Book description
Leverage Kubernetes and container architecture to successfully run production-ready workloads
Key Features
- Implement Kubernetes to orchestrate and scale applications proficiently
- Leverage the latest features of Kubernetes to resolve common as well as complex problems in a cloud-native environment
- Gain hands-on experience in securing, monitoring, and troubleshooting your application
Book Description
Kubernetes is a popular open source orchestration platform for managing containers in a cluster environment. With this Kubernetes cookbook, you'll learn how to implement Kubernetes using a recipe-based approach. The book will prepare you to create highly available Kubernetes clusters on multiple clouds such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, Alibaba, and on-premises data centers.
Starting with recipes for installing and configuring Kubernetes instances, you'll discover how to work with Kubernetes clients, services, and key metadata. You'll then learn how to build continuous integration/continuous delivery (CI/CD) pipelines for your applications, and understand various methods to manage containers. As you advance, you'll delve into Kubernetes' integration with Docker and Jenkins, and even perform a batch process and configure data volumes. You'll get to grips with methods for scaling, security, monitoring, logging, and troubleshooting. Additionally, this book will take you through the latest updates in Kubernetes, including volume snapshots, creating high availability clusters with kops, running workload operators, new inclusions around kubectl and more.
By the end of this book, you'll have developed the skills required to implement Kubernetes in production and manage containers proficiently.
What you will learn
- Deploy cloud-native applications on Kubernetes
- Automate testing in the DevOps workflow
- Discover and troubleshoot common storage issues
- Dynamically scale containerized services to manage fluctuating traffic needs
- Understand how to monitor your containerized DevOps environment
- Build DevSecOps into CI/CD pipelines
Who this book is for
This Kubernetes book is for developers, IT professionals, and DevOps engineers and teams who want to use Kubernetes to manage, scale, and orchestrate applications in their organization. Basic understanding of Kubernetes and containerization is necessary.
Table of contents
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Contributors
- Preface
-
Building Production-Ready Kubernetes Clusters
- Technical requirements
- Configuring a Kubernetes cluster on Amazon Web Services
- Getting ready
- How to do it…
- Installing the command-line tools to configure AWS services
- Installing kops to provision a Kubernetes cluster
- Provisioning a Kubernetes cluster on Amazon EC2
- Provisioning a managed Kubernetes cluster on Amazon EKS
- How it works...
- There's more…
- Using the AWS Shell
- Using a gossip-based cluster
- Using different regions for an S3 bucket
- Editing the cluster configuration
- Deleting your cluster
- Provisioning an EKS cluster using the Amazon EKS Management Console
- Deploying Kubernetes Dashboard
- See also
- Configuring a Kubernetes cluster on Google Cloud Platform
- Getting ready
- How to do it…
- Installing the command-line tools to configure GCP services
- Provisioning a managed Kubernetes cluster on GKE
- Connecting to Google Kubernetes Engine (GKE) clusters
- How it works…
- There's more…
- Using Google Cloud Shell
- Deploying with a custom network configuration
- Deleting your cluster
- Viewing the Workloads dashboard
- See also
- Configuring a Kubernetes cluster on Microsoft Azure
- Getting ready
- How to do it…
- Installing the command-line tools to configure Azure services
- Provisioning a managed Kubernetes cluster on AKS
- Connecting to AKS clusters
- How it works…
- There's more…
- Deleting your cluster
- Viewing Kubernetes Dashboard
- See also
- Configuring a Kubernetes cluster on Alibaba Cloud
- Getting ready
- How to do it…
- Installing the command-line tools to configure Alibaba Cloud services
- Provisioning a highly available Kubernetes cluster on Alibaba Cloud
- Connecting to Alibaba Container Service clusters
- How it works…
- There's more…
- Configuring and managing Kubernetes clusters with Rancher
- Getting ready
- How to do it…
- Installing Rancher Server
- Deploying a Kubernetes cluster
- Importing an existing cluster
- Enabling cluster and node providers
- How it works…
- There's more…
- Bind mounting a host volume to keep data
- Keeping user volumes persistent
- Running Rancher on the same Kubernetes nodes
- See also
- Configuring Red Hat OpenShift
- Getting ready
- How to do it…
- Downloading OpenShift binaries
- Provisioning an OpenShift cluster
- Connecting to OpenShift clusters
- How it works…
- There's more…
- Deleting your cluster
- See also
- Configuring a Kubernetes cluster using Ansible
- Getting ready
- How to do it…
- Installing Ansible
- Provisioning a Kubernetes cluster using an Ansible playbook
- Connecting to the Kubernetes cluster
- See also
- Troubleshooting installation issues
- How to do it…
- How it works…
- There's more…
- Setting log levels
- See also
-
Operating Applications on Kubernetes
- Technical requirements
- Deploying workloads using YAML files
- Getting ready
- How to do it…
- Creating a Deployment
- Verifying a Deployment
- Editing a Deployment
- Rolling back a deployment
- Deleting a Deployment
- How it works...
