Modern DevOps Practices

Book description

Enhance DevOps workflows by integrating the functionalities of Docker, Kubernetes, Spinnaker, Ansible, Terraform, Flux CD, CaaS, and more with the help of practical examples and expert tips

Key Features

  • Get up and running with containerization-as-a-service and infrastructure automation in the public cloud
  • Learn container security techniques and secret management with Cloud KMS, Anchore Grype, and Grafeas Kritis
  • Leverage the combination of DevOps, GitOps, and automation to continuously ship a package of software

Book Description

Containers have entirely changed how developers and end-users see applications as a whole. With this book, you'll learn all about containers, their architecture and benefits, and how to implement them within your development lifecycle.

You'll discover how you can transition from the traditional world of virtual machines and adopt modern ways of using DevOps to ship a package of software continuously. Starting with a quick refresher on the core concepts of containers, you'll move on to study the architectural concepts to implement modern ways of application development. You'll cover topics around Docker, Kubernetes, Ansible, Terraform, Packer, and other similar tools that will help you to build a base. As you advance, the book covers the core elements of cloud integration (AWS ECS, GKE, and other CaaS services), continuous integration, and continuous delivery (GitHub actions, Jenkins, and Spinnaker) to help you understand the essence of container management and delivery. The later sections of the book will take you through container pipeline security and GitOps (Flux CD and Terraform).

By the end of this DevOps book, you'll have learned best practices for automating your development lifecycle and making the most of containers, infrastructure automation, and CaaS, and be ready to develop applications using modern tools and techniques.

What you will learn

  • Become well-versed with AWS ECS, Google Cloud Run, and Knative
  • Discover how to build and manage secure Docker images efficiently
  • Understand continuous integration with Jenkins on Kubernetes and GitHub actions
  • Get to grips with using Spinnaker for continuous deployment/delivery
  • Manage immutable infrastructure on the cloud with Packer, Terraform, and Ansible
  • Explore the world of GitOps with GitHub actions, Terraform, and Flux CD

Who this book is for

If you are a software engineer, system administrator, or operations engineer looking to step into the world of DevOps within public cloud platforms, this book is for you. Existing DevOps engineers will also find this book useful as it covers best practices, tips, and tricks to implement DevOps with a cloud-native mindset. Although no containerization experience is necessary, a basic understanding of the software development life cycle and delivery will help you get the most out of the book.

