𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes, 2nd Edition (Third Early Release)

✍ Scribed by Brendan Burns, Eddie Villalba, Dave Strebel, and Lachlan Evenson

Publisher
O'Reilly Media, Inc.
Year
2023
Tongue
English
Leaves
287
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

In this practical guide, four Kubernetes professionals with deep experience in distributed systems, enterprise application development, and open source will guide you through the process of building applications with this container orchestration system. They distill decades of experience from companies that are successfully running Kubernetes in production and provide concrete code examples to back the methods presented in this book.

Revised to cover all the latest Kubernetes features, new tooling, and deprecations, this book is ideal for those who are familiar with basic Kubernetes concepts but want to get up to speed on the latest best practices. You'll learn exactly what you need to know to build your best app with Kubernetes the first time.

Set up and develop applications in Kubernetes
Learn patterns for monitoring, securing your systems, and managing upgrades, rollouts, and rollbacks
Integrate services and legacy applications and develop higher-level platforms on top of Kubernetes
Run machine learning workloads in Kubernetes
Ensure Pod and container security
Understand issues that have become increasingly critical to the successful implementation of Kubernetes, such as chaos engineering/testing, GitOps, service mesh, and observability

✦ Table of Contents

  1. Setting Up a Basic Service
    Application Overview
    Managing Configuration Files
    Creating a Replicated Service Using Deployments
    Best Practices for Image Management
    Creating a Replicated Application
    Setting Up an External Ingress for HTTP Traffic
    Configuring an Application with ConfigMaps
    Managing Authentication with Secrets
    Deploying a Simple Stateful Database
    Creating a TCP Load Balancer by Using Services
    Using Ingress to Route Traffic to a Static File Server
    Parameterizing Your Application by Using Helm
    Deploying Services Best Practices
    Summary
  2. Developer Workflows
    Goals
    Building a Development Cluster
    Setting Up a Shared Cluster for Multiple Developers
    Onboarding Users
    Creating and Securing a Namespace
    Managing Namespaces
    Cluster-Level Services
    Enabling Developer Workflows
    Initial Setup
    Enabling Active Development
    Enabling Testing and Debugging
    Setting Up a Development Environment Best Practices
    Summary
  3. Monitoring and Logging in Kubernetes
    Metrics Versus Logs
    Monitoring Techniques
    Monitoring Patterns
    Kubernetes Metrics Overview
    cAdvisor
    Metrics Server
    kube-state-metrics
    What Metrics Do I Monitor?
    Monitoring Tools
    Monitoring Kubernetes Using Prometheus
    Logging Overview
    Tools for Logging
    Logging by Using a Loki-Stack
    Alerting
    Best Practices for Monitoring, Logging, and Alerting
    Monitoring
    Logging
    Alerting
    Summary
  4. Configuration, Secrets, and RBAC
    Configuration Through ConfigMaps and Secrets
    ConfigMaps
    Secrets
    Common Best Practices for the ConfigMap and Secrets APIs
    Best practices specific to secrets
    RBAC
    RBAC Primer
    Subjects
    Rules
    Roles
    RoleBindings
    RBAC Best Practices
    Summary
  5. Continuous Integration, Testing, and Deployment
    Version Control
    Continuous Integration
    Testing
    Container Builds
    Container Image Tagging
    Continuous Deployment
    Deployment Strategies
    Testing in Production
    Setting Up a Pipeline and Performing a Chaos Experiment
    Setting Up CI
    Setting Up CD
    Performing a Rolling Upgrade
    A Simple Chaos Experiment
    Best Practices for CI/CD
    Summary
  6. Versioning, Releases, and Rollouts
    Versioning
    Releases
    Rollouts
    Putting It All Together
    Best Practices for Versioning, Releases, and Rollouts
    Summary
  7. Worldwide Application Distribution and Staging
    Distributing Your Image
    Parameterizing Your Deployment
    Load-Balancing Traffic Around the World
    Reliably Rolling Out Software Around the World
    Pre-Rollout Validation
    Canary Region
    Identifying Region Types
    Constructing a Global Rollout
    When Something Goes Wrong
    Worldwide Rollout Best Practices
    Summary
  8. Networking, Network Security, and Service Mesh
    Kubernetes Network Principles
    Network Plug-ins
    Kubenet
    Kubenet Best Practices
    The CNI Plug-in
    CNI Best Practices
    Services in Kubernetes
    Service Type ClusterIP
    Service Type NodePort
    Service Type ExternalName
    Service Type LoadBalancer
    Ingress and Ingress Controllers
    Gateway API
    Services and Ingress Controllers Best Practices
    Network Security Policy
    Network Policy Best Practices
    Service Meshes
    Service Mesh Best Practices
    Summary
  9. Policy and Governance for Your Cluster
    Why Policy and Governance Are Important
    How Is This Policy Different?
    Cloud-Native Policy Engine
    Introducing Gatekeeper
    Example Policies
    Gatekeeper Terminology
    Constraint
    Rego
    Constraint template
    Defining Constraint Templates
    Defining Constraints
    Data Replication
    UX
    Using Enforcement Action and Audit
    Mutation
    Testing Policies
    Becoming Familiar with Gatekeeper
    Policy and Governance Best Practices
    Summary
  10. Admission Control and Authorization
    Admission Control
    What Are They?
    Why Are They Important?
    Admission Controller Types
    Configuring Admission Webhooks
    Admission Control Best Practices
    Admission plug-in ordering doesn’t matter
    Don’t mutate the same fields
    Mutating admission webhooks must be idempotent
    Fail open/fail closed
    Admission webhooks must respond quickly
    Always deploy in a separate namespace use NamespaceSelector
    Don’t touch the kube-system namespace
    Lock down admission webhook configurations with RBAC
    Don’t send sensitive data
    Authorization
    Authorization Modules
    ABAC
    RBAC
    Webhook
    Authorization Best Practices
    Don’t use ABAC on multi control plane clusters
    Don’t use webhook modules
    Summary

