Kubernetes - A Complete DevOps Cookbook

Kubernetes - A Complete DevOps Cookbook

by Murat Karslioglu
Released March 2020
Publisher(s): Packt Publishing
ISBN: 9781838828042

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Leverage Kubernetes and container architecture to successfully run production-ready workloads

Key Features

  • Implement Kubernetes to orchestrate and scale applications proficiently
  • Leverage the latest features of Kubernetes to resolve common as well as complex problems in a cloud-native environment
  • Gain hands-on experience in securing, monitoring, and troubleshooting your application

Book Description

Kubernetes is a popular open source orchestration platform for managing containers in a cluster environment. With this Kubernetes cookbook, you'll learn how to implement Kubernetes using a recipe-based approach. The book will prepare you to create highly available Kubernetes clusters on multiple clouds such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, Alibaba, and on-premises data centers.

Starting with recipes for installing and configuring Kubernetes instances, you'll discover how to work with Kubernetes clients, services, and key metadata. You'll then learn how to build continuous integration/continuous delivery (CI/CD) pipelines for your applications, and understand various methods to manage containers. As you advance, you'll delve into Kubernetes' integration with Docker and Jenkins, and even perform a batch process and configure data volumes. You'll get to grips with methods for scaling, security, monitoring, logging, and troubleshooting. Additionally, this book will take you through the latest updates in Kubernetes, including volume snapshots, creating high availability clusters with kops, running workload operators, new inclusions around kubectl and more.

By the end of this book, you'll have developed the skills required to implement Kubernetes in production and manage containers proficiently.

What you will learn

  • Deploy cloud-native applications on Kubernetes
  • Automate testing in the DevOps workflow
  • Discover and troubleshoot common storage issues
  • Dynamically scale containerized services to manage fluctuating traffic needs
  • Understand how to monitor your containerized DevOps environment
  • Build DevSecOps into CI/CD pipelines

Who this book is for

This Kubernetes book is for developers, IT professionals, and DevOps engineers and teams who want to use Kubernetes to manage, scale, and orchestrate applications in their organization. Basic understanding of Kubernetes and containerization is necessary.

