passing config and credentials to pods | ~10 min |
| 16 | Service Types | How to expose apps (ClusterIP, NodePort, LB) | ~15 min |
| 27 | PersistentVolumes | Where pods store data | ~10 min |
| 11 | Jobs & CronJobs | Running batch and scheduled tasks | ~10 min |
| 07 | YAKD | Visualize what you built | ~5 min |
| 25 | kubectl Debug | What to do when things break | ~10 min |
Intermediate Track (~3 hours)
Section titled “Intermediate Track (~3 hours)”You can deploy apps. Now learn to do it well: packaging, multi-environment, reliability, security.
| # | Lab | What You Learn | Time |
|---|---|---|---|
| 02 | Helm | Package apps as reusable charts | ~10 min |
| 03 | Kustomize | Manage dev/prod without copy-paste | ~10 min |
| 18 | Probes & Lifecycle | Health checks and graceful shutdown | ~15 min |
| 23 | Deployment Strategies | Rolling, blue/green, canary rollouts | ~15 min |
| 10 | StatefulSet | Stable identity for databases and caches | ~15 min |
| 12 | DaemonSet | One pod per node (log agents, monitors) | ~10 min |
| 26 | Multi-Container | Sidecar, adapter, ambassador patterns | ~10 min |
| 13 | HPA | Auto-scale pods based on CPU load | ~15 min |
| 14 | RBAC | Who can do what in the cluster | ~10 min |
| 19 | Network Policies | Lock down pod-to-pod traffic | ~15 min |
| 20 | Resource Quotas | Prevent namespace resource exhaustion | ~10 min |
| 08 | Headlamp | Full-featured cluster dashboard | ~10 min |
Advanced Track (~2.5 hours)
Section titled “Advanced Track (~2.5 hours)”Production patterns: GitOps, operators, TLS automation, HA databases, observability.
| # | Lab | What You Learn | Time |
|---|---|---|---|
| 04 | ArgoCD | GitOps with auto-sync and self-heal | ~20 min |
| 05 | Cert-Manager | Automated TLS certificate lifecycle | ~15 min |
| 06 | Redis | Caching with a live performance dashboard | ~15 min |
| 09 | CloudNativePG | HA PostgreSQL with automatic failover | ~15 min |
| 22 | Prometheus & Grafana | Monitoring stack, PromQL, alerts | ~20 min |
| 51 | OpenTelemetry & Tracing | Distributed tracing with Jaeger | ~20 min |
| 21 | Pod Disruption Budgets | Availability during cluster maintenance | ~10 min |
| 24 | Pod Security | SecurityContext and Pod Security Standards | ~10 min |
| 15 | CRDs & Operators | Extend Kubernetes with custom resources | ~20 min |
| 28 | Vault | Production secret management | ~20 min |
| 29 | External Secrets | ESO syncs Vault into K8s Secrets | ~15 min |
| 30 | Tekton Basics | Cloud-native CI/CD pipelines | ~15 min |
| 31 | Tekton CI/CD | Full build-test-deploy pipeline with triggers | ~20 min |
Real-World Track (~4 hours)
Section titled “Real-World Track (~4 hours)”Multi-service production architectures. These labs are resource-intensive. Run one at a time and allocate at least 6 CPUs and 12GB RAM to minikube.
| # | Lab | What You Learn | Time |
|---|---|---|---|
| 32 | Microservices Platform | Frontend, API, worker, Redis queue, PostgreSQL | ~30 min |
| 33 | API Gateway (Kong) | Route, rate-limit, and authenticate requests | ~25 min |
| 34 | Event-Driven (Kafka) | Async messaging with producers and consumers | ~30 min |
| 35 | EFK Logging | Centralized log collection and visualization | ~25 min |
| 36 | ML Model Serving | FastAPI prediction service with HPA | ~20 min |
| 37 | GitOps Full Loop | Tekton CI + ArgoCD CD end-to-end | ~30 min |
| 38 | Multi-Tenant Platform | Isolated namespaces, quotas, RBAC, network segmentation | ~25 min |
| 39 | Chaos Engineering | Break things deliberately and watch recovery | ~20 min |
| 40 | Progressive Delivery | Canary with automated traffic shifting | ~25 min |
Advanced Tools Track (~3 hours)
Section titled “Advanced Tools Track (~3 hours)”Extend your cluster with service mesh, policy engines, backup, and more.
| # | Lab | What You Learn | Time |
|---|---|---|---|
| 41 | Istio Service Mesh | Traffic management, mTLS, observability | ~30 min |
| 42 | Kyverno | Policy enforcement and resource mutation | ~20 min |
| 43 | Velero | Backup and disaster recovery | ~20 min |
| 44 | Sealed Secrets | Git-safe encrypted secrets | ~15 min |
| 45 | Vertical Pod Autoscaler | Auto-tune resource requests | ~15 min |
| 46 | Advanced Ingress & Routing | Gateway API, Traefik, HTTPRoute, middleware | ~30 min |
| 47 | Reloader | Auto-restart on config changes | ~10 min |
| 48 | Knative Serving | Serverless scale-to-zero workloads | ~20 min |
| 49 | Trivy Operator | Container vulnerability scanning | ~15 min |
| 50 | Falco | Runtime threat detection with eBPF | ~20 min |