book

Kubernetes: Up and Running

by Kelsey Hightower, Brendan Burns, Joe Beda

September 2017

Intermediate to advanced

269 pages

4h 38m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Kubernetes: A DedicationWho Should Read This BookWhy We Wrote This BookA Word on Cloud-Native Applications TodayNavigating This BookOnline ResourcesConventions Used in This BookUsing Code ExamplesO’Reilly SafariHow to Contact Us
VelocityThe Value of ImmutabilityDeclarative ConfigurationSelf-Healing SystemsScaling Your Service and Your TeamsDecouplingEasy Scaling for Applications and ClustersScaling Development Teams with MicroservicesSeparation of Concerns for Consistency and ScalingAbstracting Your InfrastructureEfficiencySummary
Container ImagesThe Docker Image FormatBuilding Application Images with DockerDockerfilesImage SecurityOptimizing Image SizesStoring Images in a Remote RegistryThe Docker Container RuntimeRunning Containers with DockerExploring the kuard ApplicationLimiting Resource UsageCleanupSummary
Installing Kubernetes on a Public Cloud ProviderGoogle Container ServiceInstalling Kubernetes with Azure Container ServiceInstalling Kubernetes on Amazon Web ServicesInstalling Kubernetes Locally Using minikubeRunning Kubernetes on Raspberry PiThe Kubernetes ClientChecking Cluster StatusListing Kubernetes Worker NodesCluster ComponentsKubernetes ProxyKubernetes DNSKubernetes UISummary
NamespacesContextsViewing Kubernetes API ObjectsCreating, Updating, and Destroying Kubernetes ObjectsLabeling and Annotating ObjectsDebugging CommandsSummary
Pods in KubernetesThinking with PodsThe Pod ManifestCreating a PodCreating a Pod ManifestRunning PodsListing PodsPod DetailsDeleting a PodAccessing Your PodUsing Port ForwardingGetting More Info with LogsRunning Commands in Your Container with execCopying Files to and from ContainersHealth ChecksLiveness ProbeReadiness ProbeTypes of Health ChecksResource ManagementResource Requests: Minimum Required ResourcesCapping Resource Usage with LimitsPersisting Data with VolumesUsing Volumes with PodsDifferent Ways of Using Volumes with PodsPersisting Data Using Remote DisksPutting It All TogetherSummary
LabelsApplying LabelsModifying LabelsLabel SelectorsLabel Selectors in API ObjectsAnnotationsDefining AnnotationsCleanupSummary
What Is Service Discovery?The Service ObjectService DNSReadiness ChecksLooking Beyond the ClusterCloud IntegrationAdvanced DetailsEndpointsManual Service Discoverykube-proxy and Cluster IPsCluster IP Environment VariablesCleanupSummary
Reconciliation LoopsRelating Pods and ReplicaSetsAdopting Existing ContainersQuarantining ContainersDesigning with ReplicaSetsReplicaSet SpecPod TemplatesLabelsCreating a ReplicaSetInspecting a ReplicaSetFinding a ReplicaSet from a PodFinding a Set of Pods for a ReplicaSetScaling ReplicaSetsImperative Scaling with kubectl ScaleDeclaratively Scaling with kubectl applyAutoscaling a ReplicaSetDeleting ReplicaSetsSummary
DaemonSet SchedulerCreating DaemonSetsLimiting DaemonSets to Specific NodesAdding Labels to NodesNode SelectorsUpdating a DaemonSetUpdating a DaemonSet by Deleting Individual PodsRolling Update of a DaemonSetDeleting a DaemonSetSummary

The Job ObjectJob PatternsOne ShotParallelismWork QueuesSummary
ConfigMapsCreating ConfigMapsUsing a ConfigMapSecretsCreating SecretsConsuming SecretsPrivate Docker RegistriesNaming ConstraintsManaging ConfigMaps and SecretsListingCreatingUpdatingSummary
Your First DeploymentDeployment InternalsCreating DeploymentsManaging DeploymentsUpdating DeploymentsScaling a DeploymentUpdating a Container ImageRollout HistoryDeployment StrategiesRecreate StrategyRollingUpdate StrategySlowing Rollouts to Ensure Service HealthDeleting a DeploymentSummary
Importing External ServicesServices Without SelectorsLimitations of External Services: Health CheckingRunning Reliable SingletonsRunning a MySQL SingletonDynamic Volume ProvisioningKubernetes-Native Storage with StatefulSetsProperties of StatefulSetsManually Replicated MongoDB with StatefulSetsAutomating MongoDB Cluster CreationPersistent Volumes and StatefulSetsOne Final Thing: Readiness ProbesSummary
ParsePrerequisitesBuilding the parse-serverDeploying the parse-serverTesting ParseGhostConfiguring GhostRedisConfiguring RedisCreating a Redis ServiceDeploying RedisPlaying with Our Redis ClusterSummary
Parts ListFlashing ImagesFirst Boot: MasterSetting Up NetworkingInstalling KubernetesSetting Up the ClusterSummary

Content preview from Kubernetes: Up and Running

Chapter 11. ConfigMaps and Secrets

It is a good practice to make container images as reusable as possible. The same image should be able to be used for development, staging, and production. It is even better if the same image is general purpose enough to be used across applications and services. Testing and versioning get riskier and more complicated if images need to be recreated for each new environment. But then how do we specialize the use of that image at runtime?

This is where ConfigMaps and secrets come into play. ConfigMaps are used to provide configuration information for workloads. This can either be fine-grained information (a short string) or a composite value in the form of a file. Secrets are similar to ConfigMaps but focused on making sensitive information available to the workload. They can be used for things like credentials or TLS certificates.

ConfigMaps

One way to think of a ConfigMap is as a Kubernetes object that defines a small filesystem. Another way is as a set of variables that can be used when defining the environment or command line for your containers. The key thing is that the ConfigMap is combined with the Pod right before it is run. This means that the container image and the pod definition itself can be reused across many apps by just changing the ConfigMap that is used.

Creating ConfigMaps

Let’s jump right in and create a ConfigMap. Like many objects in Kubernetes, you can create these in an immediate, imperative way or you can create them from ...