About this course
Design and operate applications built for the cloud, using containers, orchestration, and managed services to achieve elasticity, resilience, and cost efficiency.
Course format. Thirteen weeks, four contact hours each: a two-hour lecture (concepts and theory) and a two-hour practice session. The course is project-based; teams carry one running project end to end and present it three times, in weeks 5, 8, and 13.
What you will build
Engineered a cloud-native multi-service platform deployed to Kubernetes with Helm and Istio, provisioned end to end as Terraform infrastructure code, autoscaled under k6 load tests, and instrumented with Prometheus and Grafana to a defined cost budget.
Expected outcomes
- Explain cloud service models, regions, and the shared responsibility model
- Analyze distributed-systems foundations of availability, consistency, and partition tolerance
- Containerize applications and design minimal, reproducible images
- Operate workloads on Kubernetes using Deployments, Services, and Ingress
- Decompose systems into microservices and reason about coupling and resilience
- Provision infrastructure declaratively using infrastructure as code
- Configure autoscaling and load balancing to meet latency and availability targets
- Evaluate cloud cost and the economic trade-offs of elasticity and reservation
- Instrument clusters and services for metrics, logs, and traces
- Justify architectural choices against scalability and reliability requirements
Key topics
- Containers & Kubernetes
- Microservices & service meshes
- Infrastructure as code
- Scalability & cost management
Theoretical foundations
The concepts and results this course rests on.
- CAP theorem and the availability, consistency, partition-tolerance trade-off
- Quorum and eventual-consistency models for replicated state
- Reconciliation and the declarative desired-state control loop
- Process isolation through namespaces and cgroups
- Queueing theory and tail-latency analysis under load
- Autoscaling control theory and capacity versus cost models
- Supply-chain provenance and reproducible-build theory
Prerequisites
This is a Year-3 course. It assumes the mandatory CS core: data structures and algorithms, operating systems, computer networks, databases, software engineering, and the core mathematics (linear algebra, probability and statistics, calculus, discrete mathematics). It additionally requires the specific prior courses listed below.
Course-specific prerequisites:
- Operating systems and computer networks
- Software engineering and a programming language
Weekly schedule 13 weeks · lecture + practice
Foundations
Wk 1
Cloud Computing Foundations
LectureSurvey cloud service models, virtualization, regions, and the CAP theorem framing of distributed trade-offs.
PracticeSet up cloud accounts and tooling, then provision a first managed service and inspect its topology.
ProjectProject repository, cloud account, and a deployed hello-service baseline are established.
Wk 2
Containers and Docker
LectureExamine Linux namespaces and cgroups, image layering, and the theory behind reproducible builds.
PracticeWrite Dockerfiles for the project services and run them locally with volumes and networks.
ProjectCore service is containerized with a clean, layered, reproducible image.
Wk 3
Registries and Image Hygiene
LectureDiscuss supply-chain provenance, image scanning, and the economics of small immutable artifacts.
PracticeTag, scan, and publish project images to a registry and pin reproducible base images.
ProjectVersioned, scanned images are published to a registry for the project.
Orchestration
Wk 4
Kubernetes Architecture
LectureStudy the control plane, reconciliation loops, and the declarative desired-state model.
PracticeDeploy the project to a cluster using Pods, Deployments, and Services.
ProjectProject runs on Kubernetes with declarative manifests under version control.
Wk 5
Specification MilestonePresentation
LectureReview configuration, secrets, and persistent storage abstractions for stateful workloads.
PracticeStudent teams present their project specification: scope, target architecture, scaling goals, and cost budget.
ProjectApproved specification document and cluster configuration plan are delivered.
Wk 6
Networking and Ingress
LectureAnalyze service discovery, the Kubernetes networking model, and ingress routing theory.
PracticeExpose project services through Ingress controllers and apply network policies.
ProjectProject is reachable externally through managed ingress with policy controls.
Microservices
Wk 7
Packaging with Helm
LectureDiscuss templating, configuration drift, and release management for declarative systems.
PracticePackage the project as a versioned Helm chart with environment overrides.
ProjectProject ships as a parameterized, versioned Helm release.
Wk 8
Interim Demo MilestonePresentation
LectureCover microservice decomposition, bounded contexts, and inter-service resilience patterns.
PracticeStudent teams present an interim demo of the running multi-service deployment and discuss design trade-offs.
ProjectWorking multi-service deployment is demonstrated with documented architecture.
Wk 9
Service Meshes
LectureExamine sidecar proxies, mutual TLS, retries, and circuit breaking as reliability mechanisms.
PracticeAdd a service mesh to project traffic with observability and mTLS enabled.
ProjectInter-service traffic is secured and observable through a mesh.
