Skip to Scheduled Dates
Course Overview
Integrate applications deployed on ROSA with AWS services in a way that cluster administrators and platform engineers retain control of credentials and roles required by applications to access AWS services instead of exposing those credentials to application developers.
Who Should Attend
- ROSA Administrators, Platform Engineers, Cloud Administrators, System Administrators and other infrastructure-related IT roles who are responsible for providing and supporting infrastructure for applications deployed on AWS
- Enterprise Architects, Site Reliability Engineers, DevOps Engineers, and other application-related IT roles who are responsible for designing infrastructure for applications deployed on AWS
Course Objectives
- Integrate with external container registries such as ECR and Quay.io to deploy applications from private image repositories
- Configure storage classes to enable application access to different EBS volume types
- Configure storage classes and security contexts to enable application access to shared EFS storage volumes
- Configure pod identity using STS/IRSA to enable application access to AWS services such as database (Aurora), integration (SQS), and object storage (S3)
- Provision AWS services for applications using the AWS Controllers for Kubernetes (ACK)
- Federate and query application metrics (application workload monitoring) with Amazon Managed Prometheus Service
- Aggregate and query structured application logs with Amazon CloudWatch
- Configure custom domains and TLS certificates for secure public access to applications
Course Outline
1 - Deploy Applications From External Registries
- Deploy applications on Red Hat OpenShift Service on AWS (ROSA) from private container image repositories in external centralized container image registries.
2 - Provide Amazon Storage Volumes for Applications
- Configure Amazon Elastic Block Storage (EBS) or Amazon Elastic File System (EFS) volumes that meet the cost, performance, and sharing requirements of their applications.
3 - Configure Application Access to AWS Services
- Configure applications for access to shared AWS services by using Kubernetes service accounts, and provision dedicated AWS services by using Kubernetes custom resources.
4 - OpenShift and AWS Application Observability
- Configure ROSA clusters to forward application logs to Amazon CloudWatch and application metrics to Amazon Managed Service for Prometheus.
5 - Custom Domains for ROSA Applications
- Expose applications to internet users with secure URLs by using human-readable DNS domains.