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. Kubernetes A Complete DevOps Cookbook
  3. Dedication
  4. About Packt
    1. Why subscribe?
  5. Contributors
    1. About the author
    2. About the reviewer
    3. Packt is searching for authors like you
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Download the color images
    6. Code in Action
    7. Conventions used
    8. Sections
    9. Getting ready
    10. How to do it…
    11. How it works…
    12. There's more…
    13. See also
    14. Get in touch
    15. Reviews
  7. Building Production-Ready Kubernetes Clusters
    1. Technical requirements
    2. Configuring a Kubernetes cluster on Amazon Web Services 
    3. Getting ready
    4. How to do it…
    5. Installing the command-line tools to configure AWS services
    6. Installing kops to provision a Kubernetes cluster
    7. Provisioning a Kubernetes cluster on Amazon EC2
    8. Provisioning a managed Kubernetes cluster on Amazon EKS
    9. How it works...
    10. There's more…
    11. Using the AWS Shell
    12. Using a gossip-based cluster
    13. Using different regions for an S3 bucket
    14. Editing the cluster configuration
    15. Deleting your cluster
    16. Provisioning an EKS cluster using the Amazon EKS Management Console
    17. Deploying Kubernetes Dashboard
    18. See also
    19. Configuring a Kubernetes cluster on Google Cloud Platform
    20. Getting ready
    21. How to do it…
    22. Installing the command-line tools to configure GCP services
    23. Provisioning a managed Kubernetes cluster on GKE
    24. Connecting to Google Kubernetes Engine (GKE) clusters
    25. How it works…
    26. There's more…
    27. Using Google Cloud Shell
    28. Deploying with a custom network configuration
    29. Deleting your cluster
    30. Viewing the Workloads dashboard
    31. See also
    32. Configuring a Kubernetes cluster on Microsoft Azure
    33. Getting ready
    34. How to do it…
    35. Installing the command-line tools to configure Azure services
    36. Provisioning a managed Kubernetes cluster on AKS
    37. Connecting to AKS clusters
    38. How it works…
    39. There's more…
    40. Deleting your cluster
    41. Viewing Kubernetes Dashboard
    42. See also
    43. Configuring a Kubernetes cluster on Alibaba Cloud
    44. Getting ready
    45. How to do it…
    46. Installing the command-line tools to configure Alibaba Cloud services
    47. Provisioning a highly available Kubernetes cluster on Alibaba Cloud
    48. Connecting to Alibaba Container Service clusters
    49. How it works…
    50. There's more…
    51. Configuring and managing Kubernetes clusters with Rancher
    52. Getting ready
    53. How to do it…
    54. Installing Rancher Server
    55. Deploying a Kubernetes cluster
    56. Importing an existing cluster
    57. Enabling cluster and node providers
    58. How it works…
    59. There's more…
    60. Bind mounting a host volume to keep data
    61. Keeping user volumes persistent
    62. Running Rancher on the same Kubernetes nodes
    63. See also
    64. Configuring Red Hat OpenShift 
    65. Getting ready
    66. How to do it…
    67. Downloading OpenShift binaries
    68. Provisioning an OpenShift cluster
    69. Connecting to OpenShift clusters
    70. How it works…
    71. There's more…
    72. Deleting your cluster
    73. See also
    74. Configuring a Kubernetes cluster using Ansible
    75. Getting ready
    76. How to do it…
    77. Installing Ansible
    78. Provisioning a Kubernetes cluster using an Ansible playbook
    79. Connecting to the Kubernetes cluster
    80. See also
    81. Troubleshooting installation issues
    82. How to do it…
    83. How it works…
    84. There's more…
    85. Setting log levels
    86. See also
  8. Operating Applications on Kubernetes
    1. Technical requirements
    2. Deploying workloads using YAML files
    3. Getting ready
    4. How to do it…
    5. Creating a Deployment
    6. Verifying a Deployment
    7. Editing a Deployment
    8. Rolling back a deployment
    9. Deleting a Deployment
    10. How it works...
    11. See also
    12. Deploying workloads using Kustomize
    13. Getting ready
    14. How to do it…
    15. Validating the Kubernetes cluster version
    16. Generating Kubernetes resources from files
    17. Creating a base for a development and production Deployment
    18. How it works...
    19. See also
    20. Deploying workloads using Helm charts
    21. Getting ready
    22. How to do it…
