Amazon EKS Advanced Operations Training
Master production EKS operations in this 3-day advanced course. Learn cluster scaling, security hardening, cost optimization, upgrade strategies, and multi-cluster patterns for enterprise Kubernetes on AWS.
Training Details
Section titled “Training Details”| Duration | 3 days (24 hours) |
| Level | Advanced |
| Delivery | In-person, Live online, Hybrid |
| Certification | N/A |
Who Is This For?
Section titled “Who Is This For?”- Platform engineers running EKS in production
- SRE teams responsible for EKS reliability and performance
- Security engineers hardening EKS environments
- Teams optimizing EKS costs at scale
Learning Outcomes
Section titled “Learning Outcomes”After completing this training, participants will be able to:
- Implement Cluster Autoscaler and Karpenter for efficient scaling
- Harden EKS clusters with network policies, Pod Security Standards, and GuardDuty
- Optimize costs with Spot instances, Fargate, and right-sizing
- Execute zero-downtime cluster upgrades
- Implement GitOps with Flux or ArgoCD on EKS
- Design multi-cluster and multi-region EKS architectures
Detailed Agenda
Section titled “Detailed Agenda”Day 1: Scaling and Performance
Section titled “Day 1: Scaling and Performance”Module 1: Node Scaling with Karpenter
- Karpenter architecture and provisioners
- NodePool and EC2NodeClass configuration
- Instance type selection and consolidation
- Karpenter vs Cluster Autoscaler — when to use each
- Hands-on: Deploy Karpenter and configure auto-scaling
Module 2: Application Scaling and Performance
- Horizontal Pod Autoscaler with custom metrics
- Vertical Pod Autoscaler
- KEDA for event-driven scaling
- Resource right-sizing strategies
- Hands-on: Implement HPA with custom CloudWatch metrics
Day 2: Security and Compliance
Section titled “Day 2: Security and Compliance”Module 3: Network Security
- Calico and VPC CNI network policies
- Security groups for Pods
- AWS PrivateLink for private API access
- Egress control with NAT Gateway and proxy
- Hands-on: Implement zero-trust networking with network policies
Module 4: Runtime Security and Compliance
- Amazon GuardDuty for EKS Runtime Monitoring
- Pod Security Standards and admission controllers
- OPA Gatekeeper for policy enforcement
- Image scanning with Amazon Inspector
- Secrets management with AWS Secrets Manager CSI driver
- Hands-on: Deploy GuardDuty, Gatekeeper policies, and Secrets Manager
Day 3: Operations and Multi-Cluster
Section titled “Day 3: Operations and Multi-Cluster”Module 5: Cluster Upgrades and Maintenance
- EKS upgrade lifecycle and support windows
- Control plane and node group upgrade strategies
- Add-on compatibility and upgrade order
- Blue-green cluster upgrades with DNS switching
- Hands-on: Perform a rolling cluster upgrade
Module 6: Cost Optimization
- Spot instances with Karpenter
- Fargate for burst workloads
- Kubecost for cost visibility
- Savings Plans and Reserved Instances for EKS
- Hands-on: Implement cost-optimized node pools with Spot and on-demand mix
Module 7: Multi-Cluster Architectures
- Multi-cluster patterns (federation, mesh, GitOps)
- Cross-cluster service discovery
- Multi-region failover with Route 53
- GitOps with Flux for multi-cluster management
- Hands-on: Deploy applications across multiple EKS clusters with Flux
Prerequisites
Section titled “Prerequisites”- EKS Fundamentals training or equivalent hands-on EKS experience
- AWS networking (VPC, subnets, security groups) and IAM experience
- Kubernetes administration skills (kubectl, Helm, resource management)
Delivery Formats
Section titled “Delivery Formats”| Format | Description |
|---|---|
| In-Person | On-site at your company’s location, hands-on with direct interaction |
| Live Online | Interactive virtual sessions with screen sharing and real-time labs |
| Hybrid | Combination of on-site and remote sessions, flexible scheduling |
All formats include hands-on labs, course materials, and post-training support.