Advanced Kubernetes - Security, and Large-Scale Deployments
Advanced Kubernetes - Security, and Large-Scale Deployments
This course is part of Docker and Kubernetes Masterclass: From Beginner to Advanced Specialization
Included with
Ask Coursera
Recommended experience
Recommended experience
What you'll learn
Automate configuration management using Kustomize and deploy applications to GKE.
Implement security layers with RBAC, network policies, and Pod Security Standards.
Deploy and manage persistent storage using StatefulSets and dynamic provisioning.
Apply advanced resource controls using quotas, namespaces, and probe-based health checks.
Skills you'll gain
Details to know
See how employees at top companies are mastering in-demand skills
Build your subject-matter expertise
- Learn new concepts from industry experts
- Gain a foundational understanding of a subject or tool
- Develop job-relevant skills with hands-on projects
- Earn a shareable career certificate
There are 8 modules in this course
Updated in May 2025.
This course now features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. This advanced course dives deep into Kubernetes, equipping you with the skills to build secure, scalable, and production-ready deployments. By the end, you’ll confidently manage Kubernetes resources, configure persistent storage, implement strong security practices, and deploy applications to cloud platforms like GKE using Kustomize. You'll also learn to tackle real-world infrastructure challenges such as handling secrets, configuring probes, and applying network policies. Your learning journey starts with advanced resource management—using labels, selectors, quotas, and namespaces—followed by implementing health checks through readiness, liveness, and startup probes. You'll then work with persistent storage solutions like volumes and StatefulSets, manage configuration and sensitive data using ConfigMaps and Secrets, and secure workloads with RBAC, service accounts, and Pod Security Standards. Kustomize will help you streamline multi-environment deployments with ease. This course is designed for DevOps engineers and cloud professionals with prior Kubernetes experience who are looking to scale, secure, and operate containerized applications in production environments.
In this module, we will dive deep into organizing and managing Kubernetes resources effectively. You’ll explore the use of labels, selectors, annotations, and namespaces to structure your deployments. The module also guides you through setting resource constraints and configuring health probes to ensure workload resilience and optimal performance.
What's included
18 videos2 readings1 assignment
18 videos•Total 125 minutes
- Overview of the Section•1 minute
- Understanding Labels and Selectors•7 minutes
- Lab: Using Labels and Selectors in Kubectl•6 minutes
- Lab: Selecting Objects with MatchLabels and MatchExpressions•10 minutes
- Understanding Annotations in Kubernetes•4 minutes
- Introduction to Kubernetes Namespaces•9 minutes
- Lab: Creating and Managing Namespaces•12 minutes
- Lab: Cross-Namespace Service Communication•6 minutes
- Introduction to Resource Quotas, Requests, and Limits•7 minutes
- Lab: Setting Up Resource Quotas•7 minutes
- Lab: Setting Resource Requests and Limits•6 minutes
- Lab: Managing Rollouts, Resource Requests, and Limits•11 minutes
- Startup, Liveness, and Readiness Probes•6 minutes
- Lab: Color API - Implement v1.2.0: Adding Health Endpoints•8 minutes
- Lab: Working with Startup Probes•8 minutes
- Lab: Color API - Implement v1.2.1: Adding a Dedicated Startup Endpoint•2 minutes
- Lab: Working with Liveness Probes•3 minutes
- Lab: Working with Readiness Probes•12 minutes
2 readings•Total 20 minutes
- Introduction to the Course 'Advanced Kubernetes - Security, and Large-Scale Deployments'•10 minutes
- Full Specialization Resources•10 minutes
1 assignment•Total 15 minutes
- [Kubernetes] Managing Kubernetes Resources - Assessment•15 minutes
In this module, we will explore Kubernetes storage concepts and how to manage data persistence effectively. You’ll learn about volume types such as EmptyDir, PVCs, and StatefulSets, and practice mounting volumes in Pods. Labs include hands-on experience with dynamic provisioning and data retention strategies for stateful applications.
What's included
14 videos1 assignment
14 videos•Total 120 minutes
- Overview of the Section•2 minutes
- Introduction to Docker Volumes•9 minutes
- Understanding EmptyDir and Local Volumes•4 minutes
- Lab: Using EmptyDir Ephemeral Storage•15 minutes
- Introduction to Persistent Volume Claims•7 minutes
- Lab: Creating Persistent Volumes and Persistent Volume Claims•15 minutes
- Lab: Mounting Volumes in Pods and Containers•11 minutes
- Lab: Deleting Persistent Volumes and Persistent Volume Claims•6 minutes
- Lab: Dynamically Provisioning Persistent Volumes•10 minutes
- Introduction to StatefulSets in Kubernetes•5 minutes
- Lab: Creating Persistent Volumes with StatefulSets•7 minutes
- Lab: Deploying a StatefulSet•14 minutes
- Lab: StatefulSets with Dynamic Volume Provisioning•5 minutes
- Lab: Using Headless Services•12 minutes
1 assignment•Total 15 minutes
- [Kubernetes] Storage and Data Persistence - Assessment•15 minutes
In this module, we will cover best practices for managing application configuration and secrets within Kubernetes. You’ll gain hands-on experience using ConfigMaps and Secrets to pass data into containers through environment variables and mounted files. This section ensures your applications can adapt and operate securely across environments.
