Building Resilient Microservices with Istio and Red Hat OpenShift Service Mesh
Control, manage, trace, monitor, and test your microservices with Red Hat OpenShift Service Mesh
Fill the form to get up to 20% discount!
- For Self
- For Business
Course description
Control, manage, trace, monitor, and test your microservices with Red Hat OpenShift Service Mesh
Building Resilient Microservices with Istio and Red Hat OpenShift Service Mesh (DO328) is your gateway to mastering the installation, monitoring, resilience, and security of services within Red Hat OpenShift Service Mesh.
Red Hat OpenShift’s enterprise-ready, multitenant platform simplifies the deployment and scaling of microservice applications. However, as these architectures grow in size and complexity, managing service interactions can become challenging. Red Hat OpenShift Service Mesh combines Istio, Jaeger, and Kiali to create a zero-trust network, ensuring secure service interactions, offering service tracing, and visualizing communication pathways.
This course is built on Red Hat OpenShift Container Platform 4.6 and Red Hat OpenShift Service Mesh 2.0
Course content summary
- Master the installation of Red Hat OpenShift Service Mesh on a Red Hat OpenShift cluster.
- Apply release strategies to have precise control over service traffic.
- Establish service resilience through load balancing and failover configurations.
- Test and verify service resilience using chaos testing methods.
- Enforce stringent service security measures.
- Gain expertise in observing, measuring, and tracing network traffic, utilizing the capabilities of OpenShift Service Mesh.
Audience for this course
- This course is meticulously crafted for developers seeking to proficiently deploy, manage, and safeguard microservices applications within the Red Hat OpenShift environment.
Prerequisites for this course
- Start by taking our free assessment to gauge your compatibility with this offering.
- While it's not mandatory, attending "Red Hat Cloud-native Microservices Development with Quarkus (DO378)" or having equivalent experience in creating microservice applications is recommended.
- For a strong foundation, it's strongly recommended to have attended "Red Hat OpenShift I: Containers & Kubernetes (DO180)" and "Red Hat OpenShift Development II: Containerizing Applications (DO288)," and passed the "Red Hat Certified Specialist in OpenShift Application Development exam (EX288)." Basic OpenShift experience is also beneficial for this course.
Is This Certification Your Perfect Match?
Introduction to Red Hat OpenShift Service Mesh
- Gain insight into microservice architecture principles and the role of OpenShift Service Mesh.
Install Red Hat OpenShift Service Mesh
- Learn how to deploy Red Hat OpenShift Service Mesh on Red Hat OpenShift Container Platform.
Observe a Service Mesh
- Explore tools like Jaeger and Kiali to trace and visualize OpenShift Service Mesh components.
Control Service Traffic
- Discover effective methods for managing and routing service traffic within OpenShift Service Mesh.
Release Applications with Service Mesh
- Implement advanced release strategies, including canary and mirroring, within OpenShift Service Mesh.
Test Service Resilience with Chaos Testing
- Evaluate the resilience of Red Hat OpenShift Service Mesh through chaos testing to ensure application stability.
Build Resilient Services
- Utilize OpenShift Service Mesh strategies to design and implement resilient services.
Secure Services with OpenShift Service Mesh
- Enhance security by securing and encrypting services in your application with Red Hat OpenShift Service Mesh.
This course provides a comprehensive understanding of microservice management, security, and resilience within the context of Red Hat OpenShift Service Mesh.
Impact on the organization
Discover how Microservice architectures in conjunction with Red Hat OpenShift Service Mesh empower organizations to enhance application security, resilience, and scalability, all while reducing developer overhead. By incorporating mutual TLS encryption and establishing a zero-trust network, Red Hat OpenShift Service Mesh provides an additional layer of security for data in transit. This not only accelerates time to market but also grants organizations a deeper understanding of their microservice architecture, enabling visualization and data flow tracing throughout their applications. These newfound insights can drive more efficient resource allocation and expedite the identification of defects in specific microservices.
It’s important to note that while Red Hat has meticulously designed this course to benefit our customers, the uniqueness of each company and infrastructure means that actual results or benefits may vary.
Impact on the individual
By completing this course, you will acquire the knowledge and skills to streamline and optimize your service interactions. You will become proficient in installing and configuring Red Hat OpenShift Service Mesh, allowing you to effectively define, monitor, manage, and secure service interactions within your microservice architecture. The course is thoughtfully designed to showcase the user-friendly “sidecar” approach of Red Hat OpenShift Service Mesh, emphasizing its ease of implementation and underscoring the advantages it offers in terms of service resilience and comprehensive monitoring capabilities.