    23. Installing Helm 2.x
    24. Installing an application using Helm charts
    25. Searching for an application in Helm repositories
    26. Upgrading an application using Helm
    27. Rolling back an application using Helm
    28. Deleting an application using Helm
    29. Adding new Helm repositories
    30. Building a Helm chart
    31. How it works...
    32. See also
    33. Deploying and operating applications using Kubernetes operators
    34. Getting ready
    35. How to do it…
    36. Installing KUDO and the KUDO kubectl plugin
    37. Installing the Apache Kafka Operator using KUDO
    38. Installing Operator Lifecycle Manager
    39. Installing the Zalando PostgreSQL Operator
    40. See also
    41. Deploying and managing the life cycle of Jenkins X
    42. Getting ready
    43. How to do it...
    44. Installing the Jenkins X CLI
    45. Creating a Jenkins X Kubernetes cluster
    46. Verifying Jenkins X components
    47. Switching Kubernetes clusters
    48. Validating cluster conformance
    49. How it works...
    50. There's more…
    51. Importing an application
    52. Upgrading a Jenkins X application
    53. Deleting a Jenkins X Kubernetes cluster
    54. See also
    55. Deploying and managing the life cycle of GitLab
    56. Getting ready
    57. How to do it...
    58. Installing GitLab using Helm
    59. Connecting to the GitLab dashboard
    60. Creating the first GitLab user
    61. Upgrading GitLab
    62. How it works...
    63. There's more…
    64. Using your own wildcard certificate
    65. Using autogenerated self-signed certificates
    66. Enabling the GitLab Operator
    67. Deleting GitLab
    68. See also
  9. Building CI/CD Pipelines
    1. Technical requirements
    2. Creating a CI/CD pipeline in Jenkins X
    3. Getting ready
    4. How to do it…
    5. Connecting to Jenkins Pipeline Console
    6. Importing an application as a pipeline
    7. Checking application status
    8. Promoting an application to production
    9. Creating a pipeline using a QuickStart application
    10. How it works...
    11. Creating a CI/CD pipeline in GitLab
    12. Getting ready
    13. How to do it…
    14. Creating a project using templates
    15. Importing an existing project from GitHub
    16. Enabling Auto DevOps
    17. Enabling Kubernetes cluster integration
    18. Creating a pipeline using Auto DevOps
    19. Incrementally rolling out applications to production
    20. How it works...
    21. There's more...
    22. GitLab Web IDE
    23. Monitoring environments
    24. See also
    25. Creating a CI/CD pipeline in CircleCI
    26. Getting ready
    27. How to do it...
    28. Getting started with CircleCI
    29. Deploying changes to a Kubernetes cluster on EKS
    30. How it works...
    31. See also
    32. Setting up a CI/CD pipeline using GitHub Actions
    33. Getting ready
    34. How to do it...
    35. Creating a workflow file
    36. Creating a basic Docker build workflow
    37. Building and publishing images to Docker Registry
    38. Adding a workflow status badge
    39. See also
    40. Setting up a CI/CD pipeline on Amazon Web Services
    41. Getting ready
    42. How to do it...
    43. Creating an AWS CodeCommit code repository
    44. Building projects with AWS CodeBuild
    45. Creating an AWS CodeDeploy deployment
    46. Building a pipeline with AWS CodePipeline
    47. How it works...
    48. See also
    49. Setting up a CI/CD pipeline with Spinnaker on Google Cloud Build
    50. Getting ready
    51. How to do it...
    52. Installing and configuring the Spin CLI
    53. Configuring a service account for the CI/CD
    54. Configuring events to trigger a pipeline
    55. Deploying Spinnaker using Helm
    56. Creating a Google Cloud Source code repository
    57. Building projects with Google Cloud Build
    58. Configuring a Spinnaker pipeline
    59. Rolling out an application to production
    60. See also
    61. Setting up a CI/CD pipeline on Azure DevOps
    62. Getting ready
    63. How to do it...
    64. Getting started with Azure DevOps
    65. Configuring Azure Pipelines
    66. Deploying changes to an AKS cluster
    67. How it works...
    68. See also
  10. Automating Tests in DevOps
    1. Technical requirements
    2. Building event-driven automation with StackStorm
    3. Getting ready
    4. How to do it…
    5. Installing StackStorm
    6. Accessing the StackStorm UI
    7. Using the st2 CLI
    8. Defining a rule
    9. Deploying a rule
    10. See also
