In the first section of this course titled, “Introduction to GKE at Scale,” you’ll learn to recognize the challenges of designing and building multi-environment solutions. Explain how GKE uses fleets to streamline operations. Describe the concepts of sameness and trust and use them to manage fleets. Finally you'll be able to identify the features and components used to manage GKE fleets.

In this section of this course titled “Multi-cluster GKE Architecture”, you’ll learn to recognize how GKE can be used to centralize cluster management. Examine the architecture of GKE mulit-cluster clusters. Learn how to create, connect, and manage GKE fleets. You'll also learn how to securely access GKE fleet clusters.

This section is about fleets and teams in GKE. You’ll learn how to define GKE fleets. Describe how GKE fleets can solve common cluster management problems. How to manage fleets and teams in GKE. You'll also be able to detail the elements of Fleet management.

In this section of the course, titled “Managing GKE configuration at Scale,” you’ll learn to recognize the challenges of scaling multi-cluster, multi-tenant configurations. Configure a centralized configuration management using GitOps model. Describe the benefits and architecture of Config Sync. Use Policy Controller to enforce security and compliance in GKE. Extend GitOps principles to Google Cloud resources. Finally you will learn how to create a standardized, reusable, and policy-driven foundation for Kubernetes deployments.

In this section of the course, you’ll learn how to explain how fleet networking works. Describe how Pods in a Kubernetes cluster communicate with each other. Enable multi-cluster Services. Configure multi-cluster Services. Detail the elements of fleet management. Outline the role of a multi-cluster gateway. You'll also learn how to configure a multicluster gateway.

In this section, titled, you learn to list and describe the benefits of using Cloud Service Mesh. Install and configure Cloud Service Mesh on different clusters. Trace the path of a request through the mesh, correctly identifying and explaining the role of key components like Envoy proxies, Mesh CA, and extensions in handling the request. Finally you'll learn to create Service Mesh Dashboards from workload telemetry including metrics, traces, and logs.

In this section, titled, you learn to explain how Cloud Service Mesh learns the network from Kubernetes. Deploy mesh API resources such as the VirtualService, DestinationRule, Gateway, Service Entry, and the Sidecar to configure the mesh. Describe how to harden the mesh network by introducing new functionality such as request retries, request timeouts, and circuit breakers. You'll also learn how to explore Service Mesh resilience by creating failures and delays on specific services.

In this section, you learn how to encrypt traffic between microservices to prevent anyone in the network from gaining access to private information. Authorize services and requests, ensuring that services only access the information that is allowed access from other services. Authenticate and authorize services and requests to verify trust among services in the mesh and among end users. You will also see how to limit service access in the network so that granular controls over the communication can be established.

In this section, you learn to set up a multi-cluster mesh with a single subnet in a single VPC network and account for variations like multi-region clusters, multiple projects, shared VPC, and private clusters. You'll also learn to enable communication between GKE clusters on different networks using an east-west gateway and attached clusters.

In this section, you learn to summarize the differences between authentication methods for GKE clusters and explain when to use each. Summarize the key features of connect gateway and explain how it simplifies and secures connections to GKE Enterprise fleet member clusters. Configuring connect gateway for authentication and authorization. Securely access clusters and provide authentication using OpenID Connect (OIDC) and third-party identity providers (IdPs). Finally you'll learn to configure GKE Identity Service to enable authentication and authorization for users when given a GKE cluster and a third-party identity provider (IdP).

In this section, you learn to describe GKE security posture. Navigate and interpret the GKE security posture dashboard to identify security issues. Implement node security measures to protect GKE worker nodes from potential threats. Describe the process of vulnerability scanning in GKE. Finally you will be able to explain the roles and capabilities of Google Cloud's Artifact Analysis and Security Command Center in enhancing GKE security.

In this section, you learn to describe the core components of Google Cloud's CI/CD pipeline and how they address common challenges in application modernization. Analyze how Cloud Deploy integrates with GKE to manage Kubernetes manifests and control deployments. Compare and contrast the deployment strategies for Knative Serving within GKE Enterprise. Explain the steps required to establish a peered VPC connection for secure CI/CD in a private network. You will also learn how to evaluate the various security measures and tools available within Google Cloud for securing the software supply chain.

In this section, you learn to explain how GKE serves as a suitable platform for large language models and the increasing demand for hardware accelerators. Describe the high-level architecture of a GKE-based training platform for AI models. Outline the architecture for a GKE-based model serving platform. You will also learn to outline different cost management strategies available when using GKE for AI/ML workloads.

The course closes with a summary of the key points covered in each section.

Student PDF links to all modules