Exam description
The Red Hat Certified Specialist in Building Resilient Microservices exam (EX328) assesses your competence in the creation and management of a robust network of microservices utilizing Red Hat OpenShift Container Platform and Red Hat OpenShift Service Mesh. This examination emphasizes fundamental skills essential for configuring and overseeing the resilient operation of applications that encompass numerous microservices, including those with persistent data stores.
By successfully clearing this exam, you attain the esteemed title of a Red Hat Certified Specialist in Building Resilient Microservices, which also contributes to your journey towards becoming a Red Hat Certified Architect (RHCA®).
Target Audience:
This certification is particularly beneficial for:
Administrators or Architects in DevOps Roles: Those responsible for managing or implementing Red Hat OpenShift Container Platform environments.
Application Developers: Specifically, developers entrusted with the management of multiple microservices or supporting existing microservices within the Red Hat OpenShift Container Platform framework.
Prerequisites:
Candidates are required to possess a practical understanding of Red Hat OpenShift applications, typically obtained through courses such as “Red Hat OpenShift Development II: Containerizing Applications (DO288)” and “Building Resilient Microservices with Istio and Red Hat OpenShift Service Mesh (DO328).” Candidates should be adept in utilizing Red Hat OpenShift Container Platform for tasks including creating and managing projects, deploying applications, working with container images, handling Kubernetes resources in JSON or YAML formats, and understanding Kubernetes Custom Resource Definitions (CRD).
In preparation
Study points for the exam
As part of this exam, you should be able to perform these tasks:
- Understand and work with Red Hat Openshift Service Mesh Custom Resources
- Deploy and configure applications on Service Mesh:
- Install sidecar manually in pod applications
- Automatic sidecar injection using annotations
- Understand the configuration of network policies (Mesh members, external services, etc.)
- Work with request routing and traffic management.
- Be able to configure static and dynamic request routing to different versions of an application
- Understand the deployment/release pattern strategies that Red Hat OpenShift Service Mesh® can help with, providing more complex operational functionality, including A/B testing and canary releases
- Configure and manage advanced routing techniques to control the flow and API calls between services
- Traffic shifting migration within the mesh producing between different services A/B testing, canary rollouts, and staged rollouts with percentage-based traffic splits, and dark launches for a selective group of users
- Take profit of the traffic mirroring capabilities to bring changes to the microservices. Be able to produce shadowing launches copying the live traffic
- Send the inbound and outbound traffic from and to the mesh, managing the ingress and egress traffic control policies
- Define and control gateway entry points into the mess for the incoming traffic allowing pass requests through the services
- Enable controlled access to external publicly accessible services from within the istio cluster
- Be able to configure the network resilience and the fault tolerance dynamically at runtime to ensure the failing nodes and prevent localized failures from cascading
- Control the waiting time for replies defining timeouts
- Enhance service availability specifying the number of request attempts with retry strategies
- Limit for calls within a service and prevent access to an overloaded or failing host applying a circuit breaker mechanism
- Specify the connection and ejection pool policies configuring the load balancing destination rules
- Work and configure Service Mesh policy checks
- Define enforcement features through policies, configure local and global rate limiting, and define access quotas
- Enable and configure the authorization for denial and allow policies applied to a workload
- Understand and configure the workload-to-workload communication using the implemented architecture for authentication and authorization security in Service Mesh
- Provide service-to-service communication with secure naming authorization
- Tunnel the service-to-service communication using mutual TLS communication.
- Map the identity of the service name with secure naming
- Define peer authentication policies to enforce the mutual TLS mode
- Define the required end-user authentication policy check. Define and configure access authorization rules for service and end-user to workload communications
- Understand and work with the fault injection mechanisms to introduce errors and chaos testing into the system to test the failure recovery capacity of the applications
- Inject timing failures producing delays to mimic increased network latency or overloaded services
- Produce crash failures with error response injections and TCP connection failures
Red Hat recommends the following steps to prepare for the exam:
1. Training Courses:
- Consider enrolling in “Building Resilient Microservices with Istio and Red Hat OpenShift Service Mesh (DO328)” and “Red Hat OpenShift Development II: Containerizing Applications (DO288)” to gain a comprehensive understanding.
