Kubernetes Best Practices

Blueprints for Building Successful Applications on Kubernetes
 
 
O'Reilly (Verlag)
  • erschienen am 14. November 2019
  • |
  • 268 Seiten
 
E-Book | ePUB mit Adobe-DRM | Systemvoraussetzungen
978-1-4920-5642-3 (ISBN)
 
In this practical guide, four Kubernetes professionals with deep experience in distributed systems, enterprise application development, and open source will guide you through the process of building applications with this container orchestration system. Based on the experiences of companies that are running Kubernetes in production successfully, many of the methods are also backed by concrete code examples.This book is ideal for those already familiar with basic Kubernetes concepts who want to learn common best practices. Youll learn exactly what you need to know to build your best app with Kubernetes the first time.Set up and develop applications in KubernetesLearn patterns for monitoring, securing your systems, and managing upgrades, rollouts, and rollbacksUnderstand Kubernetes networking policies and where service mesh fits inIntegrate services and legacy applications and develop higher-level platforms on top of KubernetesRun machine learning workloads in Kubernetes
  • Englisch
  • Sebastopol
  • |
  • USA
  • 3,43 MB
978-1-4920-5642-3 (9781492056423)
weitere Ausgaben werden ermittelt
  • Cover
  • Copyright
  • Table of Contents
  • Preface
  • Who Should Read This Book
  • Why We Wrote This Book
  • Navigating This Book
  • Conventions Used in This Book
  • Using Code Examples
  • O'Reilly Online Learning
  • How to Contact Us
  • Acknowledgments
  • Chapter 1. Setting Up a Basic Service
  • Application Overview
  • Managing Configuration Files
  • Creating a Replicated Service Using Deployments
  • Best Practices for Image Management
  • Creating a Replicated Application
  • Setting Up an External Ingress for HTTP Traffic
  • Configuring an Application with ConfigMaps
  • Managing Authentication with Secrets
  • Deploying a Simple Stateful Database
  • Creating a TCP Load Balancer by Using Services
  • Using Ingress to Route Traffic to a Static File Server
  • Parameterizing Your Application by Using Helm
  • Deploying Services Best Practices
  • Summary
  • Chapter 2. Developer Workflows
  • Goals
  • Building a Development Cluster
  • Setting Up a Shared Cluster for Multiple Developers
  • Onboarding Users
  • Creating and Securing a Namespace
  • Managing Namespaces
  • Cluster-Level Services
  • Enabling Developer Workflows
  • Initial Setup
  • Enabling Active Development
  • Enabling Testing and Debugging
  • Setting Up a Development Environment Best Practices
  • Summary
  • Chapter 3. Monitoring and Logging in Kubernetes
  • Metrics Versus Logs
  • Monitoring Techniques
  • Monitoring Patterns
  • Kubernetes Metrics Overview
  • cAdvisor
  • Metrics Server
  • kube-state-metrics
  • What Metrics Do I Monitor?
  • Monitoring Tools
  • Monitoring Kubernetes Using Prometheus
  • Logging Overview
  • Tools for Logging
  • Logging by Using an EFK Stack
  • Alerting
  • Best Practices for Monitoring, Logging, and Alerting
  • Monitoring
  • Logging
  • Alerting
  • Summary
  • Chapter 4. Configuration, Secrets, and RBAC
  • Configuration Through ConfigMaps and Secrets
  • ConfigMaps
  • Secrets
  • Common Best Practices for the ConfigMap and Secrets APIs
  • RBAC
  • RBAC Primer
  • RBAC Best Practices
  • Summary
  • Chapter 5. Continuous Integration, Testing, and Deployment
  • Version Control
  • Continuous Integration
  • Testing
  • Container Builds
  • Container Image Tagging
  • Continuous Deployment
  • Deployment Strategies
  • Testing in Production
  • Setting Up a Pipeline and Performing a Chaos Experiment
  • Setting Up CI
  • Setting Up CD
  • Performing a Rolling Upgrade
  • A Simple Chaos Experiment
  • Best Practices for CI/CD
  • Summary
  • Chapter 6. Versioning, Releases, and Rollouts
  • Versioning
  • Releases
  • Rollouts
  • Putting It All Together
  • Best Practices for Versioning, Releases, and Rollouts
  • Summary
  • Chapter 7. Worldwide Application Distribution and Staging
  • Distributing Your Image
  • Parameterizing Your Deployment
  • Load-Balancing Traffic Around the World
  • Reliably Rolling Out Software Around the World
  • Pre-Rollout Validation
  • Canary Region
  • Identifying Region Types
  • Constructing a Global Rollout
  • When Something Goes Wrong
  • Worldwide Rollout Best Practices
  • Summary
  • Chapter 8. Resource Management
  • Kubernetes Scheduler
  • Predicates
  • Priorities
  • Advanced Scheduling Techniques
  • Pod Affinity and Anti-Affinity
  • nodeSelector
  • Taints and Tolerations
  • Pod Resource Management
  • Resource Request
  • Resource Limits and Pod Quality of Service
  • PodDisruptionBudgets
  • Managing Resources by Using Namespaces
  • ResourceQuota
  • LimitRange
  • Cluster Scaling
  • Application Scaling
  • Scaling with HPA
  • HPA with Custom Metrics
