Book Image

Modern DevOps Practices - Second Edition

By : Gaurav Agarwal
Book Image

Modern DevOps Practices - Second Edition

By: Gaurav Agarwal

Overview of this book

DevOps and the cloud have changed how we look at software development and operations like never before, leading to the rapid growth of various DevOps tools, techniques, and practices. This updated edition helps you pick up the right tools by providing you with everything you need to get started with your DevOps journey. The book begins by introducing you to modern cloud-native architecture, and then teaches you about the architectural concepts needed to implement the modern way of application development. The next set of chapters helps you get familiarized with Git, Docker, Kubernetes, Ansible, Terraform, Packer, and other similar tools to enable you to build a base. As you advance, you’ll explore the core elements of cloud integration—AWS ECS, GKE, and other CaaS services. The chapters also discuss GitOps, continuous integration, and continuous delivery—GitHub actions, Jenkins, and Argo CD—to help you understand the essence of modern app delivery. Later, you’ll operate your container app in production using a service mesh and apply AI in DevOps. Throughout the book, you’ll discover best practices for automating and managing your development lifecycle, infrastructure, containers, and more. By the end of this DevOps book, you'll be well-equipped to develop and operate applications using modern tools and techniques.

Related Content you might be interested in

Current Title:

Small book image
Modern DevOps Practices - Second Edition
Gaurav Agarwal
Jan, 2024 | 568 pages
Small book image
Argo CD in Practice
Liviu Costea | Spiros Economakis
Nov, 2022 | 236 pages
Small book image
Terraform for Google Cloud Essential Guide
Bernd Nordhausen
Jan, 2023 | 180 pages
Small book image
Secure Continuous Delivery on Google Cloud
Giovanni Galloro | Nathaniel Avery | David Dorbin
Apr, 2024 | 304 pages
Table of Contents (24 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Get in touch
Share your thoughts
Download a free PDF copy of this book
1
Part 1:Modern DevOps Fundamentals
Part 1:Modern DevOps Fundamentals
Free Chapter
2
Chapter 1: The Modern Way of DevOps
Chapter 1: The Modern Way of DevOps
What is DevOps?
Introduction to cloud computing
Understanding modern cloud-native applications
Modern DevOps versus traditional DevOps
The need for containers
Container architecture
Containers and modern DevOps practices
Migrating from virtual machines to containers
Are we there yet?
Summary
Questions
Answers
3
Chapter 2: Source Code Management with Git and GitOps
Chapter 2: Source Code Management with Git and GitOps
Technical requirements
What is source code management?
A crash course on Git
What is GitOps?
Why GitOps?
The principles of GitOps
Branching strategies and the GitOps workflow
Git versus GitOps
Summary
Questions
Answers
4
Chapter 3: Containerization with Docker
Chapter 3: Containerization with Docker
Technical requirements
Installing Docker
Introducing Docker storage drivers and volumes
Running your first container
Docker logging and logging drivers
Docker monitoring with Prometheus
Declarative container management with Docker Compose
Summary
Questions
Answers
5
Chapter 4: Creating and Managing Container Images
Chapter 4: Creating and Managing Container Images
Technical requirements
Docker architecture
Understanding Docker images
Understanding Dockerfiles, components, and directives
Building and managing Docker images
Optimizing containers with distroless images
Understanding Docker registries
Summary
Questions
Answers
6
Part 2:Container Orchestration and Serverless
Part 2:Container Orchestration and Serverless
7
Chapter 5: Container Orchestration with Kubernetes
Chapter 5: Container Orchestration with Kubernetes
Technical requirements
What is Kubernetes, and why do I need it?
Kubernetes architecture
Installing Kubernetes (Minikube and KinD)
Understanding Kubernetes pods
Summary
Questions
Answers
8
Chapter 6: Managing Advanced Kubernetes Resources
Chapter 6: Managing Advanced Kubernetes Resources
Technical requirements
The need for advanced Kubernetes resources
Kubernetes Deployments
Kubernetes Services and Ingresses
Horizontal Pod autoscaling
Managing stateful applications
Kubernetes command-line best practices, tips, and tricks
Summary
Questions
Answers
9
Chapter 7: Containers as a Service (CaaS) and Serverless Computing for Containers
Chapter 7: Containers as a Service (CaaS) and Serverless Computing for Containers
Technical requirements
The need for serverless offerings
Amazon ECS with EC2 and Fargate
Other CaaS services
Open source CaaS with Knative
Summary
Questions
Answers
10
Part 3:Managing Config and Infrastructure
Part 3:Managing Config and Infrastructure
11