- Earning the “Red Hat Certified Specialist in OpenShift Application Development (EX288)” is also suggested, but it’s not mandatory.
2. Course Attendance:
- While attending Red Hat courses can be valuable, successful completion of the exam relies on more than just course attendance.
- Prior experience, practice, and innate abilities play crucial roles in achieving success.
3. Additional Resources:
- Numerous books and resources on system administration for Red Hat products are available, but Red Hat does not officially endorse any of these materials as preparation guides for their exams.
- However, supplementary reading can be beneficial to deepen your understanding.
Exam Format:
- The exam is practical and hands-on, requiring candidates to perform real-world development tasks.
- Internet access is not provided during the exam, and candidates are not allowed to bring any hard copy or electronic documentation into the exam, including notes, books, or any other material. However, MicroProfile specification and related documentation are accessible during the exam.
Scores and Reporting:
- Official exam scores are solely provided through Red Hat Certification Central, and candidates should not expect examiners or training partners to report results directly to them.
- Exam scores are generally available within 3 U.S. business days.
- Scores are reported as total scores, and Red Hat does not disclose performance on individual items or provide additional information upon request.
- In the event of an unsuccessful first attempt, candidates are eligible for one exam retake. For detailed information, please refer to Red Hat’s Training Policies page.
A Red Hat Certified Specialist in Building Resilient Microservices possesses a comprehensive set of skills and knowledge to ensure the effective deployment and management of microservices in a Red Hat OpenShift Service Mesh environment. Here’s a more detailed breakdown of the key competencies and expertise they demonstrate:
Understanding Red Hat Openshift Service Mesh Custom Resources: Proficiency in comprehending and manipulating custom resources in Red Hat OpenShift Service Mesh, enabling the configuration and management of service mesh components to meet specific requirements.
Deployment and Configuration of Applications: Ability to deploy and configure applications within the Service Mesh, ensuring that services are effectively integrated and interact seamlessly.
Request Routing and Traffic Management: Skill in controlling the routing of requests and effectively managing traffic to ensure optimal performance and resource utilization within the service mesh.
Deployment/Release Pattern Strategies: Knowledge of deployment and release pattern strategies, such as A/B testing and canary releases, to implement complex operational functionality and minimize risks during service updates.
Advanced Routing Techniques: Proficiency in configuring and managing advanced routing techniques, enabling precise control over the flow and API calls between services, enhancing the overall performance and reliability of the microservices.
Ingress and Egress Traffic Control: Ability to manage the ingress and egress traffic control policies effectively, ensuring that traffic flows smoothly in and out of the service mesh.
Dynamic Network Resilience and Fault Tolerance: Capability to dynamically configure network resilience and fault tolerance at runtime, proactively handling failing nodes and preventing localized failures from causing wider disruptions.
Service Mesh Policy Checks: Proficiency in configuring and enforcing service mesh policy checks, ensuring that services adhere to defined security and operational policies.
Workload-to-Workload Communication: Understanding and configuration of workload-to-workload communication, implementing robust authentication and authorization security measures within the service mesh to protect data and resources.
Fault Injection Mechanisms: Proficiency in using fault injection mechanisms to introduce errors and chaos testing into the system, assessing the failure recovery capacity of applications and ensuring they can handle unexpected issues effectively.
In summary, a Red Hat Certified Specialist in Building Resilient Microservices demonstrates an extensive skill set in deploying, configuring, and managing microservices within a Red Hat OpenShift Service Mesh environment. They are equipped to handle various aspects of service mesh operations, from routing and traffic management to security and fault tolerance, ensuring the resilience and reliability of microservices in complex applications.
Is this certification right for you?
The Red Hat Certified Specialist in Building Resilient Microservices exam is designed for:
- Developers who are implementing microservices in the Red Hat OpenShift Platform.
- Architects who are designing microservices for the Red Hat OpenShift Platform.
- Administrators or Developers who are managing service meshes in the Red Hat OpenShift Platform.
Test Your Skills and Knowledge
Red Hat Certified Specialist in Building Resilient Microservices exam (EX328)
The best way to learn is to do
Recommended Preparation: Your Path to Becoming a Red Hat Certified Specialist in API Management
- Build and Administer APIs with Red Hat 3scale API Management (DO240)