Modern DevOps Practices: Implement and secure DevOps in the public cloud with cutting-edge tools, tips, tricks, and techniques
- Length: 530 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2021-09-13
- ISBN-10: 1800562381
- ISBN-13: 9781800562387
- Sales Rank: #3301594 (See Top 100 Books)
Enhance DevOps workflows by integrating the functionalities of Docker, Kubernetes, Spinnaker, Ansible, Terraform, Flux CD, CaaS, and more with the help of practical examples and expert tips
Key Features
- Get up and running with containerization-as-a-service and infrastructure automation in the public cloud
- Learn container security techniques and secret management with Cloud KMS, Anchore Grype, and Grafeas Kritis
- Leverage the combination of DevOps, GitOps, and automation to continuously ship a package of software
Book Description
Containers have entirely changed how developers and end-users see applications as a whole. With this book, you’ll learn all about containers, their architecture and benefits, and how to implement them within your development lifecycle.
You’ll discover how you can transition from the traditional world of virtual machines and adopt modern ways of using DevOps to ship a package of software continuously. Starting with a quick refresher on the core concepts of containers, you’ll move on to study the architectural concepts to implement modern ways of application development. You’ll cover topics around Docker, Kubernetes, Ansible, Terraform, Packer, and other similar tools that will help you to build a base. As you advance, the book covers the core elements of cloud integration (AWS ECS, GKE, and other CaaS services), continuous integration, and continuous delivery (GitHub actions, Jenkins, and Spinnaker) to help you understand the essence of container management and delivery. The later sections of the book will take you through container pipeline security and GitOps (Flux CD and Terraform).
By the end of this DevOps book, you’ll have learned best practices for automating your development lifecycle and making the most of containers, infrastructure automation, and CaaS, and be ready to develop applications using modern tools and techniques.
What you will learn
- Become well-versed with AWS ECS, Google Cloud Run, and Knative
- Discover how to build and manage secure Docker images efficiently
- Understand continuous integration with Jenkins on Kubernetes and GitHub actions
- Get to grips with using Spinnaker for continuous deployment/delivery
- Manage immutable infrastructure on the cloud with Packer, Terraform, and Ansible
- Explore the world of GitOps with GitHub actions, Terraform, and Flux CD
Who this book is for
If you are a software engineer, system administrator, or operations engineer looking to step into the world of DevOps within public cloud platforms, this book is for you. Existing DevOps engineers will also find this book useful as it covers best practices, tips, and tricks to implement DevOps with a cloud-native mindset. Although no containerization experience is necessary, a basic understanding of the software development life cycle and delivery will help you get the most out of the book.
Table of Contents
- The Move to Containers
- Containerization with Docker
- Creating and Managing Container Images
- Container Orchestration with Kubernetes – Part I
- Container Orchestration with Kubernetes – Part II
- Infrastructure as Code (IaC) with Terraform
- Configuration Management with Ansible
- IaC and Config Management in Action
- Serverless – Container as a Service
- Continuous Integration
- Continuous Deployment/Delivery with Spinnaker
- Securing the Deployment Pipeline
- Understanding DevOps with GitOps
- CI/CD Pipeline with GitOps
Modern DevOps Practices Contributors About the author About the reviewer Preface Who this book is for What this book covers To get the most out of this book Download the color images Conventions used Get in touch Section 1: Container Fundamentals and Best Practices Chapter 1: The Move to Containers The need for containers The matrix of hell Virtual machines Containers It works on my machine Container architecture Container networking Modern DevOps versus traditional DevOps Containers and modern DevOps practices Migrating from virtual machines to containers Discovery Application requirement assessment Container infrastructure design Containerizing the application Testing Deployment and rollout What applications should go in containers? Breaking the applications into smaller pieces Are we there yet? Summary Questions Answers Chapter 2: Containerization with Docker Technical requirements Installing tools Installing Git Installing vim Installing Docker Introducing Docker storage drivers and volumes Docker data storage options Mounting volumes Docker storage drivers Configuring a storage driver Running your first container Running containers from versioned images Running Docker containers in the background Troubleshooting containers Putting it all together Restarting and removing containers Docker logging and logging drivers Container log management Logging drivers Configuring logging drivers Typical challenges and best practices with Docker logging Docker monitoring with Prometheus Challenges with container monitoring Installing Prometheus Configuring cAdvisor and the node exporter to expose metrics Configuring Prometheus to scrape metrics Launching a sample container application Metrics to monitor Declarative container management with Docker Compose Installing Docker Compose Deploying a sample application with Docker Compose Creating the docker-compose file Docker Compose best practices Summary Questions Answers Chapter 3: Creating and Managing Container Images Technical requirements Docker architecture Understanding Docker images The layered filesystem Image history Understanding Dockerfiles, components, and directives Can we use ENTRYPOINT instead of CMD? Are RUN and CMD the same? Building our first container Building and managing Docker images Single-stage builds Multi-stage builds Managing Docker images Flattening Docker images Optimizing containers with distroless images Performance Security Cost Understanding Docker registries Hosting your private Docker registry Other public registries Summary Questions Answers Chapter 4: Container Orchestration with Kubernetes – Part I Technical requirements What is Kubernetes and why do I need it? Kubernetes architecture Installing Kubernetes (Minikube and KinD) Installing Minikube Installing KinD Understanding