Book Image

Kubernetes - A Complete DevOps Cookbook

By : Murat Karslioglu
Book Image

Kubernetes - A Complete DevOps Cookbook

By: Murat Karslioglu

Overview of this book

Kubernetes is a popular open source orchestration platform for managing containers in a cluster environment. With this Kubernetes cookbook, you’ll learn how to implement Kubernetes using a recipe-based approach. The book will prepare you to create highly available Kubernetes clusters on multiple clouds such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, Alibaba, and on-premises data centers. Starting with recipes for installing and configuring Kubernetes instances, you’ll discover how to work with Kubernetes clients, services, and key metadata. You’ll then learn how to build continuous integration/continuous delivery (CI/CD) pipelines for your applications, and understand various methods to manage containers. As you advance, you’ll delve into Kubernetes' integration with Docker and Jenkins, and even perform a batch process and configure data volumes. You’ll get to grips with methods for scaling, security, monitoring, logging, and troubleshooting. Additionally, this book will take you through the latest updates in Kubernetes, including volume snapshots, creating high availability clusters with kops, running workload operators, new inclusions around kubectl and more. By the end of this book, you’ll have developed the skills required to implement Kubernetes in production and manage containers proficiently.

Related Content you might be interested in

Current Title:

Small book image
Kubernetes - A Complete DevOps Cookbook
Murat Karslioglu
Mar, 2020 | 584 pages
Small book image
Kubernetes in Production Best Practices
Murat Karslioglu | Aly Saleh
Mar, 2021 | 292 pages
Small book image
kubectl: Command-Line Kubernetes in a Nutshell
Rimantas Mocevicius
Nov, 2020 | 136 pages
Small book image
Kubernetes Cookbook
HuiChuan Chloe Lee | KeJou Carol Hsu | Hideto Saito
May, 2018 | 554 pages
Table of Contents (12 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
1
Building Production-Ready Kubernetes Clusters
Building Production-Ready Kubernetes Clusters
Technical requirements
Configuring a Kubernetes cluster on Amazon Web Services
Configuring a Kubernetes cluster on Google Cloud Platform
Configuring a Kubernetes cluster on Microsoft Azure
Configuring a Kubernetes cluster on Alibaba Cloud
Configuring and managing Kubernetes clusters with Rancher
Configuring Red Hat OpenShift
Configuring a Kubernetes cluster using Ansible
Troubleshooting installation issues
Free Chapter
2
Operating Applications on Kubernetes
Operating Applications on Kubernetes
Technical requirements
Deploying workloads using YAML files
Deploying workloads using Kustomize
Deploying workloads using Helm charts
Deploying and operating applications using Kubernetes operators
Deploying and managing the life cycle of Jenkins X
Deploying and managing the life cycle of GitLab
3
Building CI/CD Pipelines
Building CI/CD Pipelines
Technical requirements
Creating a CI/CD pipeline in Jenkins X
Creating a CI/CD pipeline in GitLab
Creating a CI/CD pipeline in CircleCI
Setting up a CI/CD pipeline using GitHub Actions
Setting up a CI/CD pipeline on Amazon Web Services
Setting up a CI/CD pipeline with Spinnaker on Google Cloud Build
Setting up a CI/CD pipeline on Azure DevOps
4
Automating Tests in DevOps
Automating Tests in DevOps
Technical requirements
Building event-driven automation with StackStorm
Automating tests with the Litmus framework
Automating Chaos Engineering with Gremlin
Automating your code review with Codacy
Detecting bugs and anti-patterns with SonarQube
Detecting license compliance issues with FOSSA
5
Preparing for Stateful Workloads
Preparing for Stateful Workloads
Technical requirements
Managing Amazon EBS volumes in Kubernetes
Managing GCE PD volumes in Kubernetes
Managing Azure Disk volumes in Kubernetes
Configuring and managing persistent storage using Rook
Configuring and managing persistent storage using OpenEBS
Setting up NFS for shared storage on Kubernetes
Troubleshooting storage issues
6
Disaster Recovery and Backup
Disaster Recovery and Backup
Technical requirements
Configuring and managing S3 object storage using MinIO
Managing Kubernetes Volume Snapshots and restore
Application backup and recovery using Velero
Application backup and recovery using Kasten
Cross-cloud application migration
7
Scaling and Upgrading Applications
Scaling and Upgrading Applications
Technical requirements
Scaling applications on Kubernetes
Assigning applications to nodes
Creating an external load balancer
Creating an ingress service and service mesh using Istio
Creating an ingress service and service mesh using Linkerd
Auto-healing pods in Kubernetes
Managing upgrades through blue/green deployments
8
Observability and Monitoring on Kubernetes
Observability and Monitoring on Kubernetes
Technical requirements
Monitoring in Kubernetes
Inspecting containers
Monitoring using Amazon CloudWatch
Monitoring using Google Stackdriver
Monitoring using Azure Monitor
Monitoring Kubernetes using Prometheus and Grafana
Monitoring and performance analysis using Sysdig
Managing the cost of resources using Kubecost
9
Securing Applications and Clusters
Securing Applications and Clusters
Technical requirements
Using RBAC to harden cluster security
Configuring Pod Security Policies
Using Kubernetes CIS Benchmark for security auditing
Building DevSecOps into the pipeline using Aqua Security
Monitoring suspicious application activities using Falco
Securing credentials using HashiCorp Vault
10
Logging with Kubernetes
Logging with Kubernetes
Technical requirements
Accessing Kubernetes logs locally
Accessing application-specific logs
Building centralized logging in Kubernetes using the EFK stack
Logging Kubernetes using Google Stackdriver
Using a managed Kubernetes logging service
Logging for your Jenkins CI/CD environment
11
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Troubleshooting installation issues

