Cloud Native DevOps with Kubernetes. 2nd Edition - Helion
ebook
Autor: Justin Domingus, John ArundelISBN: 9781098116781
stron: 356, Format: ebook
Data wydania: 2022-03-16
Księgarnia: Helion
Cena książki: 177,65 zł (poprzednio: 206,57 zł)
Oszczędzasz: 14% (-28,92 zł)
Kubernetes has become the operating system of today's cloud native world, providing a reliable and scalable platform for running containerized workloads. In this friendly, pragmatic book, cloud experts Justin Domingus and John Arundel show you what Kubernetes can do-and what you can do with it.
This updated second edition guides you through the growing Kubernetes ecosystem and provides practical solutions to everyday problems with software tools currently in use. You'll walk through an example containerized application running in Kubernetes step-by-step, from the development environment through the continuous deployment pipeline, exploring patterns you can use for your own applications. Make your development teams lean, fast, and effective by adopting Kubernetes and DevOps principles.
- Understand containers and Kubernetes-no experience necessary
- Run your own applications on managed cloud Kubernetes services or on-prem environments
- Design your own cloud native services and infrastructure
- Use Kubernetes to manage resource usage and the container lifecycle
- Optimize clusters for cost, performance, resilience, capacity, and scalability
- Learn the best tools for developing, testing, and deploying your applications
- Apply the latest industry practices for observability and monitoring
- Secure your containers and clusters in production
Osoby które kupowały "Cloud Native DevOps with Kubernetes. 2nd Edition", wybierały także:
- Windows Media Center. Domowe centrum rozrywki 66,67 zł, (8,00 zł -88%)
- Ruby on Rails. Ćwiczenia 18,75 zł, (3,00 zł -84%)
- DevOps w praktyce. Kurs video. Jenkins, Ansible, Terraform i Docker 190,00 zł, (39,90 zł -79%)
- Przywództwo w świecie VUCA. Jak być skutecznym liderem w niepewnym środowisku 58,64 zł, (12,90 zł -78%)
- Scrum. O zwinnym zarządzaniu projektami. Wydanie II rozszerzone 58,64 zł, (12,90 zł -78%)
Spis treści
Cloud Native DevOps with Kubernetes. 2nd Edition eBook -- spis treści
- Foreword to the Second Edition
- Foreword to the First Edition
- Preface
- What Will I Learn?
- Who Is This Book For?
- What Questions Does This Book Answer?
- Conventions Used in This Book
- Using Code Examples
- OReilly Online Learning
- How to Contact Us
- Acknowledgments
- 1. Revolution in the Cloud
- The Creation of the Cloud
- Buying Time
- Infrastructure as a Service
- The Dawn of DevOps
- Improving Feedback Loops
- What Does DevOps Mean?
- Infrastructure as Code
- Learning Together
- The Coming of Containers
- The State of the Art
- Thinking Inside the Box
- Putting Software in Containers
- Plug and Play Applications
- Conducting the Container Orchestra
- Kubernetes
- From Borg to Kubernetes
- Why Kubernetes?
- Kubernetes makes deployment easy
- Will Kubernetes Disappear?
- Kubernetes Is Not a Panacea
- Cloud functions
- Cloud Native
- Its not just about microservices
- The Future of Operations
- Distributed DevOps
- Some Things Will Remain Centralized
- Developer Productivity Engineering
- You Are the Future
- Summary
- The Creation of the Cloud
- 2. First Steps with Kubernetes
- Running Your First Container
- Installing Docker Desktop
- What Is Docker?
- Running a Container Image
- The Demo Application
- Looking at the Source Code
- Introducing Go
- How the Demo App Works
- Building a Container
- Understanding Dockerfiles
- Minimal Container Images
- Running Docker Image Build
- Naming Your Images
- Port Forwarding
- Container Registries
- Authenticating to the Registry
- Naming and Pushing Your Image
- Running Your Image
- Hello, Kubernetes
- Running the Demo App
- If the Container Doesnt Start
- Minikube
- Summary
- Running Your First Container
- 3. Getting Kubernetes
- Cluster Architecture
- The Control Plane
- Node Components
- High Availability
- Control plane failure
- Worker node failure
- Trust, but verify
- The Costs of Self-Hosting Kubernetes
- Its More Work Than You Think
- Its Not Just About the Initial Setup
- Tools Dont Do All the Work for You
- Kubernetes the Hard Way
- Kubernetes Is Hard
- Administration Overhead
- Start with Managed Services
- Managed Kubernetes Services
- Google Kubernetes Engine (GKE)
- Cluster Autoscaling
- Autopilot
- Amazon Elastic Kubernetes Service (EKS)
- Azure Kubernetes Service (AKS)
- IBM Cloud Kubernetes Service
- DigitalOcean Kubernetes
- Kubernetes Installers
- kops
- Kubespray
- kubeadm
- Rancher Kubernetes Engine (RKE)
- Puppet Kubernetes Module
- Buy or Build: Our Recommendations
- Run Less Software
- Use Managed Kubernetes if You Can
- But What About Vendor Lock-in?