    11. Automating tests with the Litmus framework
    12. Getting ready
    13. How to do it…
    14. Installing the Litmus Operator
    15. Using Chaos Charts for Kubernetes
    16. Creating a pod deletion chaos experiment
    17. Reviewing chaos experiment results
    18. Viewing chaos experiment logs
    19. How it works...
    20. See also
    21. Automating Chaos Engineering with Gremlin
    22. Getting ready
    23. How to do it…
    24. Setting up Gremlin credentials
    25. Installing Gremlin on Kubernetes
    26. Creating a CPU attack against a Kubernetes worker
    27. Creating a node shutdown attack against a Kubernetes worker
    28. Running predefined scenario-based attacks
    29. Deleting Gremlin from your cluster
    30. How it works...
    31. See also
    32. Automating your code review with Codacy
    33. Getting ready
    34. How to do it…
    35. Accessing the Project Dashboard
    36. Reviewing commits and PRs
    37. Viewing issues by category
    38. Adding a Codacy badge to your repository
    39. See also
    40. Detecting bugs and anti-patterns with SonarQube
    41. Getting ready
    42. How to do it…
    43. Installing SonarQube using Helm
    44. Accessing the SonarQube Dashboard
    45. Creating a new user and tokens
    46. Enabling quality profiles
    47. Adding a project
    48. Reviewing a project's quality
    49. Adding marketplace plugins
    50. Deleting SonarQube from your cluster
    51. How it works...
    52. See also
    53. Detecting license compliance issues with FOSSA
    54. Getting ready
    55. How to do it…
    56. Adding projects to FOSSA
    57. Triaging licensing issues
    58. Adding a FOSSA badge to your project
  11. Preparing for Stateful Workloads
    1. Technical requirements
    2. Managing Amazon EBS volumes in Kubernetes
    3. Getting ready
    4. How to do it…
    5. Creating an EBS storage class
    6. Changing the default storage class
    7. Using EBS volumes for persistent storage
    8. Using EBS storage classes to dynamically create persistent volumes
    9. Deleting EBS persistent volumes
    10. Installing the EBS CSI driver to manage EBS volumes
    11. See also
    12. Managing GCE PD volumes in Kubernetes
    13. Getting ready
    14. How to do it…
    15. Creating a GCE persistent disk storage class
    16. Changing the default storage class
    17. Using GCE PD volumes for persistent storage
    18. Using GCE PD storage classes to create dynamic persistent volumes
    19. Deleting GCE PD persistent volumes
    20. Installing the GCP Compute PD CSI driver to manage PD volumes
    21. How it works...
    22. See also
    23. Managing Azure Disk volumes in Kubernetes
    24. Getting ready
    25. How to do it…
    26. Creating an Azure Disk storage class
    27. Changing the default storage class to ZRS
    28. Using Azure Disk storage classes to create dynamic PVs
    29. Deleting Azure Disk persistent volumes
    30. Installing the Azure Disk CSI driver
    31. See also
    32. Configuring and managing persistent storage using Rook
    33. Getting ready
    34. How to do it…
    35. Installing a Ceph provider using Rook
    36. Creating a Ceph cluster
    37. Verifying a Ceph cluster's health
    38. Create a Ceph block storage class
    39. Using a Ceph block storage class to create dynamic PVs
    40. See also
    41. Configuring and managing persistent storage using OpenEBS
    42. Getting ready
    43. How to do it…
    44. Installing iSCSI client prerequisites
    45. Installing OpenEBS
    46. Using ephemeral storage to create persistent volumes
    47. Creating storage pools
    48. Creating OpenEBS storage classes
    49. Using an OpenEBS storage class to create dynamic PVs
    50. How it works...
    51. See also
    52. Setting up NFS for shared storage on Kubernetes
    53. Getting ready
    54. How to do it…
    55. Installing NFS prerequisites
    56. Installing an NFS provider using a Rook NFS operator
    57. Using a Rook NFS operator storage class to create dynamic NFS PVs
    58. Installing an NFS provisioner using OpenEBS
    59. Using the OpenEBS NFS provisioner storage class to create dynamic NFS PVs
    60. See also
    61. Troubleshooting storage issues
    62. Getting ready
    63. How to do it…
    64. Persistent volumes in the pending state
    65. A PV is stuck once a PVC has been deleted
  12. Disaster Recovery and Backup
    1. Technical requirements
    2. Configuring and managing S3 object storage using MinIO
    3. Getting ready