Kubernetes pods Using port forwarding Troubleshooting pods Ensuring pod reliability Pod multi-container design patterns Summary Questions Answers Chapter 5: Container Orchestration with Kubernetes – Part II Technical requirements Spinning up Google Kubernetes Engine Kubernetes Deployments ReplicaSet resource Deployment resource Kubernetes Deployment strategies Kubernetes Services and Ingresses ClusterIP Services NodePort services LoadBalancer services Ingress resources Horizontal Pod autoscaling Managing stateful applications StatefulSet resource Managing persistent volumes Kubernetes command-line best practices Using alias Using kubectl bash autocompletion Summary Questions Answers Section 2: Delivering Containers Chapter 6: Infrastructure as Code (IaC) with Terraform Technical requirements Introduction to IaC Installing Terraform Terraform providers Authentication and authorization with Azure Using the Azure Terraform provider Terraform variables Providing variable values Terraform workflow terraform init Creating the first resource – Azure resource group terraform fmt terraform validate terraform plan terraform apply terraform destroy terraform state Using the Azure Storage backend Terraform workspaces Inspecting resources Inspecting state files Cleaning up Terraform output, state, console, and graphs terraform output Managing Terraform state terraform console Terraform dependencies and graph Cleaning up resources Summary Questions Answers Chapter 7: Configuration Management with Ansible Technical requirements Introduction to config management Setting up Ansible Setting up inventory Installing Ansible in the control node Connecting the Ansible control node with inventory servers Setting up an inventory file Setting up the Ansible configuration file Ansible tasks and modules Introduction to Ansible playbooks Checking playbook syntax Applying the first playbook Ansible playbooks in action Updating packages and repositories Installing application packages and services Configuring applications Combining the playbooks Executing the playbooks Designing for reusability Ansible variables Sourcing variable values Jinja2 templates Ansible roles Summary Questions Answers Chapter 8: IaC and Config Management in Action Technical requirements Immutable infrastructure with Hashicorp's Packer When to use immutable infrastructure Installing Packer Creating the Apache and MySQL playbooks Building the Apache and MySQL images using Packer and Ansible provisioners Prerequisites Defining the Packer configuration Creating the required infrastructure with Terraform Summary Questions Answers Chapter 9: Containers as a Service (CaaS) and Serverless Computing for Containers Technical requirements The need for serverless offerings Amazon ECS with EC2 and Fargate ECS architecture Installing the AWS and ECS CLIs Spinning up an ECS cluster Creating task definitions Scheduling EC2 tasks on ECS Scaling tasks Querying container logs from CloudWatch Stopping tasks Scheduling Fargate tasks on ECS Scheduling services on ECS Browsing container logs using the ECS CLI Deleting an ECS service Load balancing containers running on ECS Other CaaS products Open source CaaS with Knative Knative architecture Spinning up Google Kubernetes Engine Installing Knative Deploying a Python Flask app on Knative Load testing your app on Knative Summary Questions Answers Chapter 10: Continuous Integration Technical requirements The importance of automation Building a CI pipeline with GitHub Actions Creating a GitHub repository Creating a GitHub Actions workflow Scalable Jenkins on Kubernetes with Kaniko Spinning up Google Kubernetes Engine Installing Jenkins Connecting Jenkins with the cluster Running our first Jenkins job Automating a build with triggers CI with AWS Code Commit and Code Build Creating an AWS Code Commit repository Creating an AWS Code Build job Build performance best practices Aim for faster builds Always use post-commit triggers Configure build reporting Customize the build server size Ensure that your builds only contain what you need Summary Questions Answers Chapter 11: Continuous Deployment/Delivery with Spinnaker Technical requirements Importance of Continuous Deployment and automation Continuous deployment models and tools Simple deployment model Complex deployment models Introduction to Spinnaker Setting up Spinnaker Spinning up Google Kubernetes Engine Setting up service accounts and permissions Creating a halyard host VM Installing halyard Setting up the required credentials Setting up the Spinnaker configuration Deploying Spinnaker Deploying a sample application using a Spinnaker pipeline Creating a deployment manifest Creating a Spinnaker application Creating a Spinnaker pipeline Testing the pipeline Summary Questions Answers Chapter 12: Securing the Deployment Pipeline Technical requirements Securing CI/CD pipelines Managing secrets Sample application Creating a Secret manifest Creating a Cloud KMS secret Accessing the secret and deploying the application Container vulnerability scanning Installing Anchore Grype Scanning images Binary authorization Setting up binary authorization Creating a default binary authorization policy Attesting images Security of modern DevOps pipelines Adopt a DevSecOps culture Establish access control Implement shift left Manage security risks consistently Implement vulnerability scanning Automate security Summary Questions Answers Section 3: Modern DevOps with GitOps Chapter 13: Understanding DevOps with GitOps Technical requirements What is GitOps? The principles of GitOps Why GitOps? The branching strategy and GitOps workflow The push model The pull model Structuring the Git repository Declarative infrastructure and config management Summary Questions Answers Chapter 14: CI/CD Pipelines with GitOps Technical requirements Continuous integration with GitHub Actions Creating an application repository on GitHub Creating a GitHub Actions workflow Release gating with pull requests Continuous deployment with Flux CD Introduction to Flux CD Installing Flux CD Managing sensitive configuration and Secrets Installing the Sealed Secrets operator Installing kubeseal Creating Sealed Secrets Summary Questions Answers Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share your thoughts
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Modern DevOps Practices: Implement and secure DevOps in the public cloud with cutting-edge tools, tips, tricks, and techniques
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.