Kubernetes consists of many loosely coupled components and APIs. Based on environmental differences, you may run into problems where a little bit more attention is required to get everything up and running. Fortunately, Kubernetes provides many ways to point out problems.

In this section, we will learn how to get cluster information in order to troubleshoot potential issues.

How to do it…

Follow these steps to gather cluster information in order to troubleshoot potential issues:

  1. Create a file dump of the cluster state called cluster-state:
$ kubectl cluster-info dump --all-namespaces \
 --output-directory=$PWD/cluster-state
  1. Display the master and service addresses:
$ kubectl cluster-info
Kubernetes master is running at https://172.23.1.110:6443
Heapster is running at https://172.23.1.110:6443/api/v1/namespaces/kube-system/services/heapster/proxy
KubeDNS is running at https://172.23.1.110:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
  1. Show the resource usage of the us-west-2.compute.internal node:
$ kubectl top node us-west-2.compute.internal
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
us-west-2.compute.internal 42m 2% 1690Mi 43%
  1. Mark the us-west-2.compute.internal node as unschedulable:
$ kubectl cordon us-west-2.compute.internal
  1. Safely evict all the pods from the us-west-2.compute.internal node for maintenance:
$ kubectl drain us-west-2.compute.internal
  1. Mark the us-west-2.compute.internal node as schedulable after maintenance:
$ kubectl uncordon us-west-2.compute.internal

How it works…

This recipe showed you how to quickly troubleshoot common Kubernetes cluster issues.

In step 1, when the kubectl cluster-info command was executed with the --output-directory parameter, Kubernetes dumped the content of the cluster state under a specified folder. You can see the full list using the following command:

$ tree ./cluster-state
./cluster-state
├── default
│ ├── daemonsets.json
│ ├── deployments.json
│ ├── events.json
│ ├── pods.json
│....

In step 4, we marked the node as unavailable using the kubectl cordon command. Kubernetes has a concept of scheduling applications, meaning that it assigns pods to nodes that are available. If you know in advance that an instance on your cluster will be terminated or updated, you don't want new pods to be scheduled on that specific node. Cordoning means patching the node with node.Spec.Unschedulable=true. When a node is set as unavailable, no new pods will be scheduled on that node.

In step 5, we use, the kubectl drain command to evict the existing pods, because cordoning alone will not have an impact on the currently scheduled pods. Evict APIs take disruption budgets into account. If set by the owner, disruption budgets limit the number of pods of a replicated application that are down simultaneously from voluntary disruptions. If this isn't supported or set, Evict APIs will simply delete the pods on the node after the grace period.

There's more…

It is also useful to have knowledge of the following information:

  • Setting log levels

Setting log levels

When using the kubectl command, you can set the output verbosity with the --v flag, followed by an integer for the log level, which is a number between 0 and 9. The general Kubernetes logging conventions and the associated log levels are described in the Kubernetes documentation at https://kubernetes.io/docs/reference/kubectl/cheatsheet/#kubectl-output-verbosity-and-debugging.

It is useful to get the output details in a specific format by adding one of the following parameters to your command:

  • -o=wide is used to get additional information on a resource. An example is as follows:
$ kubectl get nodes -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
ip-192-168-41-120.us-west-2.compute.internal Ready <none> 84m v1.13.8-eks-cd3eb0 192.168.41.120 34.210.108.135 Amazon Linux 2 4.14.133-113.112.amzn2.x86_64 docker://18.6.1
ip-192-168-6-128.us-west-2.compute.internal Ready <none> 84m v1.13.8-eks-cd3eb0 192.168.6.128 18.236.119.52 Amazon Linux 2 4.14.133-113.112.amzn2.x86_64 docker://18.6.1
  • -o=yaml is used to return the output in YAML format. An example is as follows:
$ kubectl get pod nginx-deployment-5c689d88bb-qtvsx -oyaml
apiVersion: v1
kind: Pod
metadata:
  annotations:
    kubernetes.io/limit-ranger: 'LimitRanger plugin set: cpu request for container
      nginx'
  creationTimestamp: 2019-09-25T04:54:20Z
  generateName: nginx-deployment-5c689d88bb-
  labels:
    app: nginx
    pod-template-hash: 5c689d88bb
  name: nginx-deployment-5c689d88bb-qtvsx
  namespace: default
...

As you can see, the output of the -o=yaml parameter can be used to create a manifest file out of an existing resource as well.

See also

Previous Section
End of Chapter 1
Next Chapter