- Bare-Metal and On-Prem
- Multicloud Kubernetes Clusters
- VMware Tanzu
- OpenShift
- Anthos
- Use Standard Kubernetes Self-Hosting Tools if You Must
- Clusterless Container Services
- AWS Fargate
- Azure Container Instances (ACI)
- Google Cloud Run
- Summary
- Cluster Architecture
- 4. Working with Kubernetes Objects
- Deployments
- Supervising and Scheduling
- Restarting Containers
- Creating Deployments
- Pods
- ReplicaSets
- Maintaining Desired State
- The Kubernetes Scheduler
- Resource Manifests in YAML Format
- Resources Are Data
- Deployment Manifests
- Using kubectl apply
- Service Resources
- Querying the Cluster with kubectl
- Taking Resources to the Next Level
- Helm: A Kubernetes Package Manager
- Installing Helm
- Installing a Helm Chart
- Charts, Repositories, and Releases
- Listing Helm Releases
- Summary
- Deployments
- 5. Managing Resources
- Understanding Resources
- Resource Units
- Resource Requests
- Resource Limits
- Quality of Service
- Managing the Container Life Cycle
- Liveness Probes
- Probe Delay and Frequency
- Other Types of Probes
- Readiness Probes
- Startup Probes
- gRPC Probes
- File-Based Readiness Probes
- minReadySeconds
- Pod Disruption Budgets
- minAvailable
- maxUnavailable
- Using Namespaces
- Working with Namespaces
- What Namespaces Should I Use?
- Service Addresses
- Resource Quotas
- Default Resource Requests and Limits
- Optimizing Cluster Costs
- Kubecost
- Optimizing Deployments
- Optimizing Pods
- Vertical Pod Autoscaler
- Optimizing Nodes
- Optimizing Storage
- Cleaning Up Unused Resources
- Using owner metadata
- Finding underutilized resources
- Cleaning up completed Jobs
- Checking Spare Capacity
- Using Reserved Instances
- Using Preemptible (Spot) Instances
- Variable price or variable preemption
- Preemptible nodes can halve your costs
- Using node affinities to control scheduling
- Keeping Your Workloads Balanced
- Summary
- Understanding Resources
- 6. Operating Clusters
- Cluster Sizing and Scaling
- Capacity Planning
- The smallest cluster
- K3S
- The biggest cluster
- Federated clusters
- Do I need multiple clusters?
- Nodes and Instances
- Picking the right node size
- Cloud instance types
- Heterogeneous nodes
- Bare-metal servers
- Scaling the Cluster
- Instance groups
- Scaling down
- Autoscaling
- Capacity Planning
- Conformance Checking
- CNCF Certification
- Certified Kubernetes
- Certified Kubernetes Administrator (CKA)
- Kubernetes Certified Service Provider (KCSP)
- Conformance Testing with Sonobuoy
- Kubernetes Audit Logging
- CNCF Certification
- Chaos Testing
- Only Production Is Production
- chaoskube
- kube-monkey
- PowerfulSeal
- Summary
- Cluster Sizing and Scaling
- 7. Kubernetes Power Tools
- Mastering kubectl
- Shell Aliases
- Using Short Flags
- Abbreviating Resource Types
- Auto-Completing kubectl Commands
- Getting Help
- Getting Help on Kubernetes Resources
- Showing More Detailed Output
- Working with JSON Data and jq
- Watching Objects
- Describing Objects
- Working with Resources
- Imperative kubectl Commands
- When Not to Use Imperative Commands
- Generating Resource Manifests
- Exporting Resources
- Diffing Resources
- Working with Containers
- Viewing a Containers Logs
- Attaching to a Container
- Watching Kubernetes Resources with kubespy
- Forwarding a Container Port
- Executing Commands on Containers
- Running Containers for Troubleshooting
- Using BusyBox Commands
- Adding BusyBox to Your Containers
- Installing Programs on a Container
- Contexts and Namespaces
- kubeconfig files
- kubectx and kubens
- kube-ps1
- Kubernetes Shells and Tools
- kube-shell
- Click
- kubed-sh
- Stern
- Kubernetes IDEs
- Lens
- VS Code Kubernetes Extension
- Building Your Own Kubernetes Tools
- Summary
- Mastering kubectl
- 8. Running Containers
- Containers and Pods
- What Is a Container?
