Kubernetes 301 Workshop

Administration, Automation and Extension

Expand on your core cloud-native knowledge by exploring the deeper topics of Kubernetes platform management.

An understanding of the core Kubernetes concepts is fundamental to being able to effectively use the platform. But operations teams need more. They need to be able to secure the platform against outside and inside threats, and they need the ability to extend the platform by grafting into the control plane.

Unfortunately, while the core Kubernetes concepts are well conceived and implemented in a clear and coherent way, things get a bit messier with the more advanced topics. The Kubernetes security system is "complicated," and playing in the control plane can be "dangerous." We're here to help.

"Would be their student again, 10/10!"

Kubernetes 301 Graduate

Grasp the complex intricacies of Network and Pod security. Learn how to tweak the scheduler for greater Pod performance and stability. Write against the Kubernetes API in NodeJS and Python. Practice extending the platform via CRDs, custom controllers, and even custom schedulers.

Kubernetes 301 Course Outline

This is our normal Kubernetes 301 outline, but we're more than happy to move chapters around or create entirely new content just for your team. That's just part of the SuperOrbital difference.

Day One

Network Security

  • How Network Policies Work
  • How to Enable Them
  • Using them to Limit Traffic in Your Namespace

Pod Security

  • Understanding Role-Based Access Control
  • Pod Security Contexts
  • Configuring AppArmor
  • Linux Capabilities
  • Pod Security Policies

Scripting Kubectl

  • Kubectl explain
  • JSONPath
  • Parsing JSON with Jq & Gron
  • Raw API Requests

Kubectl Plugins

  • How They Work
  • Building Your Own Plugins
  • Avoiding Conflicts and Debugging the PATH


  • Developing Against the API in NodeJS
  • Tracing Kubectl Network Calls
  • Three ways to Patch the Kubernetes API

Day Two

Custom Resource Definitions (CRDS)

  • Authoring CRDs
  • Adding Validations
  • Improving Resource Presentation

Custom Controllers

  • Watching Resources via the API
  • Writing Efficient Custom Controllers
  • Deploying Controllers In-Cluster
  • Level vs Edge Triggering

Admission Controllers

  • Building Validating Webhooks in Python
  • Building Mutating Webhooks in Python
  • Sidecar Injection Using 3rd Party Tools
  • Understanding Pod Presets
  • Understanding Initializers

Sophisticated Scheduling

  • Exploring Pod Priority & Preemption
  • Understanding Pod disruption budgets
  • Configuring Node and Pod affinity
  • Taints & Tolerations
  • Exploring the Horizontal & Vertical Pods Autoscalers

Custom Schedulers

  • Learn how Custom Schedulers work
  • Write your own Custom Scheduler

Intended Audience

We recommend this course for your advanced platform operations teams and for those looking to extend the platform with custom operators.

To get the most out of this subject, students should come prepared with an understanding of Bash scripting, rudimentary application development with Python and/or NodeJS, the basics of Linux processes, users, and permissions, and the Kubernetes fundamentals. A good place to start is with our Docker 101 and Kubernetes 201 courses.

This is just one of the many great courses in our cloud-native curriculum!

Reach out to schedule a custom workshop for your team.

The SuperOrbital Difference

We're infrastructure experts with a reputation for delivering great work. Here’s how we're different:


We tailor each course to your needs.

Most training companies reuse publicly available stock training content, no matter your team's background, skill level, or needs. We’re different. We work with you beforehand to produce a tailored workshop. Each one is densely packed with content that's directly useful to your team.

Intensely Hands-On

Over four hours of hands-on labs per day.

That's not a typo. We don’t believe in static, podium-based training. Instead, SuperOrbital courses immerse your team in an active learning environment where they internalize the lessons through collaboration and hands-on workshops. The end result is knowledge that sticks, and a foundation for true expertise.

Here for you

We help after the training is through.

Unlike other companies, we do more than training. We have a deep engineering practice, and this gives you an advantage. We’re able to help with architectural guidance and engineering after the workshop is done. We can help you apply the knowledge you've gained through the bedrock of practice.


We give the best advice for your situation.

We believe in cloud native solutions, but we aren't beholden to any vendor. Every situation is unique, and every tool has flaws. We help you understand how the available solutions work together to solve your problems. We guide you away from the tools that are hype, and toward those that are battle tested.

Need more convincing? Let's talk!

How it works

Engaging with us to provide a workshop for your team is easy. Reach out to get started.



We'll schedule a time to meet, discuss your needs, your team's experience level, and how we can help.


Bespoke Content

We then work with you and your team to construct a curriculum and content that's exactly what you need.


On-site delivery

We travel to your location to deliver the best hands-on workshop your team's ever experienced.


Follow Up

We follow up afterward to ensure the workshop exceeded your expectations, and to help with whatever new hurdles your team may be facing.