Table of contents

  1. Modern DevOps Practices
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
  6. Section 1: Container Fundamentals and Best Practices
  7. Chapter 1: The Move to Containers
    1. The need for containers
      1. The matrix of hell
      2. Virtual machines
      3. Containers
      4. It works on my machine
    2. Container architecture
      1. Container networking
    3. Modern DevOps versus traditional DevOps
    4. Containers and modern DevOps practices
    5. Migrating from virtual machines to containers
      1. Discovery
      2. Application requirement assessment
      3. Container infrastructure design
      4. Containerizing the application
      5. Testing
      6. Deployment and rollout
      7. What applications should go in containers?
      8. Breaking the applications into smaller pieces
    6. Are we there yet?
    7. Summary
    8. Questions
    9. Answers
  8. Chapter 2: Containerization with Docker
    1. Technical requirements
    2. Installing tools
      1. Installing Git
      2. Installing vim
    3. Installing Docker
    4. Introducing Docker storage drivers and volumes
      1. Docker data storage options
      2. Mounting volumes
      3. Docker storage drivers
      4. Configuring a storage driver
    5. Running your first container
      1. Running containers from versioned images
      2. Running Docker containers in the background
      3. Troubleshooting containers
      4. Putting it all together
      5. Restarting and removing containers
    6. Docker logging and logging drivers
      1. Container log management
      2. Logging drivers
      3. Configuring logging drivers
      4. Typical challenges and best practices with Docker logging
    7. Docker monitoring with Prometheus
      1. Challenges with container monitoring
      2. Installing Prometheus
      3. Configuring cAdvisor and the node exporter to expose metrics
      4. Configuring Prometheus to scrape metrics
      5. Launching a sample container application
      6. Metrics to monitor
    8. Declarative container management with Docker Compose
      1. Installing Docker Compose
      2. Deploying a sample application with Docker Compose
      3. Creating the docker-compose file
      4. Docker Compose best practices
    9. Summary
    10. Questions
    11. Answers
  9. Chapter 3: Creating and Managing Container Images
    1. Technical requirements
    2. Docker architecture
    3. Understanding Docker images
      1. The layered filesystem
      2. Image history
    4. Understanding Dockerfiles, components, and directives
      1. Can we use ENTRYPOINT instead of CMD?
      2. Are RUN and CMD the same?
      3. Building our first container
    5. Building and managing Docker images
      1. Single-stage builds
      2. Multi-stage builds
      3. Managing Docker images
      4. Flattening Docker images
    6. Optimizing containers with distroless images
      1. Performance
      2. Security
      3. Cost
    7. Understanding Docker registries
      1. Hosting your private Docker registry
      2. Other public registries
    8. Summary
    9. Questions
    10. Answers
  10. Chapter 4: Container Orchestration with Kubernetes – Part I
    1. Technical requirements
    2. What is Kubernetes and why do I need it?
    3. Kubernetes architecture
    4. Installing Kubernetes (Minikube and KinD)
      1. Installing Minikube
      2. Installing KinD
    5. Understanding Kubernetes pods
      1. Using port forwarding
      2. Troubleshooting pods
      3. Ensuring pod reliability
      4. Pod multi-container design patterns
    6. Summary
    7. Questions
    8. Answers
  11. Chapter 5: Container Orchestration with Kubernetes – Part II
    1. Technical requirements
      1. Spinning up Google Kubernetes Engine
    2. Kubernetes Deployments
      1. ReplicaSet resource
      2. Deployment resource
      3. Kubernetes Deployment strategies
    3. Kubernetes Services and Ingresses
      1. ClusterIP Services
      2. NodePort services
      3. LoadBalancer services
      4. Ingress resources
    4. Horizontal Pod autoscaling
    5. Managing stateful applications
      1. StatefulSet resource
      2. Managing persistent volumes
    6. Kubernetes command-line best practices
      1. Using alias
      2. Using kubectl bash autocompletion
    7. Summary
    8. Questions
    9. Answers
  12. Section 2: Delivering Containers
  13. Chapter 6: Infrastructure as Code (IaC) with Terraform
    1. Technical requirements
    2. Introduction to IaC
      1. Installing Terraform
    3. Terraform providers
      1. Authentication and authorization with Azure
      2. Using the Azure Terraform provider
    4. Terraform variables
      1. Providing variable values
    5. Terraform workflow
      1. terraform init
      2. Creating the first resource – Azure resource group
      3. terraform fmt
      4. terraform validate
      5. terraform plan
      6. terraform apply
      7. terraform destroy
    6. terraform state
      1. Using the Azure Storage backend
    7. Terraform workspaces
      1. Inspecting resources
      2. Inspecting state files
      3. Cleaning up
    8. Terraform output, state, console, and graphs
      1. terraform output
      2. Managing Terraform state
      3. terraform console
      4. Terraform dependencies and graph
      5. Cleaning up resources
    9. Summary
    10. Questions
    11. Answers
  14. Chapter 7: Configuration Management with Ansible
    1. Technical requirements
    2. Introduction to config management
    3. Setting up Ansible
      1. Setting up inventory
      2. Installing Ansible in the control node
      3. Connecting the Ansible control node with inventory servers
      4. Setting up an inventory file
      5. Setting up the Ansible configuration file
    4. Ansible tasks and modules
    5. Introduction to Ansible playbooks
      1. Checking playbook syntax
