舉報 
會員
Getting Started with Kubernetes
Kuberneteshascontinuedtogrowandachievebroadadoptionacrossvariousindustries,helpingyoutoorchestrateandautomatecontainerdeploymentsonamassivescale.BasedontherecentreleaseofKubernetes1.12,GettingStartedwithKubernetesgivesyouacompleteunderstandingofhowtoinstallaKubernetescluster.ThebookfocusesoncoreKubernetesconstructs,suchaspods,services,replicasets,replicationcontrollers,andlabels.Youwillunderstandcluster-levelnetworkinginKubernetes,andlearntosetupexternalaccesstoapplicationsrunninginthecluster.Asyoumakeyourwaythroughthebook,you'llunderstandhowtomanagedeploymentsandperformupdateswithminimaldowntime.Inadditiontothis,youwillexploreoperationalaspectsofKubernetes,suchasmonitoringandlogging,latermovingontoadvancedconceptssuchascontainersecurityandclusterfederation.You'llgettogripswithintegratingyourbuildpipelineanddeploymentswithinaKubernetescluster,andbeabletounderstandandinteractwithopensourceprojects.Intheconcludingchapters,you'llorchestrateupdatesbehindthescenes,avoiddowntimeonyourcluster,anddealwithunderlyingcloudproviderinstabilitywithinyourcluster.Bytheendofthisbook,you'llhaveacompleteunderstandingoftheKubernetesplatformandwillstartdeployingapplicationsonit.
最新章節
- Leave a review - let other readers know what you think
- Other Books You May Enjoy
- Chapter 15: Kubernetes Infrastructure Management
- Chapter 14: Hardening Kubernetes
- Chapter 13: Cluster Authentication Authorization and Container Security
- Chapter 12: Cluster Federation and Multi-Tenancy
品牌:中圖公司
上架時間:2021-06-10 18:28:18
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Leave a review - let other readers know what you think 更新時間:2021-06-10 19:48:04
- Other Books You May Enjoy
- Chapter 15: Kubernetes Infrastructure Management
- Chapter 14: Hardening Kubernetes
- Chapter 13: Cluster Authentication Authorization and Container Security
- Chapter 12: Cluster Federation and Multi-Tenancy
- Chapter 11: Kubernetes SIGs Incubation Projects and the CNCF
- Chapter 10: Designing for High Availability and Scalability
- Chapter 8: Monitoring and Logging
- Chapter 7: Designing for Continuous Integration and Delivery
- Chapter 6: Application Updates Gradual Rollouts and Autoscaling
- Chapter 5: Exploring Kubernetes Storage Concepts
- Chapter 4: Implementing Reliable Container-Native Applications
- Chapter 3: Working with Networking Load Balancers and Ingress
- Chapter 2: Building a Foundation with Core Kubernetes Constructs
- Chapter 1: Introduction to Kubernetes
- Assessments
- Further reading
- Questions
- Summary
- Additional configuration options
- Node maintenance
- DIY clusters
- On GKE and AKS
- Scaling the cluster
- Upgrading PaaS clusters
- Upgrading the cluster
- Tuning examples
- Securing the cluster
- Picking what's right
- Planning a cluster
- Technical requirements
- Kubernetes Infrastructure Management
- Further reading
- Questions
- Summary
- OpenShift
- Deis
- Mesosphere (Kubernetes on Mesos)
- Aqua Sec
- Twistlock
- Shippable
- Portworx
- ClusterHQ
- Azure Kubernetes Service
- Google Kubernetes Engine
- Private registries
- Third-party companies
- Securing a cluster
- CPU constraints example
- Scheduling CPU constraints
- Memory limit example
- Scheduling limits
- Setting limits
- Lessons learned from production
- Ready set go
- Ready for production
- Hardening Kubernetes
- Further reading
- Questions
- Summary
- Securing sensitive application data (secrets)
- Additional considerations
- Enabling PodSecurityPolicies
- Pod security policies and context
- RBAC
- Admission controllers
- Authorization and authentication plugins
- Secure node communication
- Secure API calls
- Kubernetes cluster security
- Image signing and verification
- Continuous vulnerability scanning
- Image repositories
- Resource exhaustion and orchestration security
- Keeping containers contained
- Basics of container security
- Cluster Authentication Authorization and Container Security
- Further reading
- Questions
- Summary
- Deleting the cluster
- Getting to multi-cloud
- True multi-cloud
- Jobs
- Events
- Other federated resources
- How to use federated HPAs
- Federated horizontal pod autoscalers
- Federated configurations
- Federated resources
- Adding clusters to the federation system
- Initializing the federation control plane
- New clusters for federation
- Contexts
- Setting up federation
- Federated services
- Key components
- The building blocks of federation
- Why federation?