- See also
- Deploying workloads using Kustomize
- Getting ready
- How to do it…
- Validating the Kubernetes cluster version
- Generating Kubernetes resources from files
- Creating a base for a development and production Deployment
- How it works...
- See also
- Deploying workloads using Helm charts
- Getting ready
- How to do it…
- Installing Helm 2.x
- Installing an application using Helm charts
- Searching for an application in Helm repositories
- Upgrading an application using Helm
- Rolling back an application using Helm
- Deleting an application using Helm
- Adding new Helm repositories
- Building a Helm chart
- How it works...
- See also
- Deploying and operating applications using Kubernetes operators
- Getting ready
- How to do it…
- Installing KUDO and the KUDO kubectl plugin
- Installing the Apache Kafka Operator using KUDO
- Installing Operator Lifecycle Manager
- Installing the Zalando PostgreSQL Operator
- See also
- Deploying and managing the life cycle of Jenkins X
- Getting ready
- How to do it...
- Installing the Jenkins X CLI
- Creating a Jenkins X Kubernetes cluster
- Verifying Jenkins X components
- Switching Kubernetes clusters
- Validating cluster conformance
- How it works...
- There's more…
- Importing an application
- Upgrading a Jenkins X application
- Deleting a Jenkins X Kubernetes cluster
- See also
- Deploying and managing the life cycle of GitLab
- Getting ready
- How to do it...
- Installing GitLab using Helm
- Connecting to the GitLab dashboard
- Creating the first GitLab user
- Upgrading GitLab
- How it works...
- There's more…
- Using your own wildcard certificate
- Using autogenerated self-signed certificates
- Enabling the GitLab Operator
- Deleting GitLab
- See also
-
Building CI/CD Pipelines
- Technical requirements
- Creating a CI/CD pipeline in Jenkins X
- Getting ready
- How to do it…
- Connecting to Jenkins Pipeline Console
- Importing an application as a pipeline
- Checking application status
- Promoting an application to production
- Creating a pipeline using a QuickStart application
- How it works...
- Creating a CI/CD pipeline in GitLab
- Getting ready
- How to do it…
- Creating a project using templates
- Importing an existing project from GitHub
- Enabling Auto DevOps
- Enabling Kubernetes cluster integration
- Creating a pipeline using Auto DevOps
- Incrementally rolling out applications to production
- How it works...
- There's more...
- GitLab Web IDE
- Monitoring environments
- See also
- Creating a CI/CD pipeline in CircleCI
- Getting ready
- How to do it...
- Getting started with CircleCI
- Deploying changes to a Kubernetes cluster on EKS
- How it works...
- See also
- Setting up a CI/CD pipeline using GitHub Actions
- Getting ready
- How to do it...
- Creating a workflow file
- Creating a basic Docker build workflow
- Building and publishing images to Docker Registry
- Adding a workflow status badge
- See also
- Setting up a CI/CD pipeline on Amazon Web Services
- Getting ready
- How to do it...
- Creating an AWS CodeCommit code repository
- Building projects with AWS CodeBuild
- Creating an AWS CodeDeploy deployment
- Building a pipeline with AWS CodePipeline
- How it works...
- See also
- Setting up a CI/CD pipeline with Spinnaker on Google Cloud Build
- Getting ready
- How to do it...