- Container Runtimes in Kubernetes
- What Belongs in a Container?
- What Belongs in a Pod?
- Container Manifests
- Image Identifiers
- The latest Tag
- Container Digests
- Base Image Tags
- Ports
- Resource Requests and Limits
- Image Pull Policy
- Environment Variables
- Container Security
- Running Containers as a Non-Root User
- Blocking Root Containers
- Setting a Read-Only Filesystem
- Disabling Privilege Escalation
- Capabilities
- Pod Security Contexts
- Pod Service Accounts
- Volumes
- emptyDir Volumes
- Persistent Volumes
- Restart Policies
- Image Pull Secrets
- Init Containers
- Summary
- Containers and Pods
- 9. Managing Pods
- Labels
- What Are Labels?
- Selectors
- More Advanced Selectors
- Other Uses for Labels
- Labels and Annotations
- Node Affinities
- Hard Affinities
- Soft Affinities
- Pod Affinities and Anti-Affinities
- Keeping Pods Together
- Keeping Pods Apart
- Soft Anti-Affinities
- When to Use Pod Affinities
- Taints and Tolerations
- Pod Controllers
- DaemonSets
- StatefulSets
- Jobs
- CronJobs
- Horizontal Pod Autoscalers
- Autoscaling on a known schedule
- Operators and Custom Resource Definitions (CRDs)
- Ingress
- Ingress Controllers
- Ingress Rules
- Terminating TLS with Ingress
- Automating LetsEncrypt certificates with Cert-Manager
- Service Mesh
- Istio
- Linkerd
- Consul Connect
- NGINX Service Mesh
- Summary
- Labels
- 10. Configuration and Secrets
- ConfigMaps
- Creating ConfigMaps
- Setting Environment Variables from ConfigMaps
- Setting the Whole Environment from a ConfigMap
- Using Environment Variables in Command Arguments
- Creating Config Files from ConfigMaps
- Updating Pods on a Config Change
- Kubernetes Secrets
- Using Secrets as Environment Variables
- Writing Secrets to Files
- Reading Secrets
- base64
- Access to Secrets
- Encryption at Rest
- Keeping Secrets and ConfigMaps
- Secrets Management Strategies
- Encrypt Secrets in Version Control
- Use a Dedicated Secrets Management Tool
- Encrypting Secrets with Sops
- Encrypting a File with Sops
- Using a KMS Backend
- Sealed Secrets
- Summary
- ConfigMaps
- 11. Security, Backups, and Cluster Health
- Access Control and Permissions
- Managing Access by Cluster
- Introducing Role-Based Access Control (RBAC)
- Understanding Roles
- Binding Roles to Users
- What Roles Do I Need?
- Guard Access to cluster-admin
- Applications and Deployment
- RBAC Troubleshooting
- Cluster Security Scanning
- Gatekeeper/OPA
- kube-bench
- Kubescape
- Container Security Scanning
- Clair
- Aqua
- Anchore Engine
- Synk
- Backups
- Do I Need to Back Up Kubernetes?
- Backing Up etcd
- Backing Up Resource State
- Backing Up Cluster State
- Large and Small Disasters
- Velero
- Configuring Velero
- Creating a Velero backup
- Restoring data
- Restore procedures and tests
- Scheduling Velero backups
- Other uses for Velero
- Monitoring Cluster Status
- kubectl
- Control plane status
- Node status
- Workloads
- CPU and Memory Utilization
- Cloud Provider Console
- Kubernetes Dashboard
- Weave Scope
- kube-ops-view
- node-problem-detector
- kubectl
- Further Reading
- Summary
- Access Control and Permissions
- 12. Deploying Kubernetes Applications
- Building Manifests with Helm
- Whats Inside a Helm Chart?
- The Chart.yaml file
- The values.yaml file
- Helm Templates
- Interpolating Variables
- Quoting Values in Templates
- Specifying Dependencies
- Whats Inside a Helm Chart?