- Introduction to federation
- Technical requirements
- Cluster Federation and Multi-Tenancy
- Further reading
- Questions
- Summary
- How to get involved
- Kubernetes SIGs
- What Kubernetes isn't
- CNCF structure
- Git's benefits
- Setting up Git for contributions
- Technical requirements
- Kubernetes SIGs Incubation Projects and the CNCF
- Further reading
- Questions
- Summary
- Using CRDs
- Custom resource definitions
- The workloads API
- Using admission controllers
- Admission controllers
- Cluster life cycle
- Installing workers
- Stacked nodes
- Setting up
- Prerequisites
- HA approaches for Kubernetes
- HA features of the major cloud service providers
- HA clusters
- Anti-fragility
- HA best practices
- The five nines of availability
- Downtime
- Uptime
- Uptime and downtime
- How do we measure availability?
- Introduction to high availability
- Technical requirements
- Designing for High Availability and Scalability
- Further reading
- Summary
- Google Kubernetes Engine
- Microsoft Azure
- Amazon Web Services
- Hosted platforms
- Dashboard highlights
- Tectonic
- Kubernetes with CoreOS
- etcd
- rkt
- CoreOS
- Standard container specification
- CNCF
- More on container runtimes
- Trying out CRI-O
- Container Runtime Interface
- The OCI
- The OCI Charter
- The importance of standards
- Technical requirements
- Operating Systems Platforms and Cloud and Local Providers
- Further reading
- Questions
- Summary
- Installing Prometheus
- Tips for creating an Operator
- Prometheus installation choices
- Prometheus summary
- Prometheus
- The Csysdig command-line UI
- The Sysdig command line
- Alerting
- Metrics
- Topology views
- Detailed views
- Sysdig Cloud
- Beyond system monitoring with Sysdig
- Alerts
- Signing up for GCE monitoring
- GCE (Stackdriver)
- Maturing our monitoring operations
- FluentD
- FluentD and Google Cloud Logging
- Customizing our dashboards
- Exploring Heapster
- Built-in monitoring
- Monitoring operations
- Technical requirements
- Monitoring and Logging
- Further reading
- Questions
- Summary
- Bonus fun
- Helm and Minikube
- Configuring the Kubernetes plugin
- Installing plugins
- Prerequisites
- The Kubernetes plugin for Jenkins
- gulp.js build example
- Prerequisites
- gulp.js
- Integrating Kubernetes with a continuous delivery pipeline
- Technical requirements
- Designing for Continuous Integration and Delivery
- Further reading
- Questions
- Summary
- Getting started with Helm
- Managing applications
- Scaling manually
- Scaling up the cluster on AWS
- Scaling up the cluster on GCE
- Autoscaling
- Scaling a cluster
- Application autoscaling
- Testing releases and cutovers
- Smooth updates
- Scaling up
- Example setup
- Technical requirements
- Application Updates Gradual Rollouts and Autoscaling
- Further reading
- Questions
- Summary
- A stateful example
- StatefulSets
- Dynamic volume provisioning
- PersistentVolumes and Storage Classes
- Other storage options
- AWS Elastic Block Store
- GCE Persistent Disks
- Cloud volumes
- Temporary disks
- Persistent storage
- Technical requirements
- Exploring Kubernetes Storage Concepts
- Questions
- Summary
- Node selection
- DaemonSets
- Scheduled jobs
- Parallel jobs