    4. How to do it…
    5. Creating a deployment YAML manifest
    6. Creating a MinIO S3 service
    7. Accessing the MinIO web user interface
    8. How it works...
    9. See also
    10. Managing Kubernetes Volume Snapshots and restore
    11. Getting ready
    12. How to do it…
    13. Enabling feature gates
    14. Creating a volume snapshot via CSI
    15. Restoring a volume from a snapshot via CSI
    16. Cloning a volume via CSI
    17. How it works...
    18. See also
    19. Application backup and recovery using Velero
    20. Getting ready
    21. How to do it…
    22. Installing Velero
    23. Backing up an application
    24. Restoring an application
    25. Creating a scheduled backup
    26. Taking a backup of an entire namespace
    27. Viewing backups with MinIO
    28. Deleting backups and schedules
    29. How it works...
    30. See also
    31. Application backup and recovery using Kasten
    32. Getting ready
    33. How to do it…
    34. Installing Kasten
    35. Accessing the Kasten Dashboard
    36. Backing up an application
    37. Restoring an application
    38. How it works...
    39. See also
    40. Cross-cloud application migration
    41. Getting ready
    42. How to do it…
    43. Creating an export profile in Kasten
    44. Exporting a restore point in Kasten
    45. Creating an import profile in Kasten
    46. Migrating an application in Kasten
    47. Importing clusters into OpenEBS Director
    48. Migrating an application in OpenEBS Director
    49. See also
  13. Scaling and Upgrading Applications
    1. Technical requirements
    2. Scaling applications on Kubernetes
    3. Getting ready
    4. How to do it…
    5. Validating the installation of Metrics Server
    6. Manually scaling an application
    7. Autoscaling applications using a Horizontal Pod Autoscaler
    8. How it works...
    9. See also
    10. Assigning applications to nodes
    11. Getting ready
    12. How to do it…
    13. Labeling nodes
    14. Assigning pods to nodes using nodeSelector
    15. Assigning pods to nodes using node and inter-pod Affinity
    16. How it works...
    17. See also
    18. Creating an external load balancer
    19. Getting ready
    20. How to do it…
    21. Creating an external cloud load balancer
    22. Finding the external address of the service
    23. How it works...
    24. See also
    25. Creating an ingress service and service mesh using Istio
    26. Getting ready
    27. How to do it…
    28. Installing Istio using Helm
    29. Verifying the installation
    30. Creating an ingress gateway
    31. How it works...
    32. There's more…
    33. Deleting Istio
    34. See also
    35. Creating an ingress service and service mesh using Linkerd
    36. Getting ready
    37. How to do it…
    38. Installing the Linkerd CLI
    39. Installing Linkerd
    40. Verifying a Linkerd deployment
    41. Adding Linkerd to a service
    42. There's more…
    43. Accessing the dashboard
    44. Deleting Linkerd
    45. See also
    46. Auto-healing pods in Kubernetes
    47. Getting ready
    48. How to do it…
    49. Testing self-healing pods
    50. Adding liveness probes to pods
    51. How it works...
    52. See also
    53. Managing upgrades through blue/green deployments
    54. Getting ready
    55. How to do it…
    56. Creating the blue deployment
    57. Creating the green deployment
    58. Switching traffic from blue to green
    59. See also
  14. Observability and Monitoring on Kubernetes
    1. Technical requirements
    2. Monitoring in Kubernetes
    3. Getting ready
    4. How to do it…
    5. Adding metrics using Kubernetes Metrics Server
    6. Monitoring metrics using the CLI
    7. Monitoring metrics using Kubernetes Dashboard
    8. Monitoring node health
    9. See also
    10. Inspecting containers
    11. Getting ready
    12. How to do it…
    13. Inspecting pods in Pending status
    14. Inspecting pods in ImagePullBackOff status
    15. Inspecting pods in CrashLoopBackOff status
    16. See also
    17. Monitoring using Amazon CloudWatch
    18. Getting ready
    19. How to do it…
    20. Enabling Webhook authorization mode
    21. Installing Container Insights Agents for Amazon EKS
    22. Viewing Container Insights metrics
    23. See also
    24. Monitoring using Google Stackdriver
    25. Getting ready
    26. How to do it…
    27. Installing Stackdriver Kubernetes Engine Monitoring support for GKE
    28. Configuring a workspace on Stackdriver
