Book Image

50 Kubernetes Concepts Every DevOps Engineer Should Know

By : Michael Levan
5 (1)
Book Image

50 Kubernetes Concepts Every DevOps Engineer Should Know

5 (1)
By: Michael Levan

Overview of this book

Kubernetes is a trending topic among engineers, CTOs, CIOs, and other technically sound professionals. Due to its proliferation and importance for all cloud technologies, DevOps engineers nowadays need a solid grasp of key Kubernetes concepts to help their organization thrive. This book equips you with all the requisite information about how Kubernetes works and how to use it for the best results. You’ll learn everything from why cloud native is important to implementing Kubernetes clusters to deploying applications in production. This book takes you on a learning journey, starting from what cloud native is and how to get started with Kubernetes in the cloud, on-premises, and PaaS environments such as OpenShift. Next, you’ll learn about deploying applications in many ways, including Deployment specs, Ingress Specs, and StatefulSet specs. Finally, you’ll be comfortable working with Kubernetes monitoring, observability, and security. Each chapter of 50 Kubernetes Concepts Every DevOps Engineer Should Know is built upon the previous chapter, ensuring that you develop practical skills as you work through the code examples in GitHub, allowing you to follow along while giving you practical knowledge. By the end of this book, you’ll be able to implement Kubernetes in any environment, whether it’s an existing environment, a greenfield environment, or your very own lab running in the cloud or your home.
Table of Contents (14 chapters)
1
Part 1: First 20 Kubernetes Concepts – In and Out of the Cloud
6
Part 2: Next 15 Kubernetes Concepts – Application Strategy and Deployments
9
Part 3: Final 15 Kubernetes Concepts – Security and Monitoring

Kubernetes resource (object) security

Throughout this chapter, you learned a little bit about Kubernetes resource security. Remember, Kubernetes resources can be anything from Pods to Ingress Controllers to Services. Essentially, anything running inside of the Kubernetes cluster that you’re reaching via the API is a Kubernetes resource.

In this section, you’re going to learn the top methods of today to secure Kubernetes resources within Kubernetes and by using third-party tools.

Pod security

When it comes to network security in a Kubernetes environment, there are two parts—the host network and the internal network. For the purposes of this section, we can’t go into host networking because every environment is going to be different. Whether it’s different physical hardware or virtual hardware setups, there’s no one-size-fits-all network environment.

However, there are a few helpful tips that work across every environment:

    ...