- Deploying Helm Charts
- Setting Variables
- Creating an environment variable
- Specifying Values in a Helm Release
- Updating an App with Helm
- Rolling Back to Previous Versions
- Automatic rollback with helm
- Creating a Helm Chart Repo
- Managing Helm Chart Secrets with Sops
- Setting Variables
- Managing Multiple Charts with Helmfile
- Whats in a Helmfile?
- Chart Metadata
- Applying the Helmfile
- Advanced Manifest Management Tools
- kustomize
- Tanka
- Kapitan
- kompose
- Ansible
- kubeval
- Summary
- Building Manifests with Helm
- 13. Development Workflow
- Development Tools
- Skaffold
- Telepresence
- Waypoint
- Knative
- OpenFaaS
- Crossplane
- Deployment Strategies
- Rolling Updates
- Recreate
- maxSurge and maxUnavailable
- Blue/Green Deployments
- Rainbow Deployments
- Canary Deployments
- Handling Migrations with Helm
- Helm Hooks
- Handling Failed Hooks
- Other Hooks
- Chaining Hooks
- Summary
- Development Tools
- 14. Continuous Deployment in Kubernetes
- What Is Continuous Deployment?
- Which CD Tool Should I Use?
- Hosted CI/CD Tools
- Azure Pipelines
- Google Cloud Build
- Codefresh
- GitHub Actions
- GitLab CI
- Self-Hosted CI/CD Tools
- Jenkins
- Drone
- Tekton
- Concourse
- Spinnaker
- Argo
- Keel
- A CI/CD Pipeline with Cloud Build
- Setting Up Google Cloud and GKE
- Forking the Demo Repository
- Create Artifact Registry Container Repository
- Configuring Cloud Build
- Building the Test Container
- Running the Tests
- Building the Application Container
- Substitution Variables
- Git SHA Tags
- Validating the Kubernetes Manifests
- Publishing the Image
- Creating the First Build Trigger
- Testing the Trigger
- Deploying from a CI/CD Pipeline
- Getting credentials for the Kubernetes cluster
- Deploying to the cluster
- Creating a Deploy Trigger
- Adapting the Example Pipeline
- GitOps
- Flux
- Set Up Flux
- Install Flux
- Create a New Deployment Using Flux
- Flux
- Summary
- 15. Observability and Monitoring
- What Is Observability?
- What Is Monitoring?
- Closed-Box Monitoring
- Beyond static pages
- The limits of closed-box monitoring
- What Does Up Mean?
- Nines dont matter if users arent happy
- Cloud native applications are never up
- Logging
- The limits of logging
- Logs are hard to scale
- Is logging useful in Kubernetes?
- Introducing Metrics
- Metrics help answer the why? question
- Metrics help predict problems
- Metrics monitor applications from the inside
- Tracing
- Observability
- Observability is about understanding
- Software is opaque
- Building an observability culture
- The Observability Pipeline
- Monitoring in Kubernetes
- External Closed-Box Checks
- Monitoring mimics user behavior
- Dont build your own monitoring infrastructure
- Internal Health Checks
- Are users happy?
- Services and circuit breakers
- Graceful degradation
- External Closed-Box Checks
- Summary
- What Is Observability?
- 16. Metrics in Kubernetes
- What Are Metrics, Really?
- Time-Series Data
- Counters and Gauges
- What Can Metrics Tell Us?
- Choosing Good Metrics
- Services: The RED Pattern
- Resources: The USE Pattern
- Business Metrics
- Kubernetes Metrics
- Cluster health metrics
- Deployment metrics
- Container metrics
- Application metrics
- Runtime metrics
- Analyzing Metrics
- Whats Wrong with a Simple Average?
- Means, Medians, and Outliers
- Discovering Percentiles
- Applying Percentiles to Metrics Data
- We Usually Want to Know the Worst
- Beyond Percentiles
- Graphing Metrics with Dashboards
- Use a Standard Layout for All Services
- Build an Information Radiator with Primary Dashboards
- Dashboard Things That Break
- Alerting on Metrics
- Whats Wrong with Alerts?
- On-Call Should Not Be Hell
- Urgent, Important, and Actionable Alerts
- Track Your Alerts, Out-of-Hours Pages, and Wake-Ups
- Metrics Tools and Services
- Prometheus
- Google Operations Suite
- AWS CloudWatch
- Azure Monitor
- Datadog
- New Relic
- Summary
- What Are Metrics, Really?
- Afterword
- Where to Go Next
- Second Edition Notes
- Welcome Aboard
- Index