  • Vertical Pod Autoscaler
  • Resource Management Best Practices
  • Summary
  • Chapter 9. Networking, Network Security, and Service Mesh
  • Kubernetes Network Principles
  • Network Plug-ins
  • Kubenet
  • Kubenet Best Practices
  • The CNI Plug-in
  • CNI Best Practices
  • Services in Kubernetes
  • Service Type ClusterIP
  • Service Type NodePort
  • Service Type ExternalName
  • Service Type LoadBalancer
  • Ingress and Ingress Controllers
  • Services and Ingress Controllers Best Practices
  • Network Security Policy
  • Network Policy Best Practices
  • Service Meshes
  • Service Mesh Best Practices
  • Summary
  • Chapter 10. Pod and Container Security
  • PodSecurityPolicy API
  • Enabling PodSecurityPolicy
  • Anatomy of a PodSecurityPolicy
  • PodSecurityPolicy Challenges
  • PodSecurityPolicy Best Practices
  • PodSecurityPolicy Next Steps
  • Workload Isolation and RuntimeClass
  • Using RuntimeClass
  • Runtime Implementations
  • Workload Isolation and RuntimeClass Best Practices
  • Other Pod and Container Security Considerations
  • Admission Controllers
  • Intrusion and Anomaly Detection Tooling
  • Summary
  • Chapter 11. Policy and Governance for Your Cluster
  • Why Policy and Governance Are Important
  • How Is This Policy Different?
  • Cloud-Native Policy Engine
  • Introducing Gatekeeper
  • Example Policies
  • Gatekeeper Terminology
  • Defining Constraint Templates
  • Defining Constraints
  • Data Replication
  • UX
  • Audit
  • Becoming Familiar with Gatekeeper
  • Gatekeeper Next Steps
  • Policy and Governance Best Practices
  • Summary
  • Chapter 12. Managing Multiple Clusters
  • Why Multiple Clusters?
  • Multicluster Design Concerns
  • Managing Multiple Cluster Deployments
  • Deployment and Management Patterns
  • The GitOps Approach to Managing Clusters
  • Multicluster Management Tools
  • Kubernetes Federation
  • Managing Multiple Clusters Best Practices
  • Summary
  • Chapter 13. Integrating External Services and Kubernetes
  • Importing Services into Kubernetes
  • Selector-Less Services for Stable IP Addresses
  • CNAME-Based Services for Stable DNS Names
  • Active Controller-Based Approaches
  • Exporting Services from Kubernetes
  • Exporting Services by Using Internal Load Balancers
  • Exporting Services on NodePorts
  • Integrating External Machines and Kubernetes
  • Sharing Services Between Kubernetes
  • Third-Party Tools
  • Connecting Cluster and External Services Best Practices
  • Summary
  • Chapter 14. Running Machine Learning in Kubernetes
  • Why Is Kubernetes Great for Machine Learning?
  • Machine Learning Workflow
  • Machine Learning for Kubernetes Cluster Admins
  • Model Training on Kubernetes
  • Distributed Training on Kubernetes
  • Resource Constraints
  • Specialized Hardware
  • Libraries, Drivers, and Kernel Modules
  • Storage
  • Networking
  • Specialized Protocols
  • Data Scientist Concerns
  • Machine Leaning on Kubernetes Best Practices
  • Summary
  • Chapter 15. Building Higher-Level Application Patterns on Top of Kubernetes
  • Approaches to Developing Higher-Level Abstractions
  • Extending Kubernetes
  • Extending Kubernetes Clusters
  • Extending the Kubernetes User Experience
  • Design Considerations When Building Platforms
  • Support Exporting to a Container Image
  • Support Existing Mechanisms for Service and Service Discovery
  • Building Application Platforms Best Practices
  • Summary
  • Chapter 16. Managing State and Stateful Applications
  • Volumes and Volume Mounts
  • Volume Best Practices
  • Kubernetes Storage
  • PersistentVolume
  • PersistentVolumeClaims
  • Storage Classes
  • Kubernetes Storage Best Practices
  • Stateful Applications
  • StatefulSets
  • Operators
  • StatefulSet and Operator Best Practices
  • Summary
  • Chapter 17. Admission Control and Authorization
  • Admission Control
  • What Are They?
  • Why Are They Important?
  • Admission Controller Types
  • Configuring Admission Webhooks
  • Admission Control Best Practices
  • Authorization
  • Authorization Modules
  • Authorization Best Practices
  • Summary
  • Chapter 18. Conclusion
  • Index
  • About the Authors
  • Colophon

Dateiformat: ePUB
Kopierschutz: Adobe-DRM (Digital Rights Management)

Systemvoraussetzungen:

Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat ePUB ist sehr gut für Romane und Sachbücher geeignet - also für "fließenden" Text ohne komplexes Layout. Bei E-Readern oder Smartphones passt sich der Zeilen- und Seitenumbruch automatisch den kleinen Displays an. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Bitte beachten Sie bei der Verwendung der Lese-Software Adobe Digital Editions: wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!

Weitere Informationen finden Sie in unserer E-Book Hilfe.


Download (sofort verfügbar)

58,49 €
inkl. 5% MwSt.
Download / Einzel-Lizenz
ePUB mit Adobe-DRM
siehe Systemvoraussetzungen
E-Book bestellen