- Other types of jobs
- Jobs
- Autoscaling
- History and rollbacks
- Updates and rollouts
- Scaling
- Deployment use cases
- Deployments
- How Kubernetes manages state
- Technical requirements
- Implementing Reliable Container-Native Applications
- Further reading
- Questions
- Summary
- A note on resource usage
- Limits
- Multitenancy
- DNS
- Service discovery
- Custom addressing
- Migrations multicluster and more
- Types of ingress
- Ingress
- Multiple ports
- Custom ports
- Cross-node proxy
- Custom load balancing
- Internal services
- External services
- Advanced services
- Balanced design
- Kube-router
- Canal
- Project Calico
- Flannel
- Weave
- Networking comparisons
- Networking options
- The Kubernetes approach
- Docker user-defined networks
- Docker default networks
- The Docker approach
- Container networking
- Technical requirements
- Working with Networking Load Balancers and Ingress
- Further reading
- Questions
- Summary
- Scheduling example
- Application scheduling
- Life cycle hooks or graceful shutdown
- TCP checks
- Health checks
- Replica sets
- More on labels
- Our first Kubernetes application
- Replication controllers and replica sets
- Services
- The container's afterlife
- Labels
- Pod example
- Pods
- Core constructs
- Nodes (formerly minions)
- Master
- Cluster nodes
- Cluster state
- The Master
- The architecture
- Ecosystem
- Interface layer
- Governance layer
- Application layer
- Nucleus
- The Kubernetes system
- Technical requirements
- Building a Foundation with Core Kubernetes Constructs
- Further reading
- Questions
- Summary
- Joining the cluster
- Networking
- Joining nodes
- Setting up a master
- Installing Kubernetes components (kubelet and kubeadm)
- Cluster setup
- Starting from scratch
- Local alternatives
- Investigating other deployment automation
- Resetting the cluster
- Other modes
- Creating your cluster
- Cluster state storage
- IAM setup
- CLI setup
- Working with other providers
- Tearing down a cluster
- Services running on the minions
- Services running on the master
- Command line
- Grafana
- Kubernetes UI
- Running Kubernetes on GCE
- Our first clusters
- Future challenges
- Microservices and orchestration
- Resource utilization
- The advantages of Continuous Integration/Continuous Deployment
- Why are containers so cool?
- Union filesystems
- Namespaces
- cgroups
- What is a container?
- A brief overview of containers
- Technical requirements
- Introduction to Kubernetes
- Reviews
- Get in touch
- Conventions used
- Download the color images
- Download the example code files
- To get the most out of this book
- What this book covers
- Who this book is for
- Preface
- Packt is searching for authors like you
- About the reviewer
- About the authors
- Contributors
- Packt.com
- Why subscribe?
- Packt Upsell
- Dedication
- Title Page
- coverpage
- coverpage
- Title Page
- Dedication
- Packt Upsell
- Why subscribe?
- Packt.com
- Contributors
- About the authors
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Introduction to Kubernetes
- Technical requirements
- A brief overview of containers
- What is a container?
- cgroups
- Namespaces
- Union filesystems
- Why are containers so cool?
