Getting Started with Containerization

Getting Started with Containerization

by Gabriel N. Schenker, Hideto Saito, Hui-Chuan Chloe Lee, Ke-Jou Carol Hsu
Released March 2019
Publisher(s): Packt Publishing
ISBN: 9781838645700

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Choose the smarter way to learn about containerizing your applications and running them in production.

Key Features

  • Deploy and manage highly scalable, containerized applications with Kubernetes
  • Build high-availability Kubernetes clusters
  • Secure your applications via encapsulation, networks, and secrets

Book Description

Kubernetes is an open source orchestration platform for managing containers in a cluster environment. This Learning Path introduces you to the world of containerization, in addition to providing you with an overview of Docker fundamentals. As you progress, you will be able to understand how Kubernetes works with containers. Starting with creating Kubernetes clusters and running applications with proper authentication and authorization, you'll learn how to create high-availability Kubernetes clusters on Amazon Web Services (AWS), and also learn how to use kubeconfig to manage different clusters. Whether it is learning about Docker containers and Docker Compose, or building a continuous delivery pipeline for your application, this Learning Path will equip you with all the right tools and techniques to get started with containerization.

By the end of this Learning Path, you will have gained hands-on experience of working with Docker containers and orchestrators, including SwarmKit and Kubernetes.

This Learning Path includes content from the following Packt products:

  • Kubernetes Cookbook - Second Edition by Hideto Saito, Hui-Chuan Chloe Lee, and Ke-Jou Carol Hsu
  • Learn Docker - Fundamentals of Docker 18.x by Gabriel N. Schenker

What you will learn

  • Build your own container cluster
  • Run a highly distributed application with Docker Swarm or Kubernetes
  • Update or rollback a distributed application with zero downtime
  • Containerize your traditional or microservice-based application
  • Build a continuous delivery pipeline for your application
  • Track metrics and logs for every container in your cluster
  • Implement container orchestration to streamline deploying and managing applications

Who this book is for

This beginner-level Learning Path is designed for system administrators, operations engineers, DevOps engineers, and developers who want to get started with Docker and Kubernetes. Although no prior experience with Docker is required, basic knowledge of Kubernetes and containers will be helpful.

