Cloud Native DevOps with Kubernetes: Building, Deploying, and Scaling Modern Applications in the Cloud
- Length: 300 pages
- Edition: 1
- Language: English
- Publisher: O'Reilly Media
- Publication Date: 2019-03-07
- ISBN-10: 1492040762
- ISBN-13: 9781492040767
- Sales Rank: #585059 (See Top 100 Books)
While DevOps, cloud, and containers have reshaped the IT landscape over the past five years, Kubernetes has served as de facto operating system of this cloud native world. But with the myriad possibilities Kubernetes provides, developers and operations personnel continue to seek advice on coherent, workable strategies for using this container-orchestration system in a production environment. That’s where this practical guide comes in.
Through the course of the book, authors John Arundel and Justin Domingus show you how to build and develop an example cloud native application with Kubernetes hands-on. You’ll learn to apply each of the concepts—such as authentication or reliability—one at a time to develop a non-trivial, production-ready cloud native application, complete with a development environment and deployment pipeline that you can use for real workloads.
Table of Contents
Chapter 1. Revolution in the cloud
Chapter 2. First steps with Kubernetes
Chapter 3. Getting Kubernetes
Chapter 4. Working with Kubernetes objects
Chapter 5. Managing resources
Chapter 6. Operating clusters
Chapter 7. Kubernetes power tools
Foreword Preface What Will I Learn? Who Is This Book For? What Questions Does This Book Answer? Conventions Used in This Book Using Code Examples O’Reilly Online Learning Platform How to Contact Us Acknowledgments 1. Revolution in the Cloud The Creation of the Cloud Buying Time Infrastructure as a Service The Dawn of DevOps Nobody Understands DevOps The Business Advantage Infrastructure as Code Learning Together The Coming of Containers The State of the Art Thinking Inside the Box Putting Software in Containers Plug and Play Applications Conducting the Container Orchestra Kubernetes From Borg to Kubernetes What Makes Kubernetes So Valuable? Kubernetes makes deployment easy Will Kubernetes Disappear? Kubernetes Doesn’t Do It All Cloud functions and funtainers Cloud Native It’s not just about microservices The Future of Operations Distributed DevOps Some Things Will Remain Centralized Developer Productivity Engineering You Are the Future Summary 2. First Steps with Kubernetes Running Your First Container Installing Docker Desktop What Is Docker? Running a Container Image The Demo Application Looking at the Source Code Introducing Go How the Demo App Works Building a Container Understanding Dockerfiles Minimal Container Images Running docker image build Naming Your Images Port Forwarding Container Registries Authenticating to the Registry Naming and Pushing Your Image Running Your Image Hello, Kubernetes Running the Demo App If the Container Doesn’t Start Minikube Summary 3. Getting Kubernetes Cluster Architecture The Control Plane Node Components High Availability Control plane failure Worker node failure Trust, but verify The Costs of Self-Hosting Kubernetes It’s More Work Than You Think It’s Not Just About the Initial Setup Tools Don’t Do All the Work for You Kubernetes Is Hard Administration Overhead Start with Managed Services Managed Kubernetes Services Google Kubernetes Engine (GKE) High availability Cluster Autoscaling GKE is best-of-breed Amazon Elastic Container Service for Kubernetes (EKS) Azure Kubernetes Service (AKS) OpenShift IBM Cloud Kubernetes Service Heptio Kubernetes Subscription (HKS) Turnkey Kubernetes Solutions Stackpoint Containership Kubernetes Engine (CKE) Kubernetes Installers kops Kubespray TK8 Kubernetes The Hard Way kubeadm Tarmak Rancher Kubernetes Engine (RKE) Puppet Kubernetes Module Kubeformation Buy or Build: Our Recommendations Run Less Software Use Managed Kubernetes if You Can But What About Vendor Lock-in? Use Standard Kubernetes Self-Hosting Tools if You Must When Your Choices Are Limited Bare-Metal and On-Prem Clusterless Container Services Amazon Fargate Azure Container Instances (ACI) Summary 4. Working with Kubernetes Objects Deployments Supervising and Scheduling Restarting Containers Querying Deployments Pods ReplicaSets Maintaining Desired State The Kubernetes Scheduler Resource Manifests in YAML Format Resources Are Data Deployment Manifests Using kubectl apply Service Resources Querying the Cluster with kubectl Taking Resources to the Next Level Helm: A Kubernetes Package Manager Installing Helm Installing a Helm Chart Charts, Repositories, and Releases Listing Helm Releases Summary 5. Managing Resources Understanding