    29. Monitoring GKE metrics using Stackdriver
    30. See also
    31. Monitoring using Azure Monitor
    32. Getting ready
    33. How to do it…
    34. Enabling Azure Monitor support for AKS using the CLI
    35. Monitoring AKS performance metrics using Azure Monitor
    36. Viewing live logs using Azure Monitor
    37. See also
    38. Monitoring Kubernetes using Prometheus and Grafana
    39. Getting ready
    40. How to do it…
    41. Deploying Prometheus using Helm charts
    42. Monitoring metrics using Grafana dashboards
    43. Adding a Grafana dashboard to monitor applications
    44. See also
    45. Monitoring and performance analysis using Sysdig
    46. Getting ready
    47. How to do it…
    48. Installing the Sysdig agent
    49. Analyzing application performance
    50. See also
    51. Managing the cost of resources using Kubecost
    52. Getting ready
    53. How to do it…
    54. Installing Kubecost
    55. Accessing the Kubecost dashboard
    56. Monitoring Kubernetes resource cost allocation
    57. See also
  15. Securing Applications and Clusters
    1. Technical requirements
    2. Using RBAC to harden cluster security
    3. Getting ready
    4. How to do it…
    5. Viewing the default Roles
    6. Creating user accounts
    7. Creating Roles and RoleBindings
    8. Testing the RBAC rules
    9. How it works...
    10. See also
    11. Configuring Pod Security Policies
    12. Getting ready
    13. How to do it…
    14. Enabling PSPs on EKS
    15. Enabling PSPs on GKE
    16. Enabling PodSecurityPolicy on AKS
    17. Creating a restricted PSPs
    18. There's more…
    19. Restricting pods to access certain volume types
    20. Using Kubernetes PodSecurityPolicy advisor
    21. See also
    22. Using Kubernetes CIS Benchmark for security auditing
    23. Getting ready
    24. How to do it…
    25. Running kube-bench on Kubernetes
    26. Running kube-bench on managed Kubernetes services
    27. Running kube-bench on OpenShift
    28. How it works...
    29. See also
    30. Building DevSecOps into the pipeline using Aqua Security
    31. Getting ready
    32. How to do it…
    33. Scanning images using Trivy
    34. Building vulnerability scanning into GitLab
    35. Building vulnerability scanning into CircleCI
    36. See also
    37. Monitoring suspicious application activities using Falco
    38. Getting ready
    39. How to do it…
    40. Installing Falco on Kubernetes
    41. Detecting anomalies using Falco
    42. Defining custom rules
    43. How it works...
    44. See also
    45. Securing credentials using HashiCorp Vault
    46. Getting ready
    47. How to do it…
    48. Installing Vault on Kubernetes
    49. Accessing the Vault UI
    50. Storing credentials on Vault
    51. See also
  16. Logging with Kubernetes
    1. Technical requirements
    2. Accessing Kubernetes logs locally
    3. Getting ready
    4. How to do it…
    5. Accessing logs through Kubernetes
    6. Debugging services locally using Telepresence
    7. How it works...
    8. See also
    9. Accessing application-specific logs
    10. Getting ready
    11. How to do it…
    12. Getting shell access in a container
    13. Accessing PostgreSQL logs inside a container
    14. Building centralized logging in Kubernetes using the EFK stack
    15. Getting ready
    16. How to do it…
    17. Deploying Elasticsearch Operator
    18. Requesting the Elasticsearch endpoint
    19. Deploying Kibana
    20. Aggregating logs with Fluent Bit
    21. Accessing Kubernetes logs on Kibana
    22. See also
    23. Logging Kubernetes using Google Stackdriver
    24. Getting ready
    25. How to do it…
    26. Installing Stackdriver Kubernetes Engine Monitoring support for GKE
    27. Viewing GKE logs using Stackdriver
    28. See also
    29. Using a managed Kubernetes logging service
    30. Getting ready
    31. How to do it…
    32. Connecting clusters to Director Online
    33. Accessing logs using Director Online
    34. Logging for your Jenkins CI/CD environment
    35. Getting ready
    36. How to do it…
    37. Installing the Fluentd plugin
    38. Streaming Jenkins logs to Elasticsearch using Fluentd
    39. There's more…
    40. Installing the Logstash plugin
    41. Streaming Jenkins logs to Elasticsearch using Logstash
    42. See also
  17. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Kubernetes - A Complete DevOps Cookbook
  • Author(s): Murat Karslioglu
  • Release date: March 2020
  • Publisher(s): Packt Publishing
  • ISBN: 9781838828042