DevOps with Kubernetes电子书

Title Page

Copyright and Credits

DevOps with Kubernetes Second Edition

About Packt

Why subscribe?

Packt.com

Contributors

About the authors

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Introduction to DevOps

Software delivery challenges

Waterfall and static delivery

Agile and digital delivery

Software delivery on the cloud

Continuous integration

Continuous delivery

Configuration management

Infrastructure as code

Orchestration

The microservices trend

Modular programming

Package management

The MVC design pattern

Monolithic applications

Remote procedure call

RESTful design

Microservices

Automation and tools

Continuous integration tools

Configuration management tools

Monitoring and logging tools

Communication tools

The public cloud

Summary

DevOps with Containers

Understanding containers

Resource isolation

Linux containers

Containerized delivery

Getting started with containers

Installing Docker for Ubuntu

Installing Docker for CentOS

Installing Docker for macOS

The life cycle of a container

The basics of Docker

Layers, images, containers, and volumes

Distributing images

Connecting containers

Working with a Dockerfile

Writing your first Dockerfile

The syntax of a Dockerfile

Organizing a Dockerfile

Multi-stage builds

Multi-container orchestration

Piling up containers

An overview of Docker compose

Composing containers

Summary

Getting Started with Kubernetes

Understanding Kubernetes

Kubernetes components

Master components

API server (kube-apiserver)

Controller manager (kube-controller-manager)

etcd

Scheduler (kube-scheduler)

Node components

Kubelet

Proxy (kube-proxy)

Docker

The interaction between the Kubernetes master and nodes

Getting started with Kubernetes

Preparing the environment

kubectl

Kubernetes resources

Kubernetes objects

Namespaces

Name

Label and selector

Annotation

Pods

ReplicaSet

Deployments

Services

ClusterIP

NodePort

LoadBalancer

ExternalName (kube-dns version >= 1.7)

Service without selectors

Volumes

Secrets

Retrieving secrets via files

Retrieving secrets via environment variables

ConfigMap

Using ConfigMap via volume

Using ConfigMap via environment variables

Multi-container orchestration

Summary

Managing Stateful Workloads

Kubernetes volume management

Container volume life cycle

Sharing volume between containers within a pod

Stateless and stateful applications

Kubernetes' persistent volume and dynamic provisioning

Abstracting the volume layer with a persistent volume claim

Dynamic provisioning and StorageClass

Problems with ephemeral and persistent volume settings

Replicating pods with a persistent volume using StatefulSet

Submitting Jobs to Kubernetes

Submitting a single Job to Kubernetes

Submitting a repeatable Job

Submitting a parallel Job

Scheduling running a Job using CronJob

Summary

Cluster Administration and Extension

Kubernetes namespaces

Context

Creating a context

Switching the current context

Kubeconfig

Service account

Authentication and authorization

Authentication

Service account token authentication

User account authentication

Authorization

Role-based access control (RBAC)

Roles and ClusterRoles

RoleBinding and ClusterRoleBinding

Admission control

NamespaceLifecycle

LimitRanger

ServiceAccount

PersistentVolumeLabel

DefaultStorageClass

ResourceQuota

DefaultTolerationSeconds

PodNodeSelector

AlwaysPullImages

DenyEscalatingExec

Other admission controller plugins

Dynamic admission control

Admission webhook

Custom resources

Custom resources definition

Summary

Kubernetes Network

Kubernetes networking

Docker networking

Container-to-container communications

Pod-to-pod communications

Pod communication within the same node

Pod communication across nodes

Pod-to-service communications

External-to-service communications

Ingress

Network policy

Service mesh

Summary

Monitoring and Logging

Inspecting a container

The Kubernetes dashboard

Monitoring in Kubernetes

Monitoring applications

Monitoring infrastructure

Monitoring external dependencies

Monitoring containers

Monitoring Kubernetes

Getting monitoring essentials for Kubernetes

Hands-on monitoring

Getting to know Prometheus

Deploying Prometheus

Working with PromQL

Discovering targets in Kubernetes

Gathering data from Kubernetes

Visualizing metrics with Grafana

Logging events

Patterns of aggregating logs

Collecting logs with a logging agent per node

Running a sidecar container to forward written logs

Ingesting Kubernetes state events

Logging with Fluent Bit and Elasticsearch

Extracting metrics from logs

Incorporating data from Istio

The Istio adapter model

Configuring Istio for existing infrastructure

Mixer templates

Handler adapters

Rules

Summary

Resource Management and Scaling

Scheduling workloads

Optimizing resource utilization

Resource types and allocations

Quality of Service (QoS) classes

Placing pods with constraints

Node selector

Affinity and anti-affinity

Node affinity

Inter-pod affinity

Prioritizing pods in scheduling

Elastically scaling

Horizontal pod autoscaler

Incorporating custom metrics

Managing cluster resources

Resource quotas of namespaces

Creating a ResourceQuota

Request pods with default compute resource limits

Node administration

Pod eviction

Taints and tolerations

Summary

Continuous Delivery

Updating resources

Triggering updates

Managing rollouts

Updating DaemonSet and StatefulSet

DaemonSet

StatefulSet

Building a delivery pipeline

Choosing tools

End-to-end walk-through of the delivery pipeline

The steps explained

env

script

after_success

deploy

Gaining a deeper understanding of pods

Starting a pod

Liveness and readiness probes

Custom readiness gate

init containers

Terminating a pod

Handling SIGTERM

SIGTERM isn't sent to the application process

SIGTERM doesn't invoke the termination handler

Container life cycle hooks

Tackling pod disruptions

Summary

Kubernetes on AWS

Introduction to AWS

Public cloud

API and infrastructure as code

AWS components

VPC and subnet

Internet gateways and NAT-GW

Security group

EC2 and EBS

ELB

Amazon EKS

Deep dive into AWS EKS

Launching the EKS control plane

Adding worker nodes

Cloud provider on EKS

Storage class

Load balancer

Internal load balancer

Internet-facing load balancer

Updating the Kubernetes version on EKS

Upgrading the Kubernetes master

Upgrading worker nodes

Summary

Kubernetes on GCP

Introduction to GCP

GCP components

VPC

Subnets

Firewall rules

VM instances

Load balancing

Health check

Backend service

Creating a LoadBalancer

Persistent Disk

Google Kubernetes Engine (GKE)

Setting up your first Kubernetes cluster on GKE

Node pool

Multi-zone clusters

Cluster upgrade

Kubernetes cloud provider

StorageClass

L4 LoadBalancer

L7 LoadBalancer (ingress)

Summary

Kubernetes on Azure

Introduction to Azure

Resource groups

Azure virtual network

Network security groups

Application security groups

Subnets

Azure virtual machines

Storage account

Load balancers

Azure disks

Azure Kubernetes service

Setting up your first Kubernetes cluster on AKS

Node pools

Cluster upgrade

Monitoring and logging

Kubernetes cloud provider

Role-based access control

StorageClass

L4 LoadBalancer

Ingress controller

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think