Scale and Cost
Wk 10
Infrastructure as Code
LectureDiscuss declarative provisioning, state management, and idempotency in infrastructure tooling.
PracticeReprovision the project environment from Terraform code with managed state.
ProjectEntire environment is reproducible from versioned infrastructure code.
Wk 11
Autoscaling and Load Balancing
LectureAnalyze horizontal and vertical scaling, queueing theory intuition, and load distribution.
PracticeConfigure autoscaling and load testing to meet defined latency targets.
ProjectProject scales automatically under load within latency objectives.
Wk 12
Observability and Cost
LectureCover metrics, tracing, SLOs, and the cost models of elastic versus reserved capacity.
PracticeAdd dashboards and alerts, then produce a cost analysis with optimization actions.
ProjectObservability stack and a cost optimization report are in place.
Capstone
Wk 13
Final Demo and DefensePresentation
LectureSynthesize cloud-native architecture principles and review the path from container to scaled service.
PracticeStudent teams present the final demo with an oral defense of architecture, scaling, and cost decisions.
ProjectFinal scalable cloud-native system is delivered with documentation and defense.
AI tools in this course.
Students lean on AI assistants to scaffold Dockerfiles and Kubernetes manifests, then refactor them toward smaller, reproducible images and cleaner Helm charts. They use chat-based and editor-integrated tools to draft Terraform modules, generate k6 load scripts, and synthesize realistic test traffic, while connecting agents to kubectl and cloud MCP servers to inspect cluster state and propose fixes. AI also helps interpret Prometheus and Grafana output, summarizing latency and cost data into concrete autoscaling and budget actions. Teams are expected to review every generated manifest critically, since a confidently wrong resource limit or policy can break a live deployment.
Student project
Teams build one cloud-native application and carry it from a single container to a scaled, observable, multi-service deployment on Kubernetes. The system is provisioned entirely as infrastructure code, secured and observed through a service mesh, and tuned for autoscaling within a defined cost budget.
Requirements
- Build a working system, not a set of disconnected exercises.
- Be original: a new system that solves a real problem, not a re-implementation of a tutorial or course demo.
- Show real depth: real data, real users or realistic load, and engineering trade-offs that are measured rather than assumed.
- Carry one running project from specification to a deployed, defensible result across the whole term.
- Work in a team of three or four and defend the design at each of the three presentations (weeks 5, 8, and 13).
Example projects
Image-sharing platformURL shortener with analyticsReal-time chat backendEvent ticketing serviceIoT telemetry ingestionMultiplayer leaderboard APIDocument collaboration serviceFood delivery dispatch system
Assessment & grading
Grading is project-based, with no written exam. Teams of three or four present one running project three times.
| Component | What it covers | Weight |
|---|---|---|
| Project · Specification | Presentation 1 (week 5): problem, objectives, and architecture | 20% |
| Project · Interim | Presentation 2 (week 8): the working system demonstrated live | 30% |
| Project · Final | Presentation 3 (week 13): end-to-end demo with oral defense | 50% |
Tools & platforms
- Docker: build and run application containers
- Kubernetes: orchestrate containerized workloads
- Helm: package and template Kubernetes manifests
- Istio: manage service to service traffic and policy
- Terraform: provision cloud infrastructure as code
- Prometheus: collect cluster and application metrics
- Grafana: visualize metrics and build dashboards
- Amazon Web Services: host managed cloud services
- kubectl: operate clusters from the command line
- Trivy: scan container images for vulnerabilities
- k6: run load and performance tests
Free online courses
Existing free, video-based courses this course can build on, for self-study or as a teaching basis.
- YouTubeDocker Containers and Kubernetes Fundamentals (Full Hands-On Course)
- YouTubeDocker and Kubernetes - Full Course for Beginners
In Hebrew · בעברית
Primary literature
Seminal works to read for graduate-level depth.
References
Books and resources link to an online or publisher page.
- TextbookDesigning Distributed Systems, 2nd Edition: Patterns and Paradigms for Scalable, Reliable Services
- TextbookKubernetes: Up and Running, 3rd Edition
- TextbookBuilding Microservices, 2nd Edition: Designing Fine-Grained Systems
- TextbookTerraform: Up and Running, 3rd Edition: Writing Infrastructure as Code
- TextbookCloud Native Patterns: Designing Change-Tolerant Software
- DocumentationKubernetes Documentation
- DocumentationDocker Documentation
Role in each concentration
| Concentration | Role |
|---|---|
| Intelligent Software Systems | Core · Semester 1 |
| Networking & Cyber Security | Core · Semester 1 |
| AI & Robotics | Elective |
| AI and Quantum Computing for Finance | Core · Semester 1 |
| Immersive Systems & Game Development | Core · Semester 2 |
| Defense Technologies & Autonomous Systems | Elective |