Kubernetes: Up and Running, 3rd Edition

Book description

In just five years, Kubernetes has radically changed the way developers and ops personnel build, deploy, and maintain applications in the cloud. With this book's updated third edition, you'll learn how this popular container orchestrator can help your company achieve new levels of velocity, agility, reliability, and efficiency--whether you're new to distributed systems or have been deploying cloud native apps for some time.

Brendan Burns, Joe Beda, Kelsey Hightower, and Lachlan Evenson--who have worked on Kubernetes at Google and beyond--explain how this system fits into the life cycle of a distributed application. Software developers, engineers, and architects will learn ways to use tools and APIs to automate scalable distributed systems for online services, machine learning applications, or even a cluster of Raspberry Pi computers.

This guide shows you how to:

  • Create a simple cluster to learn how Kubernetes works
  • Dive into the details of deploying an application using Kubernetes
  • Learn specialized objects in Kubernetes, such as DaemonSets, jobs, ConfigMaps, and secrets
  • Explore deployments that tie together the lifecycle of a complete application
  • Get practical examples of how to develop and deploy real-world applications in Kubernetes

Publisher resources

View/Submit Errata

Table of contents

  1. Preface
    1. Who Should Read This Book
    2. Why We Wrote This Book
    3. Why We Updated This Book
    4. A Word on Cloud Native Applications Today
    5. Navigating This Book
    6. Online Resources
    7. Conventions Used in This Book
    8. Using Code Examples
    9. O’Reilly Online Learning
    10. How to Contact Us
    11. Acknowledgments
  2. 1. Introduction
    1. Velocity
      1. The Value of Immutability
      2. Declarative Configuration
      3. Self-Healing Systems
    2. Scaling Your Service and Your Teams
      1. Decoupling
      2. Easy Scaling for Applications and Clusters
      3. Scaling Development Teams with Microservices
      4. Separation of Concerns for Consistency and Scaling
    3. Abstracting Your Infrastructure
    4. Efficiency
    5. Cloud Native Ecosystem
    6. Summary
  3. 2. Creating and Running Containers
    1. Container Images
    2. Building Application Images with Docker
      1. Dockerfiles
      2. Optimizing Image Sizes
      3. Image Security
    3. Multistage Image Builds
    4. Storing Images in a Remote Registry
    5. The Container Runtime Interface
      1. Running Containers with Docker
      2. Exploring the kuard Application
      3. Limiting Resource Usage
    6. Cleanup
    7. Summary
  4. 3. Deploying a Kubernetes Cluster
    1. Installing Kubernetes on a Public Cloud Provider
      1. Installing Kubernetes with Google Kubernetes Engine
      2. Installing Kubernetes with Azure Kubernetes Service
      3. Installing Kubernetes on Amazon Web Services
    2. Installing Kubernetes Locally Using minikube
    3. Running Kubernetes in Docker
    4. The Kubernetes Client
      1. Checking Cluster Status
      2. Listing Kubernetes Nodes
    5. Cluster Components
      1. Kubernetes Proxy
      2. Kubernetes DNS
      3. Kubernetes UI
    6. Summary
  5. 4. Common kubectl Commands
    1. Namespaces
    2. Contexts
    3. Viewing Kubernetes API Objects
    4. Creating, Updating, and Destroying Kubernetes Objects
    5. Labeling and Annotating Objects
    6. Debugging Commands
    7. Cluster Management
    8. Command Autocompletion
    9. Alternative Ways of Viewing Your Cluster
    10. Summary
  6. 5. Pods
    1. Pods in Kubernetes
    2. Thinking with Pods
    3. The Pod Manifest
      1. Creating a Pod
      2. Creating a Pod Manifest
    4. Running Pods
      1. Listing Pods
      2. Pod Details
      3. Deleting a Pod
    5. Accessing Your Pod
      1. Getting More Information with Logs
      2. Running Commands in Your Container with exec
      3. Copying Files to and from Containers
    6. Health Checks
      1. Liveness Probe
      2. Readiness Probe
      3. Startup Probe
