Book Image

DevOps with Kubernetes - Second Edition

By : Hideto Saito, Hui-Chuan Chloe Lee, Cheng-Yang Wu
Book Image

DevOps with Kubernetes - Second Edition

By: Hideto Saito, Hui-Chuan Chloe Lee, Cheng-Yang Wu

Overview of this book

Kubernetes has been widely adopted across public clouds and on-premise data centers. As we're living in an era of microservices, knowing how to use and manage Kubernetes is an essential skill for everyone in the IT industry. This book is a guide to everything you need to know about Kubernetes—from simply deploying a container to administrating Kubernetes clusters wisely. You'll learn about DevOps fundamentals, as well as deploying a monolithic application as microservices and using Kubernetes to orchestrate them. You will then gain an insight into the Kubernetes network, extensions, authentication and authorization. With the DevOps spirit in mind, you'll learn how to allocate resources to your application and prepare to scale them efficiently. Knowing the status and activity of the application and clusters is crucial, so we’ll learn about monitoring and logging in Kubernetes. Having an improved ability to observe your services means that you will be able to build a continuous delivery pipeline with confidence. At the end of the book, you'll learn how to run managed Kubernetes services on three top cloud providers: Google Cloud Platform, Amazon Web Services, and Microsoft Azure.

Related Content you might be interested in

Current Title:

Small book image
DevOps with Kubernetes - Second Edition
Hideto Saito | Hui-Chuan Chloe Lee | Cheng-Yang Wu
Jan, 2019 | 484 pages
Small book image
Kubernetes Cookbook
HuiChuan Chloe Lee | KeJou Carol Hsu | Hideto Saito
May, 2018 | 554 pages
Small book image
Kubernetes on AWS
Edward Robinson
Nov, 2018 | 270 pages
Small book image
The Kubernetes Bible
Nassim Kebbani | Russ McKendrick | Piotr Tylenda
Feb, 2022 | 680 pages
Table of Contents (14 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Introduction to DevOps
Introduction to DevOps
Software delivery challenges
The microservices trend
Automation and tools
Summary
2
DevOps with Containers
DevOps with Containers
Understanding containers
The life cycle of a container
Working with a Dockerfile
Multi-container orchestration
Summary
3
Getting Started with Kubernetes
Getting Started with Kubernetes
Understanding Kubernetes
Getting started with Kubernetes
Multi-container orchestration
Summary
4
Managing Stateful Workloads
Managing Stateful Workloads
Kubernetes volume management
Submitting Jobs to Kubernetes
Summary
5
Cluster Administration and Extension
Cluster Administration and Extension
Kubernetes namespaces
Kubeconfig
Service account
Authentication and authorization
Admission control
Custom resources
Summary
6
Kubernetes Network
Kubernetes Network
Kubernetes networking
Ingress
Network policy
Service mesh
Summary
7
Monitoring and Logging
Monitoring and Logging
Inspecting a container
Monitoring in Kubernetes
Hands-on monitoring
Logging events
Incorporating data from Istio
Summary
8
Resource Management and Scaling
Resource Management and Scaling
Scheduling workloads
Elastically scaling
Managing cluster resources
Summary
9
Continuous Delivery
Continuous Delivery
Updating resources
Building a delivery pipeline
Gaining a deeper understanding of pods
Summary
10
Kubernetes on AWS
Kubernetes on AWS
Introduction to AWS
Amazon EKS
Summary
11
Kubernetes on GCP
Kubernetes on GCP
Introduction to GCP
Google Kubernetes Engine (GKE)
Summary
12
Kubernetes on Azure
Kubernetes on Azure
Introduction to Azure
Azure Kubernetes service
Summary
13
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Network policy

The network policy works as a software firewall to the pods. By default, every pod can communicate with each other without any boundaries. The network policy is one of the isolations you could apply to these pods. This defines who can access which pods in which port by namespace selector and pod selector. The network policy in a namespace is additive, and once a pod enables the network policy, it denies any other ingress (also known as deny all).

Currently, there are multiple network providers that support the network policy, such as Calico (https://www.projectcalico.org/calico-network-policy-comes-to-kubernetes/), Romana (https://github.com/romana/romana), Weave Net (https://www.weave.works/docs/net/latest/kube-addon/#npc), Contiv (http://contiv.github.io/documents/networking/policies.html), and Trireme (https://github.com/aporeto-inc/trireme-kubernetes). Users...

Previous Section
End of Section 4
Next Section