- The advantages of Continuous Integration/Continuous Deployment
- Resource utilization
- Microservices and orchestration
- Future challenges
- Our first clusters
- Running Kubernetes on GCE
- Kubernetes UI
- Grafana
- Command line
- Services running on the master
- Services running on the minions
- Tearing down a cluster
- Working with other providers
- CLI setup
- IAM setup
- Cluster state storage
- Creating your cluster
- Other modes
- Resetting the cluster
- Investigating other deployment automation
- Local alternatives
- Starting from scratch
- Cluster setup
- Installing Kubernetes components (kubelet and kubeadm)
- Setting up a master
- Joining nodes
- Networking
- Joining the cluster
- Summary
- Questions
- Further reading
- Building a Foundation with Core Kubernetes Constructs
- Technical requirements
- The Kubernetes system
- Nucleus
- Application layer
- Governance layer
- Interface layer
- Ecosystem
- The architecture
- The Master
- Cluster state
- Cluster nodes
- Master
- Nodes (formerly minions)
- Core constructs
- Pods
- Pod example
- Labels
- The container's afterlife
- Services
- Replication controllers and replica sets
- Our first Kubernetes application
- More on labels
- Replica sets
- Health checks
- TCP checks
- Life cycle hooks or graceful shutdown
- Application scheduling
- Scheduling example
- Summary
- Questions
- Further reading
- Working with Networking Load Balancers and Ingress
- Technical requirements
- Container networking
- The Docker approach
- Docker default networks
- Docker user-defined networks
- The Kubernetes approach
- Networking options
- Networking comparisons
- Weave
- Flannel
- Project Calico
- Canal
- Kube-router
- Balanced design
- Advanced services
- External services
- Internal services
- Custom load balancing
- Cross-node proxy
- Custom ports
- Multiple ports
- Ingress
- Types of ingress
- Migrations multicluster and more
- Custom addressing
- Service discovery
- DNS
- Multitenancy
- Limits
- A note on resource usage
- Summary
- Questions
- Further reading
- Implementing Reliable Container-Native Applications
- Technical requirements
- How Kubernetes manages state
- Deployments
- Deployment use cases
- Scaling
- Updates and rollouts
- History and rollbacks
- Autoscaling
- Jobs
- Other types of jobs
- Parallel jobs
- Scheduled jobs
- DaemonSets
- Node selection
- Summary
- Questions
- Exploring Kubernetes Storage Concepts
- Technical requirements
- Persistent storage
- Temporary disks
- Cloud volumes
- GCE Persistent Disks
- AWS Elastic Block Store
- Other storage options
- PersistentVolumes and Storage Classes
- Dynamic volume provisioning
- StatefulSets
- A stateful example
- Summary
- Questions
- Further reading
- Application Updates Gradual Rollouts and Autoscaling
- Technical requirements
- Example setup
- Scaling up
- Smooth updates
- Testing releases and cutovers
- Application autoscaling
- Scaling a cluster
- Autoscaling
- Scaling up the cluster on GCE
- Scaling up the cluster on AWS
- Scaling manually
- Managing applications
- Getting started with Helm
- Summary
- Questions
- Further reading
- Designing for Continuous Integration and Delivery
- Technical requirements
- Integrating Kubernetes with a continuous delivery pipeline
- gulp.js
- Prerequisites
- gulp.js build example
- The Kubernetes plugin for Jenkins
- Prerequisites
- Installing plugins
- Configuring the Kubernetes plugin
- Helm and Minikube
- Bonus fun
- Summary
- Questions
- Further reading
- Monitoring and Logging
- Technical requirements
- Monitoring operations
- Built-in monitoring
- Exploring Heapster
- Customizing our dashboards
- FluentD and Google Cloud Logging
- FluentD
- Maturing our monitoring operations
- GCE (Stackdriver)
- Signing up for GCE monitoring
- Alerts
- Beyond system monitoring with Sysdig
- Sysdig Cloud
- Detailed views
- Topology views
- Metrics
- Alerting
- The Sysdig command line
- The Csysdig command-line UI
- Prometheus
- Prometheus summary
- Prometheus installation choices
- Tips for creating an Operator
- Installing Prometheus
- Summary
- Questions
- Further reading
- Operating Systems Platforms and Cloud and Local Providers
- Technical requirements
- The importance of standards
- The OCI Charter
- The OCI
- Container Runtime Interface
- Trying out CRI-O
- More on container runtimes
- CNCF
- Standard container specification
- CoreOS
- rkt
- etcd
- Kubernetes with CoreOS
- Tectonic
- Dashboard highlights
- Hosted platforms
- Amazon Web Services
- Microsoft Azure
- Google Kubernetes Engine
- Summary
- Further reading
- Designing for High Availability and Scalability
- Technical requirements
- Introduction to high availability
- How do we measure availability?