      4. Advanced Probe Configuration
      5. Other Types of Health Checks
    7. Resource Management
      1. Resource Requests: Minimum Required Resources
      2. Capping Resource Usage with Limits
    8. Persisting Data with Volumes
      1. Using Volumes with Pods
      2. Different Ways of Using Volumes with Pods
    9. Putting It All Together
    10. Summary
  7. 6. Labels and Annotations
    1. Labels
      1. Applying Labels
      2. Modifying Labels
      3. Label Selectors
      4. Label Selectors in API Objects
      5. Labels in the Kubernetes Architecture
    2. Annotations
    3. Cleanup
    4. Summary
  8. 7. Service Discovery
    1. What Is Service Discovery?
    2. The Service Object
      1. Service DNS
      2. Readiness Checks
    3. Looking Beyond the Cluster
    4. Load Balancer Integration
    5. Advanced Details
      1. Endpoints
      2. Manual Service Discovery
      3. kube-proxy and Cluster IPs
      4. Cluster IP Environment Variables
    6. Connecting with Other Environments
      1. Connecting to Resources Outside of a Cluster
      2. Connecting External Resources to Services Inside a Cluster
    7. Cleanup
    8. Summary
  9. 8. HTTP Load Balancing with Ingress
    1. Ingress Spec Versus Ingress Controllers
    2. Installing Contour
      1. Configuring DNS
      2. Configuring a Local hosts File
    3. Using Ingress
      1. Simplest Usage
      2. Using Hostnames
      3. Using Paths
      4. Cleanup
    4. Advanced Ingress Topics and Gotchas
      1. Running Multiple Ingress Controllers
      2. Multiple Ingress Objects
      3. Ingress and Namespaces
      4. Path Rewriting
      5. Serving TLS
    5. Alternate Ingress Implementations
    6. The Future of Ingress
    7. Summary
  10. 9. ReplicaSets
    1. Reconciliation Loops
    2. Relating Pods and ReplicaSets
      1. Adopting Existing Containers
      2. Quarantining Containers
    3. Designing with ReplicaSets
    4. ReplicaSet Spec
      1. Pod Templates
      2. Labels
    5. Creating a ReplicaSet
    6. Inspecting a ReplicaSet
      1. Finding a ReplicaSet from a Pod
      2. Finding a Set of Pods for a ReplicaSet
    7. Scaling ReplicaSets
      1. Imperative Scaling with kubectl scale
      2. Declaratively Scaling with kubectl apply
      3. Autoscaling a ReplicaSet
    8. Deleting ReplicaSets
    9. Summary
  11. 10. Deployments
    1. Your First Deployment
    2. Creating Deployments
    3. Managing Deployments
    4. Updating Deployments
      1. Scaling a Deployment
      2. Updating a Container Image
      3. Rollout History
    5. Deployment Strategies
      1. Recreate Strategy
      2. RollingUpdate Strategy
      3. Slowing Rollouts to Ensure Service Health
    6. Deleting a Deployment
    7. Monitoring a Deployment
    8. Summary
  12. 11. DaemonSets
    1. DaemonSet Scheduler
    2. Creating DaemonSets
    3. Limiting DaemonSets to Specific Nodes
      1. Adding Labels to Nodes
      2. Node Selectors
    4. Updating a DaemonSet
    5. Deleting a DaemonSet
    6. Summary
  13. 12. Jobs
    1. The Job Object
    2. Job Patterns
      1. One Shot
      2. Parallelism
      3. Work Queues
    3. CronJobs
    4. Summary
  14. 13. ConfigMaps and Secrets
    1. ConfigMaps
      1. Creating ConfigMaps
      2. Using a ConfigMap
    2. Secrets
      1. Creating Secrets
      2. Consuming Secrets
      3. Private Container Registries
    3. Naming Constraints
    4. Managing ConfigMaps and Secrets
      1. Listing
      2. Creating
      3. Updating
    5. Summary
  15. 14. Role-Based Access Control for Kubernetes
    1. Role-Based Access Control
      1. Identity in Kubernetes
      2. Understanding Roles and Role Bindings
      3. Roles and Role Bindings in Kubernetes
    2. Techniques for Managing RBAC
      1. Testing Authorization with can-i
      2. Managing RBAC in Source Control
    3. Advanced Topics
      1. Aggregating ClusterRoles
      2. Using Groups for Bindings
    4. Summary
  16. 15. Service Meshes
    1. Encryption and Authentication with Mutal TLS
    2. Traffic Shaping
    3. Introspection