Resources Resource Units Resource Requests Resource Limits Keep Your Containers Small Managing the Container Life Cycle Liveness Probes Probe Delay and Frequency Other Types of Probes gRPC Probes Readiness Probes File-Based Readiness Probes minReadySeconds Pod Disruption Budgets minAvailable maxUnavailable Using Namespaces Working with Namespaces What Namespaces Should I Use? Service Addresses Resource Quotas Default Resource Requests and Limits Optimizing Cluster Costs Optimizing Deployments Optimizing Pods Vertical Pod Autoscaler Optimizing Nodes Optimizing Storage Cleaning Up Unused Resources Using owner metadata Finding underutilized resources Cleaning up completed Jobs Checking Spare Capacity Using Reserved Instances Using Preemptible (Spot) Instances Variable price or variable preemption Preemptible nodes can halve your costs Using node affinities to control scheduling Keeping Your Workloads Balanced Summary 6. Operating Clusters Cluster Sizing and Scaling Capacity Planning The smallest cluster The biggest cluster Federated clusters Do I need multiple clusters? Nodes and Instances Picking the right node size Cloud instance types Heterogeneous nodes Bare-metal servers Scaling the Cluster Instance groups Scaling down Autoscaling Conformance Checking CNCF Certification Certified Kubernetes Certified Kubernetes Administrator (CKA) Kubernetes Certified Service Provider (KCSP) Conformance Testing with Sonobuoy Validation and Auditing K8Guard Copper kube-bench Kubernetes Audit Logging Chaos Testing Only Production Is Production chaoskube kube-monkey PowerfulSeal Summary 7. Kubernetes Power Tools Mastering kubectl Shell Aliases Using Short Flags Abbreviating Resource Types Auto-Completing kubectl Commands Getting Help Getting Help on Kubernetes Resources Showing More Detailed Output Working with JSON Data and jq Watching Objects Describing Objects Working with Resources Imperative kubectl Commands When Not to Use Imperative Commands Generating Resource Manifests Exporting Resources Diffing Resources Working with Containers Viewing a Container’s Logs Attaching to a Container Watching Kubernetes Resources with kubespy Forwarding a Container Port Executing Commands on Containers Running Containers for Troubleshooting Using BusyBox Commands Adding BusyBox to Your Containers Installing Programs on a Container Live Debugging with kubesquash Contexts and Namespaces kubectx and kubens kube-ps1 Kubernetes Shells and Tools kube-shell Click kubed-sh Stern Building Your Own Kubernetes Tools Summary 8. Running Containers Containers and Pods What Is a Container? What Belongs in a Container? What Belongs in a Pod? Container Manifests Image Identifiers The latest Tag Container Digests Base Image Tags Ports Resource Requests and Limits Image Pull Policy Environment Variables Container Security Running Containers as a Non-Root User Blocking Root Containers Setting a Read-Only Filesystem Disabling Privilege Escalation Capabilities Pod Security Contexts Pod Security Policies Pod Service Accounts Volumes emptyDir Volumes Persistent Volumes Restart Policies Image Pull Secrets Summary 9. Managing Pods Labels What Are Labels? Selectors More Advanced Selectors Other Uses for Labels Labels and Annotations Node Affinities Hard Affinities Soft Affinities Pod Affinities and Anti-Affinities Keeping Pods Together Keeping Pods Apart Soft Anti-Affinities When to Use Pod Affinities Taints and Tolerations Pod Controllers DaemonSets StatefulSets Jobs Cronjobs Horizontal Pod Autoscalers PodPresets Operators and Custom Resource Definitions (CRDs) Ingress Resources Ingress Rules Terminating TLS with Ingress Using existing TLS certificates Automating LetsEncrypt certificates with Cert-Manager Ingress Controllers Istio Envoy Summary 10. Configuration and Secrets ConfigMaps Creating ConfigMaps Setting Environment Variables from ConfigMaps Setting the Whole Environment from a ConfigMap Using Environment Variables in Command Arguments Creating Config Files from ConfigMaps Updating Pods on a Config Change Kubernetes Secrets Using Secrets as Environment Variables Writing Secrets to Files Reading Secrets base64 Access to Secrets Encryption at Rest Keeping Secrets Secrets Management Strategies Encrypt Secrets in Version Control Store Secrets Remotely Use a Dedicated Secrets Management Tool Recommendations Encrypting Secrets with Sops Introducing Sops Encrypting a File with Sops Using a KMS Backend Summary 11. Security and Backups Access Control and Permissions Managing Access by Cluster Introducing Role-Based Access Control (RBAC) Understanding Roles Binding Roles to Users What Roles Do I Need? Guard Access to Cluster-Admin