- Uptime and downtime
- Uptime
- Downtime
- The five nines of availability
- HA best practices
- Anti-fragility
- HA clusters
- HA features of the major cloud service providers
- HA approaches for Kubernetes
- Prerequisites
- Setting up
- Stacked nodes
- Installing workers
- Cluster life cycle
- Admission controllers
- Using admission controllers
- The workloads API
- Custom resource definitions
- Using CRDs
- Summary
- Questions
- Further reading
- Kubernetes SIGs Incubation Projects and the CNCF
- Technical requirements
- Setting up Git for contributions
- Git's benefits
- CNCF structure
- What Kubernetes isn't
- Kubernetes SIGs
- How to get involved
- Summary
- Questions
- Further reading
- Cluster Federation and Multi-Tenancy
- Technical requirements
- Introduction to federation
- Why federation?
- The building blocks of federation
- Key components
- Federated services
- Setting up federation
- Contexts
- New clusters for federation
- Initializing the federation control plane
- Adding clusters to the federation system
- Federated resources
- Federated configurations
- Federated horizontal pod autoscalers
- How to use federated HPAs
- Other federated resources
- Events
- Jobs
- True multi-cloud
- Getting to multi-cloud
- Deleting the cluster
- Summary
- Questions
- Further reading
- Cluster Authentication Authorization and Container Security
- Basics of container security
- Keeping containers contained
- Resource exhaustion and orchestration security
- Image repositories
- Continuous vulnerability scanning
- Image signing and verification
- Kubernetes cluster security
- Secure API calls
- Secure node communication
- Authorization and authentication plugins
- Admission controllers
- RBAC
- Pod security policies and context
- Enabling PodSecurityPolicies
- Additional considerations
- Securing sensitive application data (secrets)
- Summary
- Questions
- Further reading
- Hardening Kubernetes
- Ready for production
- Ready set go
- Lessons learned from production
- Setting limits
- Scheduling limits
- Memory limit example
- Scheduling CPU constraints
- CPU constraints example
- Securing a cluster
- Third-party companies
- Private registries
- Google Kubernetes Engine
- Azure Kubernetes Service
- ClusterHQ
- Portworx
- Shippable
- Twistlock
- Aqua Sec
- Mesosphere (Kubernetes on Mesos)
- Deis
- OpenShift
- Summary
- Questions
- Further reading
- Kubernetes Infrastructure Management
- Technical requirements
- Planning a cluster
- Picking what's right
- Securing the cluster
- Tuning examples
- Upgrading the cluster
- Upgrading PaaS clusters
- Scaling the cluster
- On GKE and AKS
- DIY clusters
- Node maintenance
- Additional configuration options
- Summary
- Questions
- Further reading
- Assessments
- Chapter 1: Introduction to Kubernetes
- Chapter 2: Building a Foundation with Core Kubernetes Constructs
- Chapter 3: Working with Networking Load Balancers and Ingress
- Chapter 4: Implementing Reliable Container-Native Applications
- Chapter 5: Exploring Kubernetes Storage Concepts
- Chapter 6: Application Updates Gradual Rollouts and Autoscaling
- Chapter 7: Designing for Continuous Integration and Delivery
- Chapter 8: Monitoring and Logging
- Chapter 10: Designing for High Availability and Scalability
- Chapter 11: Kubernetes SIGs Incubation Projects and the CNCF
- Chapter 12: Cluster Federation and Multi-Tenancy
- Chapter 13: Cluster Authentication Authorization and Container Security
- Chapter 14: Hardening Kubernetes
- Chapter 15: Kubernetes Infrastructure Management
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-10 19:48:04