      2. Applying the first playbook
    6. Ansible playbooks in action
      1. Updating packages and repositories
      2. Installing application packages and services
      3. Configuring applications
      4. Combining the playbooks
      5. Executing the playbooks
    7. Designing for reusability
      1. Ansible variables
      2. Sourcing variable values
      3. Jinja2 templates
      4. Ansible roles
    8. Summary
    9. Questions
    10. Answers
  15. Chapter 8: IaC and Config Management in Action
    1. Technical requirements
    2. Immutable infrastructure with Hashicorp's Packer
      1. When to use immutable infrastructure
      2. Installing Packer
    3. Creating the Apache and MySQL playbooks
    4. Building the Apache and MySQL images using Packer and Ansible provisioners
      1. Prerequisites
      2. Defining the Packer configuration
    5. Creating the required infrastructure with Terraform
    6. Summary
    7. Questions
    8. Answers
  16. Chapter 9: Containers as a Service (CaaS) and Serverless Computing for Containers
    1. Technical requirements
    2. The need for serverless offerings
    3. Amazon ECS with EC2 and Fargate
      1. ECS architecture
      2. Installing the AWS and ECS CLIs
      3. Spinning up an ECS cluster
      4. Creating task definitions
      5. Scheduling EC2 tasks on ECS
      6. Scaling tasks
      7. Querying container logs from CloudWatch
      8. Stopping tasks
      9. Scheduling Fargate tasks on ECS
      10. Scheduling services on ECS
      11. Browsing container logs using the ECS CLI
      12. Deleting an ECS service
      13. Load balancing containers running on ECS
    4. Other CaaS products
    5. Open source CaaS with Knative
      1. Knative architecture
      2. Spinning up Google Kubernetes Engine
      3. Installing Knative
      4. Deploying a Python Flask app on Knative
      5. Load testing your app on Knative
    6. Summary
    7. Questions
    8. Answers
  17. Chapter 10: Continuous Integration
    1. Technical requirements
    2. The importance of automation
    3. Building a CI pipeline with GitHub Actions
      1. Creating a GitHub repository
      2. Creating a GitHub Actions workflow
    4. Scalable Jenkins on Kubernetes with Kaniko
      1. Spinning up Google Kubernetes Engine
      2. Installing Jenkins
      3. Connecting Jenkins with the cluster
      4. Running our first Jenkins job
    5. Automating a build with triggers
    6. CI with AWS Code Commit and Code Build
      1. Creating an AWS Code Commit repository
      2. Creating an AWS Code Build job
    7. Build performance best practices
      1. Aim for faster builds
      2. Always use post-commit triggers
      3. Configure build reporting
      4. Customize the build server size
      5. Ensure that your builds only contain what you need
    8. Summary
    9. Questions
    10. Answers
  18. Chapter 11: Continuous Deployment/Delivery with Spinnaker
    1. Technical requirements
    2. Importance of Continuous Deployment and automation
    3. Continuous deployment models and tools
      1. Simple deployment model
      2. Complex deployment models
    4. Introduction to Spinnaker
    5. Setting up Spinnaker
      1. Spinning up Google Kubernetes Engine
      2. Setting up service accounts and permissions
      3. Creating a halyard host VM
      4. Installing halyard
      5. Setting up the required credentials
      6. Setting up the Spinnaker configuration
      7. Deploying Spinnaker
    6. Deploying a sample application using a Spinnaker pipeline
      1. Creating a deployment manifest
      2. Creating a Spinnaker application
      3. Creating a Spinnaker pipeline
      4. Testing the pipeline
    7. Summary
    8. Questions
    9. Answers
  19. Chapter 12: Securing the Deployment Pipeline
    1. Technical requirements
    2. Securing CI/CD pipelines
    3. Managing secrets
      1. Sample application
      2. Creating a Secret manifest
      3. Creating a Cloud KMS secret
      4. Accessing the secret and deploying the application
    4. Container vulnerability scanning
      1. Installing Anchore Grype
      2. Scanning images
    5. Binary authorization
      1. Setting up binary authorization
      2. Creating a default binary authorization policy
      3. Attesting images
    6. Security of modern DevOps pipelines
      1. Adopt a DevSecOps culture
      2. Establish access control
      3. Implement shift left
      4. Manage security risks consistently
      5. Implement vulnerability scanning
      6. Automate security
    7. Summary
    8. Questions
    9. Answers
  20. Section 3: Modern DevOps with GitOps
  21. Chapter 13: Understanding DevOps with GitOps
    1. Technical requirements
    2. What is GitOps?
    3. The principles of GitOps
    4. Why GitOps?
    5. The branching strategy and GitOps workflow
      1. The push model
      2. The pull model
      3. Structuring the Git repository
    6. Declarative infrastructure and config management
    7. Summary
    8. Questions
    9. Answers
  22. Chapter 14: CI/CD Pipelines with GitOps
    1. Technical requirements
    2. Continuous integration with GitHub Actions
      1. Creating an application repository on GitHub
      2. Creating a GitHub Actions workflow
    3. Release gating with pull requests
    4. Continuous deployment with Flux CD
      1. Introduction to Flux CD
      2. Installing Flux CD
    5. Managing sensitive configuration and Secrets
      1. Installing the Sealed Secrets operator
      2. Installing kubeseal
      3. Creating Sealed Secrets
    6. Summary
    7. Questions
    8. Answers
    9. Why subscribe?
  23. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share your thoughts

Product information

  • Title: Modern DevOps Practices
  • Author(s): Gaurav Agarwal
  • Release date: September 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781800562387