Applications and Deployment RBAC Troubleshooting Security Scanning Clair Aqua Anchore Engine Backups Do I Need to Back Up Kubernetes? Backing Up etcd Backing Up Resource State Backing Up Cluster State Large and Small Disasters Velero Configuring Velero Creating a Velero backup Restoring data Restore procedures and tests Scheduling Velero backups Other uses for Velero Monitoring Cluster Status kubectl Control plane status Node status Workloads CPU and Memory Utilization Cloud Provider Console Kubernetes Dashboard Weave Scope kube-ops-view node-problem-detector Further Reading Summary 12. Deploying Kubernetes Applications Building Manifests with Helm What’s Inside a Helm Chart? The Chart.yaml file The values.yaml file Helm Templates Interpolating Variables Quoting Values in Templates Specifying Dependencies Deploying Helm Charts Setting Variables Creating a environment variable Specifying Values in a Helm Release Updating an App with Helm Rolling Back to Previous Versions Automatic rollback with helm-monitor Creating a Helm Chart Repo Managing Helm Chart Secrets with Sops Managing Multiple Charts with Helmfile What’s in a Helmfile? Chart Metadata Applying the Helmfile Advanced Manifest Management Tools ksonnet Kapitan kustomize kompose Ansible kubeval Summary 13. Development Workflow Development Tools Skaffold Draft Telepresence Knative Deployment Strategies Rolling Updates Recreate maxSurge and maxUnavailable Blue/Green Deployments Rainbow Deployments Canary Deployments Handling Migrations with Helm Helm Hooks Handling Failed Hooks Other Hooks Chaining Hooks Summary 14. Continuous Deployment in Kubernetes What Is Continuous Deployment? Which CD Tool Should I Use? Jenkins Drone Google Cloud Build Concourse Spinnaker GitLab CI Codefresh Azure Pipelines CD Components Docker Hub Gitkube Flux Keel A CD Pipeline with Cloud Build Setting Up Google Cloud and GKE Forking the Demo Repository Introducing Cloud Build Building the Test Container Running the Tests Building the Application Container Validating the Kubernetes Manifests Publishing the Image Git SHA Tags Creating the First Build Trigger Testing the Trigger Deploying from a CD Pipeline Getting credentials for the Kubernetes cluster Adding an environment tag Deploying to the cluster Creating a Deploy Trigger Optimizing Your Build Pipeline Adapting the Example Pipeline Summary 15. Observability and Monitoring What Is Observability? What Is Monitoring? Black-Box Monitoring Beyond static pages The limits of black-box monitoring What Does “Up” Mean? Nines don’t matter if users aren’t happy Cloud native applications are never up Logging The limits of logging Logs are hard to scale Is logging useful in Kubernetes? Introducing Metrics Metrics help answer the why? question Metrics help predict problems Metrics monitor applications from the inside Tracing Observability Observability is about understanding Software is opaque Building an observability culture The Observability Pipeline Monitoring in Kubernetes External Black-Box Checks Monitoring mimics user behavior Don’t build your own monitoring infrastructure Internal Health Checks Are users happy? Services and circuit breakers Graceful degradation Summary 16. Metrics in Kubernetes What Are Metrics, Really? Time Series Data Counters and Gauges What Can Metrics Tell Us? Choosing Good Metrics Services: The RED Pattern Resources: The USE Pattern Business Metrics Kubernetes Metrics Cluster health metrics Deployment metrics Container metrics Application metrics Runtime metrics Analyzing Metrics What’s Wrong with a Simple Average? Means, Medians, and Outliers Discovering Percentiles Applying Percentiles to Metrics Data We Usually Want to Know the Worst Beyond Percentiles Graphing Metrics with Dashboards Use a Standard Layout for All Services Build an Information Radiator with Master Dashboards Dashboard Things That Break Alerting on Metrics What’s Wrong with Alerts? On-call Should Not Be Hell Urgent, Important, and Actionable Alerts Track Your Alerts, Out-of-Hours Pages, and Wake-ups Metrics Tools and Services Prometheus Google Stackdriver AWS Cloudwatch Azure Monitor Datadog New Relic Summary Afterword Where to Go Next Welcome Aboard Index
Donate to keep this site alive
How to download source code?
1. Go to: https://www.oreilly.com/
2. Search the book title: Cloud Native DevOps with Kubernetes: Building, Deploying, and Scaling Modern Applications in the Cloud
, sometime you may not get the results, please search the main title
3. Click the book title in the search results
3. Publisher resources
section, click Download Example Code
.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.