What's included
8 videos1 assignment
8 videos•Total 59 minutes
- Overview of the Section•1 minute
- Introduction to ConfigMaps in Kubernetes•5 minutes
- Lab: Color API - Implement v1.3.0: Receiving External Color Information•5 minutes
- Lab: Passing Information from ConfigMaps via Environment Variables•14 minutes
- Lab: Mounting ConfigMaps as Volumes•15 minutes
- Introduction to Secrets in Kubernetes•3 minutes
- Lab: Passing Information from Secrets via Environment Variables•9 minutes
- Lab: Mounting Secrets as Volumes•7 minutes
1 assignment•Total 15 minutes
- [Kubernetes] Managing Configuration and Secrets - Assessment•15 minutes
In this module, we will bring together several core Kubernetes concepts to deploy a production-ready MongoDB instance. You’ll use StatefulSets, headless services, and ConfigMaps to set up and manage the database. The module culminates with integrating the Color API with MongoDB to persist data and validate functionality.
What's included
12 videos1 assignment
12 videos•Total 110 minutes
- Overview of the Project•4 minutes
- Creating Database Credentials•6 minutes
- Creating a Headless Service and ConfigMaps•6 minutes
- Deploying the StatefulSet•10 minutes
- Deploying and Validating the StatefulSet•6 minutes
- Testing StatefulSet Scaling•7 minutes
- Color API - Implement v2.0.0: Code Refactor•16 minutes
- Color API - Implement v2.0.0: Persisting Data in MongoDB•12 minutes
- Color API - Implement v2.0.0: Adding Database Connection Logic•3 minutes
- Color API - Implement v2.0.0: Defining Routes for Business Logic•11 minutes
- Deploying the New Color API Version•16 minutes
- Wrapping Up and Cleaning Up the Project•13 minutes
1 assignment•Total 15 minutes
- [Kubernetes] Project - Deploying a MongoDB Database - Assessment•15 minutes
In this module, we will explore foundational Kubernetes security practices to protect your clusters and applications. You’ll learn how to use Role-Based Access Control (RBAC), Service Accounts, and Network Policies to manage permissions and traffic flow. The section also introduces Pod Security Standards to enforce workload compliance.
What's included
26 videos1 assignment
26 videos•Total 189 minutes
- Overview of the Section•2 minutes
- Introduction to Kubernetes Security•7 minutes
- Understanding Role-Based Access Control (RBAC)•9 minutes
- Lab: Exploring Minikube's Roles and ClusterRoles•12 minutes
- Understanding the Kubernetes API•11 minutes
- Lab: Exploring Kubernetes API Resources•8 minutes
- Lab: Creating Two Users: Alice and Bob•9 minutes
- Lab: Configuring Access Credentials for Alice and Bob•9 minutes
- Lab: Setting Up Permissions to Read Pods•11 minutes
- Lab: Using ClusterRoles for Cluster-Wide Permissions•8 minutes
- Lab: Exploring Subresources and Permissions•5 minutes
- Introduction to Service Accounts in Kubernetes•4 minutes
- Lab: Working with Default Service Accounts•6 minutes
- Lab: Creating Custom Service Accounts•9 minutes
- Lab: RBAC Clean-Up•4 minutes
- Introduction to Network Policies in Kubernetes•7 minutes
- Calico vs. Native Kubernetes Network Policies•2 minutes
- Lab: Denying All Ingress Traffic•11 minutes
- Lab: Allowing Traffic Between Specific Pods•6 minutes
- Lab: Working with Pod Selectors•6 minutes
- Lab: Combining Pod Selectors•9 minutes
- Lab: Handling Egress Traffic•12 minutes
- Lab: Working with Network Policies and Namespaces•3 minutes
- Introduction to Pod Security Standards (PSS)•6 minutes
- Lab: Applying Pod Security Standards•12 minutes
- Lab: Exploring the Pod Security Standards Documentation•2 minutes
1 assignment•Total 15 minutes
- [Kubernetes] Security Foundations - Assessment•15 minutes
In this module, we will work with Kustomize, a Kubernetes-native tool for managing configuration variations. You’ll learn how to use bases, overlays, and transformations to simplify environment-specific deployments. Labs guide you through patching, generating ConfigMaps and Secrets, and building reusable infrastructure configurations.