- Installing and configuring the Spin CLI
- Configuring a service account for the CI/CD
- Configuring events to trigger a pipeline
- Deploying Spinnaker using Helm
- Creating a Google Cloud Source code repository
- Building projects with Google Cloud Build
- Configuring a Spinnaker pipeline
- Rolling out an application to production
- See also
- Setting up a CI/CD pipeline on Azure DevOps
- Getting ready
- How to do it...
- Getting started with Azure DevOps
- Configuring Azure Pipelines
- Deploying changes to an AKS cluster
- How it works...
- See also
-
Automating Tests in DevOps
- Technical requirements
- Building event-driven automation with StackStorm
- Getting ready
- How to do it…
- Installing StackStorm
- Accessing the StackStorm UI
- Using the st2 CLI
- Defining a rule
- Deploying a rule
- See also
- Automating tests with the Litmus framework
- Getting ready
- How to do it…
- Installing the Litmus Operator
- Using Chaos Charts for Kubernetes
- Creating a pod deletion chaos experiment
- Reviewing chaos experiment results
- Viewing chaos experiment logs
- How it works...
- See also
- Automating Chaos Engineering with Gremlin
- Getting ready
- How to do it…
- Setting up Gremlin credentials
- Installing Gremlin on Kubernetes
- Creating a CPU attack against a Kubernetes worker
- Creating a node shutdown attack against a Kubernetes worker
- Running predefined scenario-based attacks
- Deleting Gremlin from your cluster
- How it works...
- See also
- Automating your code review with Codacy
- Getting ready
- How to do it…
- Accessing the Project Dashboard
- Reviewing commits and PRs
- Viewing issues by category
- Adding a Codacy badge to your repository
- See also
- Detecting bugs and anti-patterns with SonarQube
- Getting ready
- How to do it…
- Installing SonarQube using Helm
- Accessing the SonarQube Dashboard
- Creating a new user and tokens
- Enabling quality profiles
- Adding a project
- Reviewing a project's quality
- Adding marketplace plugins
- Deleting SonarQube from your cluster
- How it works...
- See also
- Detecting license compliance issues with FOSSA
- Getting ready
- How to do it…
- Adding projects to FOSSA
- Triaging licensing issues
- Adding a FOSSA badge to your project
-
Preparing for Stateful Workloads
- Technical requirements
- Managing Amazon EBS volumes in Kubernetes
- Getting ready
- How to do it…
- Creating an EBS storage class
- Changing the default storage class
- Using EBS volumes for persistent storage
- Using EBS storage classes to dynamically create persistent volumes
- Deleting EBS persistent volumes
- Installing the EBS CSI driver to manage EBS volumes
- See also
- Managing GCE PD volumes in Kubernetes
- Getting ready
- How to do it…
- Creating a GCE persistent disk storage class
- Changing the default storage class
- Using GCE PD volumes for persistent storage
- Using GCE PD storage classes to create dynamic persistent volumes
- Deleting GCE PD persistent volumes
- Installing the GCP Compute PD CSI driver to manage PD volumes
- How it works...
- See also
- Managing Azure Disk volumes in Kubernetes
- Getting ready
- How to do it…
- Creating an Azure Disk storage class
- Changing the default storage class to ZRS
- Using Azure Disk storage classes to create dynamic PVs
- Deleting Azure Disk persistent volumes
- Installing the Azure Disk CSI driver
- See also
- Configuring and managing persistent storage using Rook
- Getting ready
- How to do it…
- Installing a Ceph provider using Rook
- Creating a Ceph cluster
- Verifying a Ceph cluster's health
- Create a Ceph block storage class
- Using a Ceph block storage class to create dynamic PVs
- See also
- Configuring and managing persistent storage using OpenEBS
- Getting ready
- How to do it…
- Installing iSCSI client prerequisites
- Installing OpenEBS
- Using ephemeral storage to create persistent volumes
- Creating storage pools
- Creating OpenEBS storage classes
- Using an OpenEBS storage class to create dynamic PVs
- How it works...