Table of contents

  1. Title Page
  2. Copyright
    1. Getting Started with Containerization
  3. About Packt
    1. Why subscribe?
    2. Packt.com
  4. Contributors
    1. About the authors
    2. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Conventions used
    4. Get in touch
      1. Reviews
  6. What Are Containers and Why Should I Use Them?
    1. Technical requirements
    2. What are containers?
    3. Why are containers important?
    4. What's the benefit for me or for my company?
    5. The Moby project
    6. Docker products
      1. Docker CE
      2. Docker EE
    7. The container ecosystem
    8. Container architecture
    9. Summary
    10. Questions
    11. Further reading
  7. Setting up a Working Environment
    1. Technical requirements
    2. The Linux command shell
    3. PowerShell for Windows
    4. Using a package manager
      1. Installing Homebrew on a Mac
      2. Installing Chocolatey on Windows
    5. Choosing a code editor
    6. Docker Toolbox
    7. Docker for Mac and Docker for Windows
      1. Installing Docker for Mac
      2. Installing Docker for Windows
      3. Using docker-machine on Windows with Hyper-V
    8. Minikube
      1. Installing Minikube on  Mac and Windows
      2. Testing Minikube and kubectl
    9. Summary
    10. Questions
    11. Further reading
  8. Working with Containers
    1. Technical requirements
    2. Running the first container
    3. Starting, stopping, and removing containers
      1. Running a random quotes container
      2. Listing containers
      3. Stopping and starting containers
      4. Removing containers
    4. Inspecting containers
    5. Exec into a running container
    6. Attaching to a running container
    7. Retrieving container logs
      1. Logging drivers
      2. Using a container-specific logging driver
      3. Advanced topic – changing the default logging driver
    8. Anatomy of containers
      1. Architecture
      2. Namespaces
      3. Control groups (cgroups)
      4. Union filesystem (UnionFS)
      5. Container plumbing
        1. Runc
        2. Containerd
    9. Summary
    10. Questions
    11. Further reading
  9. Creating and Managing Container Images
    1. What are images?
      1. The layered filesystem
      2. The writable container layer
      3. Copy-on-write
      4. Graph drivers
    2. Creating images
      1. Interactive image creation
      2. Using Dockerfiles
        1. The FROM keyword
        2. The RUN keyword
        3. The COPY and ADD keywords
        4. The WORKDIR keyword
        5. The CMD and ENTRYPOINT keywords
        6. A complex Dockerfile
        7. Building an image
        8. Multistep builds
        9. Dockerfile best practices
      3. Saving and loading images
    3. Sharing or shipping images
      1. Tagging an image
      2. Image namespaces
      3. Official images
      4. Pushing images to a registry
    4. Summary
    5. Questions
    6. Further reading
  10. Data Volumes and System Management
    1. Technical requirements
    2. Creating and mounting data volumes
      1. Modifying the container layer
      2. Creating volumes
      3. Mounting a volume
      4. Removing volumes
    3. Sharing data between containers
    4. Using host volumes
    5. Defining volumes in images
    6. Obtaining Docker system information
    7. Listing resource consumption
    8. Pruning unused resources
      1. Pruning containers
      2. Pruning images
      3. Pruning volumes
      4. Pruning networks
      5. Pruning everything
    9. Consuming Docker system events
    10. Summary
    11. Questions
    12. Further reading
  11. Distributed Application Architecture
    1. What is a distributed application architecture?
      1. Defining the terminology
    2. Patterns and best practices
      1. Loosely coupled components
      2. Stateful versus stateless
      3. Service discovery
      4. Routing
      5. Load balancing
      6. Defensive programming
        1. Retries
        2. Logging
        3. Error handling
      7. Redundancy
      8. Health checks
      9. Circuit breaker pattern
    3. Running in production
      1. Logging
      2. Tracing
      3. Monitoring
      4. Application updates
        1. Rolling updates
        2. Blue-green deployments
        3. Canary releases
        4. Irreversible data changes
        5. Rollback
    4. Summary
    5. Questions
    6. Further reading
  12. Single-Host Networking
    1. Technical requirements
    2. The container network model
    3. Network firewalling
    4. The bridge network
    5. The host network
    6. The null network
    7. Running in an existing network namespace
    8. Port management
    9. Summary
    10. Questions
    11. Further reading
  13. Docker Compose
    1. Demystifying declarative versus imperative
    2. Running a multi-service app
    3. Scaling a service
    4. Building and pushing an application
    5. Summary