πŸ“œ SIMILAR VOLUMES

Kubernetes Best Practices: Blueprints fo
πŸ“ Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes, 2nd Edition (Final)
✍ Brendan Burns πŸ“‚ Library πŸ“… 2024 πŸ› O'Reilly Media 🌐 English

<p>In this practical guide, four Kubernetes professionals with deep experience in distributed systems, enterprise application development, and open source will guide you through the process of building applications with this container orchestration system. They distill decades of experience from com

Kubernetes Best Practices: Blueprints fo
πŸ“ Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes
✍ Brendan Burns, Eddie Villalba, Dave Strebel, Lachlan Evenson πŸ“‚ Library πŸ“… 2019 πŸ› O'Reilly Media 🌐 English

In this practical guide, four Kubernetes professionals with deep experience in distributed systems, enterprise application development, and open source will guide you through the process of building applications with this container orchestration system. Based on the experiences of companies that are

Kubernetes Best Practices: Blueprints fo
πŸ“ Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes
✍ Brendan Burns; Eddie Villalba; Dave Strebel; Lachlan Evenson πŸ“‚ Library πŸ“… 2019 πŸ› O'Reilly Media 🌐 English

You've learned everything there is to know about Kubernetes. Now it's time to put that knowledge into practice. With this practical book, tech leads, DevOps engineers, developers, and architects will learn real-world best practices for putting Kubernetes into action with actual applications. You'll

Kubernetes Best Practices: Blueprints fo
πŸ“ Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes
✍ Brendan Burns, Eddie Villalba, Dave Strebel, Lachlan Evenson πŸ“‚ Library πŸ› O'Reilly Media 🌐 English

<p><span>In this practical guide, four Kubernetes professionals with deep experience in distributed systems, enterprise application development, and open source will guide you through the process of building applications with this container orchestration system. They distill decades of experience fr

Kubernetes Best Practices: Blueprints fo
πŸ“ Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes
✍ Brendan Burns, Eddie Villalba, Dave Strebel, Lachlan Evenson πŸ“‚ Library πŸ“… 2023 πŸ› O'Reilly Media 🌐 English

In this practical guide, four Kubernetes professionals with deep experience in distributed systems, enterprise application development, and open source will guide you through the process of building applications with this container orchestration system. They distill decades of experience from compan

Kubernetes Cookbook: Building Cloud Nati
πŸ“ Kubernetes Cookbook: Building Cloud Native Applications, 2nd Edition
✍ Sameer Naik πŸ“‚ Library πŸ“… 2023 πŸ› O'Reilly Media 🌐 English

<p>Kubernetes is the de facto standard for container orchestration and distributed applications management across a microservices framework. With this practical cookbook, you'll learn hands-on Kubernetes recipes for automating the deployment, scaling, and operations of application containers across