- See also
- Setting up NFS for shared storage on Kubernetes
- Getting ready
- How to do it…
- Installing NFS prerequisites
- Installing an NFS provider using a Rook NFS operator
- Using a Rook NFS operator storage class to create dynamic NFS PVs
- Installing an NFS provisioner using OpenEBS
- Using the OpenEBS NFS provisioner storage class to create dynamic NFS PVs
- See also
- Troubleshooting storage issues
- Getting ready
- How to do it…
- Persistent volumes in the pending state
- A PV is stuck once a PVC has been deleted
-
Disaster Recovery and Backup
- Technical requirements
- Configuring and managing S3 object storage using MinIO
- Getting ready
- How to do it…
- Creating a deployment YAML manifest
- Creating a MinIO S3 service
- Accessing the MinIO web user interface
- How it works...
- See also
- Managing Kubernetes Volume Snapshots and restore
- Getting ready
- How to do it…
- Enabling feature gates
- Creating a volume snapshot via CSI
- Restoring a volume from a snapshot via CSI
- Cloning a volume via CSI
- How it works...
- See also
- Application backup and recovery using Velero
- Getting ready
- How to do it…
- Installing Velero
- Backing up an application
- Restoring an application
- Creating a scheduled backup
- Taking a backup of an entire namespace
- Viewing backups with MinIO
- Deleting backups and schedules
- How it works...
- See also
- Application backup and recovery using Kasten
- Getting ready
- How to do it…
- Installing Kasten
- Accessing the Kasten Dashboard
- Backing up an application
- Restoring an application
- How it works...
- See also
- Cross-cloud application migration
- Getting ready
- How to do it…
- Creating an export profile in Kasten
- Exporting a restore point in Kasten
- Creating an import profile in Kasten
- Migrating an application in Kasten
- Importing clusters into OpenEBS Director
- Migrating an application in OpenEBS Director
- See also
-
Scaling and Upgrading Applications
- Technical requirements
- Scaling applications on Kubernetes
- Getting ready
- How to do it…
- Validating the installation of Metrics Server
- Manually scaling an application
- Autoscaling applications using a Horizontal Pod Autoscaler
- How it works...
- See also
- Assigning applications to nodes
- Getting ready
- How to do it…
- Labeling nodes
- Assigning pods to nodes using nodeSelector
- Assigning pods to nodes using node and inter-pod Affinity
- How it works...
- See also
- Creating an external load balancer
- Getting ready
- How to do it…
- Creating an external cloud load balancer
- Finding the external address of the service
- How it works...
- See also
- Creating an ingress service and service mesh using Istio
- Getting ready
- How to do it…
- Installing Istio using Helm
- Verifying the installation
- Creating an ingress gateway
- How it works...
- There's more…
- Deleting Istio
- See also
- Creating an ingress service and service mesh using Linkerd
- Getting ready
- How to do it…
- Installing the Linkerd CLI
- Installing Linkerd
- Verifying a Linkerd deployment
- Adding Linkerd to a service
- There's more…
- Accessing the dashboard
- Deleting Linkerd
- See also
- Auto-healing pods in Kubernetes
- Getting ready
- How to do it…
- Testing self-healing pods
- Adding liveness probes to pods
- How it works...
- See also
- Managing upgrades through blue/green deployments
- Getting ready
- How to do it…
- Creating the blue deployment
- Creating the green deployment
- Switching traffic from blue to green
- See also
-
Observability and Monitoring on Kubernetes
- Technical requirements
- Monitoring in Kubernetes
- Getting ready
- How to do it…
- Adding metrics using Kubernetes Metrics Server
- Monitoring metrics using the CLI
- Monitoring metrics using Kubernetes Dashboard
- Monitoring node health
- See also
- Inspecting containers
- Getting ready
- How to do it…
- Inspecting pods in Pending status
- Inspecting pods in ImagePullBackOff status
- Inspecting pods in CrashLoopBackOff status
- See also
- Monitoring using Amazon CloudWatch
- Getting ready
- How to do it…
- Enabling Webhook authorization mode
- Installing Container Insights Agents for Amazon EKS
- Viewing Container Insights metrics
- See also
- Monitoring using Google Stackdriver
- Getting ready
- How to do it…
- Installing Stackdriver Kubernetes Engine Monitoring support for GKE
- Configuring a workspace on Stackdriver
- Monitoring GKE metrics using Stackdriver
- See also
- Monitoring using Azure Monitor
- Getting ready
- How to do it…
- Enabling Azure Monitor support for AKS using the CLI
- Monitoring AKS performance metrics using Azure Monitor
- Viewing live logs using Azure Monitor
- See also
- Monitoring Kubernetes using Prometheus and Grafana
- Getting ready
- How to do it…
- Deploying Prometheus using Helm charts
- Monitoring metrics using Grafana dashboards
- Adding a Grafana dashboard to monitor applications
- See also
- Monitoring and performance analysis using Sysdig
- Getting ready
- How to do it…
- Installing the Sysdig agent
- Analyzing application performance
- See also
- Managing the cost of resources using Kubecost
- Getting ready
- How to do it…
- Installing Kubecost
- Accessing the Kubecost dashboard
- Monitoring Kubernetes resource cost allocation
- See also
-
Securing Applications and Clusters
- Technical requirements
- Using RBAC to harden cluster security
- Getting ready
- How to do it…
- Viewing the default Roles
- Creating user accounts
- Creating Roles and RoleBindings
- Testing the RBAC rules
- How it works...