    6. Questions
    7. Further reading
  14. Orchestrators
    1. What are orchestrators and why do we need them?
    2. The tasks of an orchestrator
      1. Reconciling the desired state
      2. Replicated and global services
      3. Service discovery
      4. Routing
      5. Load balancing
      6. Scaling
      7. Self-healing
      8. Zero downtime deployments
      9. Affinity and location awareness
      10. Security
        1. Secure communication and cryptographic node identity
        2. Secure networks and network policies
        3. Role-based access control (RBAC)
        4. Secrets
        5. Content trust
        6. Reverse uptime
      11. Introspection
    3. Overview of popular orchestrators
      1. Kubernetes
      2. Docker Swarm
      3. Apache Mesos and Marathon
      4. Amazon ECS
      5. Microsoft ACS 
    4. Summary
    5. Questions
    6. Further reading
  15. Introduction to Docker Swarm
    1. Architecture
    2. Swarm nodes
      1. Swarm managers
      2. Swarm workers  
    3. Stacks, services, and tasks
      1. Services
      2. Task
      3. Stack
    4. Multi-host networking
    5. Creating a Docker Swarm
      1. Creating a local single node swarm
      2. Creating a local swarm in VirtualBox or Hyper-V
      3. Using Play with Docker (PWD) to generate a Swarm
      4. Creating a Docker Swarm in the cloud
    6. Deploying a first application
      1. Creating a service
      2. Inspecting the service and its tasks
      3. Logs of a service
      4. Reconciling the desired state
      5. Deleting a service or a stack
      6. Deploying a multi-service stack
    7. The swarm routing mesh
    8. Summary
    9. Questions
    10. Further reading
  16. Zero Downtime Deployments and Secrets
    1. Zero downtime deployment
      1. Popular deployment strategies
      2. Rolling updates
      3. Health checks
      4. Rollback
      5. Blue–green deployments
      6. Canary releases
    2. Secrets
      1. Creating secrets
      2. Using a secret
      3. Simulating secrets in a development environment
      4. Secrets and legacy applications
      5. Updating secrets
    3. Summary
    4. Questions
    5. Further reading
  17. Building Your Own Kubernetes Cluster
    1. Introduction
    2. Exploring the Kubernetes architecture
      1. Getting ready
      2. How to do it...
        1. Kubernetes master
        2. API server (kube-apiserver)
        3. Scheduler (kube-scheduler)
        4. Controller manager (kube-controller-manager)
        5. Command-line interface (kubectl)
        6. Kubernetes node
        7. kubelet
        8. Proxy (kube-proxy)
      3. How it works...
        1. etcd
        2. Kubernetes network
      4. See also
    3. Setting up the Kubernetes cluster on macOS by minikube
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    4. Setting up the Kubernetes cluster on Windows by minikube
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    5. Setting up the Kubernetes cluster on Linux via kubeadm
      1. Getting ready
      2. How to do it...
        1. Package installation
          1. Ubuntu
          2. CentOS
        2. System configuration prerequisites
          1. CentOS system settings
        3. Booting up the service
        4. Network configurations for containers
        5. Getting a node involved
      3. How it works...
      4. See also
    6. Setting up the Kubernetes cluster on Linux via Ansible (kubespray)
      1. Getting ready
        1. Installing pip
        2. Installing Ansible
        3. Installing python-netaddr
        4. Setting up ssh public key authentication
      2. How to do it...
        1. Maintaining the Ansible inventory
        2. Running the Ansible ad hoc command to test your environment
        3. Ansible troubleshooting
          1. Need to specify a sudo password
          2. Need to specify different ssh logon user
          3. Need to change ssh port
          4. Common ansible issue
      3. How it works...
      4. See also
    7. Running your first container in Kubernetes
      1. Getting ready
      2. How to do it...
        1. Running a HTTP server (nginx)
        2. Exposing the port for external access
        3. Stopping the application
      3. How it works…
      4. See also
  18. Walking through Kubernetes Concepts
    1. Introduction
    2. An overview of Kubernetes
    3. Linking Pods and containers
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    4. Managing Pods with ReplicaSets 
      1. Getting ready
      2. How to do it...
        1. Creating a ReplicaSet
        2. Getting the details of a ReplicaSet
        3. Changing the configuration of a ReplicaSet
        4. Deleting a ReplicaSet
      3. How it works...
      4. There's more...
      5. See also
    5. Deployment API
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Using kubectl set to update the container image
        2. Updating the YAML and using kubectl apply