Chapter 8: Infrastructure as Code (IaC) with Terraform
Chapter 8: Infrastructure as Code (IaC) with Terraform
Technical requirements
Introduction to IaC
Terraform providers
Terraform variables
Terraform workflow
Terraform modules
Managing Terraform state
Terraform workspaces
Terraform output, state, console, and graphs
Summary
Questions
Answers
12
Chapter 9: Configuration Management with Ansible
Chapter 9: Configuration Management with Ansible
Technical requirements
Introduction to configuration management
Setting up Ansible
Ansible tasks and modules
Introduction to Ansible playbooks
Ansible playbooks in action
Designing for reusability
Summary
Questions
Answers
13
Chapter 10: Immutable Infrastructure with Packer
Chapter 10: Immutable Infrastructure with Packer
Technical requirements
Immutable infrastructure with HashiCorp’s Packer
Creating the Apache and MySQL playbooks
Building the Apache and MySQL images using Packer and Ansible provisioners
Creating the required infrastructure with Terraform
Summary
Questions
Answers
14
Part 4:Delivering Applications with GitOps
Part 4:Delivering Applications with GitOps
15
Chapter 11: Continuous Integration with GitHub Actions and Jenkins
Chapter 11: Continuous Integration with GitHub Actions and Jenkins
Technical requirements
The importance of automation
Introduction to the sample microservices-based blogging application – Blog App
Building a CI pipeline with GitHub Actions
Scalable Jenkins on Kubernetes with Kaniko
Automating a build with triggers
Building performance best practices
Summary
Questions
Answers
16
Chapter 12: Continuous Deployment/Delivery with Argo CD
Chapter 12: Continuous Deployment/Delivery with Argo CD
Technical requirements
The importance of CD and automation
CD models and tools
The Blog App and its deployment configuration
Continuous declarative IaC using an Environment repository
Introduction to Argo CD
Installing and setting up Argo CD
Managing sensitive configurations and Secrets
Deploying the sample Blog App
Summary
Questions
Answers
17
Chapter 13: Securing and Testing Your CI/CD Pipeline
Chapter 13: Securing and Testing Your CI/CD Pipeline
Technical requirements
Securing and testing CI/CD pipelines
Revisiting the Blog Application
Container vulnerability scanning
Managing secrets
Testing your application within the CD pipeline
Binary authorization
Release gating with pull requests and deployment to production
Merging code and deploying to prod
Security and testing best practices for modern DevOps pipelines
Summary
Questions
Answers
18
Part 5:Operating Applications in Production
Part 5:Operating Applications in Production
19
Chapter 14: Understanding Key Performance Indicators (KPIs) for Your Production Service
Chapter 14: Understanding Key Performance Indicators (KPIs) for Your Production Service
Understanding the importance of reliability
Understanding SLIs, SLOs, and SLAs
Error budgets
Disaster recovery, RTO, and RPO
Running distributed applications in production
Summary
Questions
Answers
20
Chapter 15: Implementing Traffic Management, Security, and Observability with Istio
Chapter 15: Implementing Traffic Management, Security, and Observability with Istio
Technical requirements
Revisiting the Blog App
Introduction to service mesh
Introduction to Istio
Understanding the Istio architecture
Installing Istio
Using Istio ingress to allow traffic
Securing your microservices using Istio
Managing traffic with Istio
Observing traffic and alerting with Istio
Summary
Questions
Answers
21
Index
Index
Why subscribe?
22
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts
Download a free PDF copy of this book
Appendix: The Role of AI in DevOps
Appendix: The Role of AI in DevOps
What is AI?
The role of AI in the DevOps infinity loop
Summary

Binary authorization

Binary authorization is a deploy-time security mechanism that ensures that only trusted binary files are deployed within your environments. In the context of containers and Kubernetes, binary authorization uses signature validation and ensures that only container images signed by a trusted authority are deployed within your Kubernetes cluster.

Using binary authorization gives you tighter control over what is deployed in your cluster. It ensures that only tested containers and those approved and verified by a particular authority (such as security tooling or personnel) are present in your cluster.

Binary authorization works by enforcing rules within your cluster via an admission controller. This means you can create rulesets only to allow images signed by an attestation authority to be deployed in your cluster. Your quality assurance (QA) team can be a good attestor in a practical scenario. You can also embed the attestation within your CI/CD pipelines. The...

Previous Section
End of Section 8
Next Section