- See also
- Configuring Pod Security Policies
- Getting ready
- How to do it…
- Enabling PSPs on EKS
- Enabling PSPs on GKE
- Enabling PodSecurityPolicy on AKS
- Creating a restricted PSPs
- There's more…
- Restricting pods to access certain volume types
- Using Kubernetes PodSecurityPolicy advisor
- See also
- Using Kubernetes CIS Benchmark for security auditing
- Getting ready
- How to do it…
- Running kube-bench on Kubernetes
- Running kube-bench on managed Kubernetes services
- Running kube-bench on OpenShift
- How it works...
- See also
- Building DevSecOps into the pipeline using Aqua Security
- Getting ready
- How to do it…
- Scanning images using Trivy
- Building vulnerability scanning into GitLab
- Building vulnerability scanning into CircleCI
- See also
- Monitoring suspicious application activities using Falco
- Getting ready
- How to do it…
- Installing Falco on Kubernetes
- Detecting anomalies using Falco
- Defining custom rules
- How it works...
- See also
- Securing credentials using HashiCorp Vault
- Getting ready
- How to do it…
- Installing Vault on Kubernetes
- Accessing the Vault UI
- Storing credentials on Vault
- See also
-
Logging with Kubernetes
- Technical requirements
- Accessing Kubernetes logs locally
- Getting ready
- How to do it…
- Accessing logs through Kubernetes
- Debugging services locally using Telepresence
- How it works...
- See also
- Accessing application-specific logs
- Getting ready
- How to do it…
- Getting shell access in a container
- Accessing PostgreSQL logs inside a container
- Building centralized logging in Kubernetes using the EFK stack
- Getting ready
- How to do it…
- Deploying Elasticsearch Operator
- Requesting the Elasticsearch endpoint
- Deploying Kibana
- Aggregating logs with Fluent Bit
- Accessing Kubernetes logs on Kibana
- See also
- Logging Kubernetes using Google Stackdriver
- Getting ready
- How to do it…
- Installing Stackdriver Kubernetes Engine Monitoring support for GKE
- Viewing GKE logs using Stackdriver
- See also
- Using a managed Kubernetes logging service
- Getting ready
- How to do it…
- Connecting clusters to Director Online
- Accessing logs using Director Online
- Logging for your Jenkins CI/CD environment
- Getting ready
- How to do it…
- Installing the Fluentd plugin
- Streaming Jenkins logs to Elasticsearch using Fluentd
- There's more…
- Installing the Logstash plugin
- Streaming Jenkins logs to Elasticsearch using Logstash
- See also
- Other Books You May Enjoy
Product information
- Title: Kubernetes - A Complete DevOps Cookbook
- Author(s):
- Release date: March 2020
- Publisher(s): Packt Publishing
- ISBN: 9781838828042
You might also like
book
DevOps with Kubernetes - Second Edition
Leverage the power of Kubernetes to build an efficient software delivery pipeline. Key Features Learn about …
book
Hands-On Microservices with Kubernetes
Enhance your skills in building scalable infrastructure for your cloud-based applications Key Features Learn to design …
book
Mastering Kubernetes
Exploit design, deployment, and management of large-scale containers About This Book Explore the latest features available …
book
Kubernetes Cookbook
Kubernetes is becoming the de-facto standard for container orchestration and distributed applications management across a microservices …