    4. Do You Really Need a Service Mesh?
    5. Introspecting a Service Mesh Implementation
    6. Service Mesh Landscape
    7. Summary
  17. 16. Integrating Storage Solutions and Kubernetes
    1. Importing External Services
      1. Services Without Selectors
      2. Limitations of External Services: Health Checking
    2. Running Reliable Singletons
      1. Running a MySQL Singleton
      2. Dynamic Volume Provisioning
    3. Kubernetes-Native Storage with StatefulSets
      1. Properties of StatefulSets
      2. Manually Replicated MongoDB with StatefulSets
      3. Automating MongoDB Cluster Creation
      4. Persistent Volumes and StatefulSets
      5. One Final Thing: Readiness Probes
    4. Summary
  18. 17. Extending Kubernetes
    1. What It Means to Extend Kubernetes
    2. Points of Extensibility
    3. Patterns for Custom Resources
      1. Just Data
      2. Compilers
      3. Operators
      4. Getting Started
    4. Summary
  19. 18. Accessing Kubernetes from Common Programming Languages
    1. The Kubernetes API: A Client’s Perspective
      1. OpenAPI and Generated Client Libraries
      2. But What About kubectl x?
    2. Programming the Kubernetes API
      1. Installing the Client Libraries
      2. Authenticating to the Kubernetes API
      3. Accessing the Kubernetes API
      4. Putting It All Together: Listing and Creating Pods in Python, Java, and .NET
      5. Creating and Patching Objects
      6. Watching Kubernetes APIs for Changes
      7. Interacting with Pods
      8. Summary
  20. 19. Securing Applications in Kubernetes
    1. Understanding SecurityContext
      1. SecurityContext Challenges
    2. Pod Security
      1. What Is Pod Security?
      2. Applying Pod Security Standards
    3. Service Account Management
    4. Role-Based Access Control
    5. RuntimeClass
    6. Network Policy
    7. Service Mesh
    8. Security Benchmark Tools
    9. Image Security
    10. Summary
  21. 20. Policy and Governance for Kubernetes Clusters
    1. Why Policy and Governance Matter
    2. Admission Flow
    3. Policy and Governance with Gatekeeper
      1. What Is Open Policy Agent?
      2. Installing Gatekeeper
      3. Configuring Policies
      4. Understanding Constraint Templates
      5. Creating Constraints
      6. Audit
      7. Mutation
      8. Data Replication
      9. Metrics
      10. Policy Library
    4. Summary
  22. 21. Multicluster Application Deployments
    1. Before You Even Begin
    2. Starting at the Top with a Load-Balancing Approach
    3. Building Applications for Multiple Clusters
      1. Replicated Silos: The Simplest Cross-Regional Model
      2. Sharding: Regional Data
      3. Better Flexibility: Microservice Routing
    4. Summary
  23. 22. Organizing Your Application
    1. Principles to Guide Us
      1. Filesystems as the Source of Truth
      2. The Role of Code Review
      3. Feature Gates
    2. Managing Your Application in Source Control
      1. Filesystem Layout
      2. Managing Periodic Versions
    3. Structuring Your Application for Development, Testing, and Deployment
      1. Goals
      2. Progression of a Release
    4. Parameterizing Your Application with Templates
      1. Parameterizing with Helm and Templates
      2. Filesystem Layout for Parameterization
    5. Deploying Your Application Around the World
      1. Architectures for Worldwide Deployment
      2. Implementing Worldwide Deployment
      3. Dashboards and Monitoring for Worldwide Deployments
    6. Summary
  24. A. Building Your Own Kubernetes Cluster
    1. Parts List
    2. Flashing Images
    3. First Boot
      1. Setting Up Networking
      2. Installing a Container Runtime
      3. Installing Kubernetes
      4. Setting Up the Cluster
      5. Setting Up Cluster Networking
    4. Summary
  25. Index
  26. About the Authors

Product information

  • Title: Kubernetes: Up and Running, 3rd Edition
  • Author(s): Brendan Burns, Joe Beda, Kelsey Hightower, Lachlan Evenson
  • Release date: August 2022
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781098110208