      4. See also
    6. Working with Services
      1. Getting ready
      2. How to do it...
        1. Creating a Service for different resources
          1. Creating a Service for a Pod
          2. Creating a Service for a Deployment with an external IP
          3. Creating a Service for an Endpoint without a selector
          4. Creating a Service for another Service with session affinity
        2. Deleting a Service
      3. How it works...
      4. There's more...
      5. See also
    7. Working with volumes
      1. Getting ready
      2. How to do it...
        1. emptyDir
        2. hostPath
        3. NFS
        4. glusterfs
        5. downwardAPI
        6. gitRepo
      3. There's more...
        1. PersistentVolumes
        2. Using storage classes
          1. gcePersistentDisk
          2. awsElasticBlockStore
      4. See also
    8. Working with Secrets
      1. Getting ready
      2. How to do it...
        1. Creating a Secret
          1. Working with kubectl create command line
          2. From a file
          3. From a directory
          4. From a literal value
          5. Via configuration file
        2. Using Secrets in Pods
          1. By environment variables
          2. By volumes
        3. Deleting a Secret                                   
      3. How it works...
      4. There's more...
        1. Using ConfigMaps
        2. Mounting Secrets and ConfigMap in the same volume
    9. Working with names
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. See also
    10. Working with Namespaces
      1. Getting ready
      2. How to do it...
        1. Creating a Namespace
        2. Changing the default Namespace
        3. Deleting a Namespace
      3. How it works…
      4. There's more...
        1. Creating a LimitRange
        2. Deleting a LimitRange
      5. See also
    11. Working with labels and selectors
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Equality-based label selector
        2. Set-based label selector
      4. There's more...
        1. Linking Service to Pods or ReplicaSets using label selectors
        2. Linking Deployment to ReplicaSet using the set-based selector
      5. See also
  19. Playing with Containers
    1. Introduction
    2. Scaling your containers
      1. Getting ready
      2. How to do it...
        1. Scale up and down manually with the kubectl scale command
        2. Horizontal Pod Autoscaler (HPA)
      3. How it works...
      4. There is more…
      5. See also
    3. Updating live containers
      1. Getting ready
      2. How to do it...
        1. Deployment update strategy – rolling-update
        2. Rollback the update
        3. Deployment update strategy – recreate
      3. How it works...
      4. There's more...
      5. See also
    4. Forwarding container ports
      1. Getting ready
      2. How to do it...
        1. Container-to-container communication
        2. Pod-to-Pod communication
          1. Working with NetworkPolicy
        3. Pod-to-Service communication
        4. External-to-internal communication
          1. Working with Ingress
      3. There's more...
      4. See also
    5. Ensuring flexible usage of your containers
      1. Getting ready
      2. How to do it...
        1. Pod as DaemonSets
        2. Running a stateful Pod
      3. How it works...
        1. Pod recovery by DaemonSets
        2. Pod recovery by StatefulSet
      4. There's more...
      5. See also
    6. Submitting Jobs on Kubernetes
      1. Getting ready
      2. How to do it...
        1. Pod as a single Job
        2. Create a repeatable Job
        3. Create a parallel Job
        4. Schedule to run Job using CronJob
      3. How it works...
      4. See also
    7. Working with configuration files
      1. Getting ready
        1. YAML
        2. JSON
      2. How to do it...
      3. How it works...
        1. Pod
        2. Deployment
        3. Service
      4. See also
  20. Building High-Availability Clusters
    1. Introduction
    2. Clustering etcd 
      1. Getting ready
      2. How to do it...
        1. Static mechanism
        2. Discovery  mechanism
        3. kubeadm
        4. kubespray
        5. Kops
    3. Building multiple masters
      1. Getting ready
      2. How to do it...
        1. Setting up the first master
        2. Setting up the other master with existing certifications
        3. Adding nodes in a HA cluster
      3. How it works...
      4. See also
  21. Building Continuous Delivery Pipelines
    1. Introduction
    2. Moving monolithic to microservices
      1. Getting ready
      2. How to do it...
        1. Microservices
        2. Frontend WebUI
      3. How it works...
        1. Microservices
        2. Frontend WebUI
    3. Working with the private Docker registry
      1. Getting ready
        1. Using Kubernetes to run a Docker registry server