What's included
12 videos1 assignment
12 videos•Total 83 minutes
- Overview of the Section•1 minute
- Introduction to Kustomize•7 minutes
- Lab: Building Our First Kustomize Project•8 minutes
- Understanding Bases and Overlays•3 minutes
- Lab: Creating Dev and Prod Overlays•8 minutes
- Introduction to Transformations•4 minutes
- Lab: Working with Transformations•10 minutes
- Lab: Generating ConfigMaps•9 minutes
- Lab: Generating Secrets•6 minutes
- Lab: Introduction to Patching in Kustomize•9 minutes
- Lab: Using Strategic Merge Patches•7 minutes
- Lab: Using JSON Patches•10 minutes
1 assignment•Total 15 minutes
- [Kubernetes] Using Kustomize - Assessment•15 minutes
In this module, we will deploy the complete Color API application to Google Kubernetes Engine. You’ll configure GKE resources, deploy MongoDB and the API, and secure communication using ingress and TLS certificates. The project also includes monitoring setup and scaling to simulate a real-world production environment.
What's included
28 videos1 assignment
28 videos•Total 174 minutes
- Overview of the Project•4 minutes
- Creating a Google Cloud Platform (GCP) Account•7 minutes
- Understanding Project Costs•3 minutes
- Navigating GCP's UI Console•9 minutes
- Installing the gcloud CLI•4 minutes
- Exploring the GKE UI Console•2 minutes
- Creating a Google Kubernetes Engine (GKE) Cluster•8 minutes
- Connecting kubectl to GKE•6 minutes
- Deploying an Nginx-based Website•9 minutes
- Exploring Storage Classes in GKE•9 minutes
- Understanding API Resources in GKE•3 minutes
- Creating Database Credentials for MongoDB•7 minutes
- Deploying the MongoDB StatefulSet - Part 1•6 minutes
- Deploying the MongoDB StatefulSet - Part 2•10 minutes
- Deploying the MongoDB StatefulSet - Part 3•13 minutes
- Deploying the Color API Application•5 minutes
- Creating a LoadBalancer Service for External Access•4 minutes
- Color API - Implement v2.1.0-dev: Exposing Prometheus Metrics•4 minutes
- Customizing Database Deployments•15 minutes
- Deploying the Prod Overlay and Customizing the Dev Color API Image•5 minutes
- Denying All Ingress and Allowing Traffic Between Color API and MongoDB•9 minutes
- Allowing External Traffic into Color API Pods•5 minutes
- Registering a Domain for Our Website•4 minutes
- Allocating Static IPs for Ingress•6 minutes
- Creating Ingress Objects•6 minutes
- Creating Managed TLS Certificates•5 minutes
- Testing Ingress Traffic from Web to Color API Pods•4 minutes
- Cleaning Up the Project•6 minutes
1 assignment•Total 15 minutes
- [Kubernetes] Project - Deploying the Color API Application to Google Kubernetes Engine (GKE) - Assessment•15 minutes
In this module, we will wrap up the course and reflect on everything you’ve accomplished. You’ll review the skills you’ve developed across resource management, storage, security, and deployments. This final section celebrates your progress and points toward advanced topics and certifications to further your expertise.
What's included
1 video1 reading2 assignments
1 video•Total 2 minutes
- Conclusion to the Specialization•2 minutes
1 reading•Total 10 minutes
- Conclusion to the Course 'Advanced Kubernetes - Security, and Large-Scale Deployments'•10 minutes
2 assignments•Total 75 minutes
- Full Course Practice Assessment•15 minutes
- Full Course Assessment•60 minutes
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.
Instructor
Explore more from Cloud Computing
Course
Status: Free TrialCategory: Credit offeredCourse
Status: Free TrialCategory: Credit offered- L
LearnKartS
Course
Status: Free TrialCategory: Credit offered Course
Status: Free TrialCategory: Credit offered
Why people choose Coursera for their career
Advance your career with an online degree
Earn a degree from world-class universities - 100% online
Frequently asked questions
Yes, you can preview the first video and view the syllabus before you enroll. You must purchase the course to access content not included in the preview.
If you decide to enroll in the course before the session start date, you will have access to all of the lecture videos and readings for the course. You’ll be able to submit assignments once the session starts.
Once you enroll and your session begins, you will have access to all videos and other resources, including reading items and the course discussion forum. You’ll be able to view and submit practice assessments, and complete required graded assignments to earn a grade and a Course Certificate.
More questions
Financial aid available,