        2. Using Amazon elastic container registry
        3. Using Google cloud registry
      2. How to do it...
        1. Launching a private registry server using Kubernetes
          1. Creating a self-signed SSL certificate
          2. Creating HTTP secret
          3. Creating the HTTP basic authentication file
          4. Creating a Kubernetes secret to store security files
          5. Configuring a private registry to load a Kubernetes secret
        2. Create a repository on the AWS elastic container registry
        3. Determining your repository URL on Google container registry
      3. How it works...
        1. Push and pull an image from your private registry
        2. Push and pull an image from Amazon ECR
        3. Push and pull an image from Google cloud registry
          1. Using gcloud to wrap the Docker command
          2. Using the GCP service account to grant a long-lived credential
    4. Integrating with Jenkins
      1. Getting ready
      2. How to do it...
        1. Setting up a custom Jenkins image
        2. Setting up Kubernetes service account and ClusterRole
        3. Launching the Jenkins server via Kubernetes deployment
      3. How it works...
        1. Using Jenkins to build a Docker image
        2. Deploying the latest container image to Kubernetes
  22. Building Kubernetes on AWS
    1. Introduction
    2. Playing with Amazon Web Services
      1. Getting ready
        1. Creating an IAM user
        2. Installing AWS CLI on macOS
        3. Installing AWS CLI on Windows
      2. How to do it...
      3. How it works...
        1. Creating VPC and Subnets
        2. Internet gateway
        3. NAT-GW
        4. Security group
        5. EC2
    3. Setting up Kubernetes with kops
      1. Getting ready
      2. How to do it...
      3. How it works...
        1. Working with kops-built AWS cluster
        2. Deleting kops-built AWS cluster
      4. See also
    4. Using AWS as Kubernetes Cloud Provider
      1. Getting ready
      2. How to do it...
        1. Elastic load balancer as LoadBalancer service
        2. Elastic Block Store as StorageClass
      3. There's more...
    5. Managing Kubernetes cluster on AWS by kops
      1. Getting ready
      2. How to do it...
        1. Modifying and resizing instance groups
          1. Updating nodes
          2. Updating masters
        2. Upgrading a cluster
      3. There's more...
      4. See also
  23. Advanced Cluster Administration
    1. Introduction
    2. Advanced settings in kubeconfig
      1. Getting ready
      2. How to do it...
        1. Setting new credentials
        2. Setting new clusters
        3. Setting contexts and changing current-context
        4. Cleaning up kubeconfig
      3. There's more...
      4. See also
    3. Setting resources in nodes
      1. Getting ready
      2. How to do it...
        1. Configuring a BestEffort pod
        2. Configuring a Guaranteed pod
        3. Configuring a Burstable pod
      3. How it works...
      4. See also
    4. Playing with WebUI
      1. Getting ready
      2. How to do it...
        1. Relying on the dashboard created by minikube
        2. Creating a dashboard manually on a system using other booting tools
      3. How it works...
        1. Browsing your resource by dashboard
        2. Deploying resources by dashboard
        3. Removing resources by dashboard
      4. See also
    5. Working with the RESTful API
      1. Getting ready
      2. How to do it...
      3. How it works...
      4. There's more...
      5. See also
    6. Working with Kubernetes DNS
      1. Getting ready
      2. How to do it...
        1. DNS for pod
        2. DNS for Kubernetes Service
        3. DNS for StatefulSet
      3. How it works...
        1. Headless service when pods scale out
      4. See also
    7. Authentication and authorization
      1. Getting ready
      2. How to do it...
        1. Authentication
          1. Service account token authentication
          2. X509 client certs
          3. OpenID connect tokens
        2. Authorization
          1. Role and RoleBinding
          2. ClusterRole and ClusterRoleBinding
          3. Role-based access control (RBAC)
        3. Admission control
          1. NamespaceLifecycle
          2. LimitRanger
          3. ServiceAccount
          4. PersistentVolumeLabel (deprecated from v1.8)
          5. DefaultStorageClass
          6. DefaultTolerationSeconds
          7. ResourceQuota
          8. DenyEscalatingExec
          9. AlwaysPullImages
      3. There's more…
        1. Initializers (alpha)
        2. Webhook admission controllers (beta in v1.9)
      4. See also
  24. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Getting Started with Containerization
  • Author(s): Gabriel N. Schenker, Hideto Saito, Hui-Chuan Chloe Lee, Ke-Jou Carol Hsu
  • Release date: March 2019
  • Publisher(s): Packt Publishing
  • ISBN: 9781838645700