Book Image

Hands-On Microservices with Kubernetes

By : Gigi Sayfan
Book Image

Hands-On Microservices with Kubernetes

By: Gigi Sayfan

Overview of this book

Kubernetes is among the most popular open source platforms for automating the deployment, scaling, and operations of application containers across clusters of hosts, providing a container-centric infrastructure. Hands-On Microservices with Kubernetes starts by providing you with in-depth insights into the synergy between Kubernetes and microservices. You will learn how to use Delinkcious, which will serve as a live lab throughout the book to help you understand microservices and Kubernetes concepts in the context of a real-world application. Next, you will get up to speed with setting up a CI/CD pipeline and configuring microservices using Kubernetes ConfigMaps. As you cover later chapters, you will gain hands-on experience in securing microservices and implementing REST, gRPC APIs, and a Delinkcious data store. In addition to this, you’ll explore the Nuclio project, run a serverless task on Kubernetes, and manage and implement data-intensive tests. Toward the concluding chapters, you’ll deploy microservices on Kubernetes and learn to maintain a well-monitored system. Finally, you’ll discover the importance of service meshes and how to incorporate Istio into the Delinkcious cluster. By the end of this book, you’ll have gained the skills you need to implement microservices on Kubernetes with the help of effective tools and best practices.

Related Content you might be interested in

Current Title:

Small book image
Hands-On Microservices with Kubernetes
Gigi Sayfan
Jul, 2019 | 502 pages
Small book image
Mastering Kubernetes,
Gigi Sayfan
Jun, 2020 | 642 pages
Small book image
Mastering Kubernetes
Gigi Sayfan
Jun, 2023 | 746 pages
Small book image
Mastering Kubernetes
Gigi Sayfan
Apr, 2018 | 468 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Introduction to Kubernetes for Developers
Introduction to Kubernetes for Developers
Technical requirements
Kubernetes in a nutshell
Understanding the Kubernetes architecture
Kubernetes and microservices – a perfect match
Creating a local cluster
Summary
Further reading
2
Getting Started with Microservices
Getting Started with Microservices
Technical requirements
Programming in the small – less is more
Making your microservice autonomous
Employing interfaces and contracts
Exposing your service via APIs
Using client libraries
Managing dependencies
Coordinating microservices
Taking advantage of ownership
Understanding Conway's law
Troubleshooting across multiple services
Utilizing shared service libraries
Choosing a source control strategy
Creating a data strategy
Summary
Further reading
3
Delinkcious - the Sample Application
Delinkcious - the Sample Application
Technical requirements
Choosing Go for Delinkcious
Getting to know Go kit
Introducing the Delinkcious directory structure
Introducing the Delinkcious microservices
Storing data
Summary
Further reading
4
Setting Up the CI/CD Pipeline
Setting Up the CI/CD Pipeline
Technical requirements
Understanding a CI/CD pipeline
Options for the Delinkcious CI/CD pipeline
GitOps
Building your images with CircleCI
Setting up continuous delivery for Delinkcious
Summary
Further reading
5
Configuring Microservices with Kubernetes
Configuring Microservices with Kubernetes
Technical requirements
What is configuration all about?
Managing configuration the old-fashioned way
Managing configuration dynamically
Configuring microservices with Kubernetes
Summary
Further reading
6
Securing Microservices on Kubernetes
Securing Microservices on Kubernetes
Technical requirements
Applying sound security principles
Differentiating between user accounts and service accounts
Managing secrets with Kubernetes
Managing permissions with RBAC
Controlling access with authentication, authorization, and admission
Hardening your Kubernetes cluster using security best practices
Summary
Further reading
7
Talking to the World - APIs and Load Balancers
Talking to the World - APIs and Load Balancers
Technical requirements
Getting familiar with Kubernetes services
East-west versus north-south communication
Understanding ingress and load balancing
Providing and consuming a public REST API
Providing and consuming an internal gRPC API
Sending and receiving events via a message queue
Understanding service meshes
Summary
Further reading
8
Working with Stateful Services
Working with Stateful Services
Technical requirements
Abstracting storage
Storing data outside your Kubernetes cluster
Storing data inside your cluster with StatefulSets
Achieving high performance with local storage
Using relational databases in Kubernetes
Using non-relational data stores in Kubernetes
Summary
Further reading
9
Running Serverless Tasks on Kubernetes
Running Serverless Tasks on Kubernetes
Technical requirements
Serverless in the cloud
Link checking with Delinkcious
Serverless link checking with Nuclio
Other Kubernetes serverless frameworks
Summary
Further reading
10
Testing Microservices
Testing Microservices
Technical requirements
Unit testing
Integration testing
Local testing with Kubernetes
Isolating tests
End-to-end testing
Managing test data
Summary
Further reading
11
Deploying Microservices
Deploying Microservices
Technical requirements
Kubernetes deployments
Deploying to multiple environments
Understanding deployment strategies
Rolling back deployments
Managing versions and dependencies
Local development deployments
Summary
Further reading
12
Monitoring, Logging, and Metrics
Monitoring, Logging, and Metrics
Technical requirements
Self-healing with Kubernetes
Autoscaling a Kubernetes cluster
Provisioning resources with Kubernetes
Getting performance right
Logging
Collecting metrics on Kubernetes
Alerting
Distributed tracing
Summary
Further reading
13
Service Mesh - Working with Istio
Service Mesh - Working with Istio
Technical requirements
What is a service mesh?
What does Istio bring to the table?
Delinkcious on Istio
Alternatives to Istio
Summary
Further reading
14
The Future of Microservices and Kubernetes
The Future of Microservices and Kubernetes
The future of microservices
The future of Kubernetes
Summary
Further reading
15
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Technical requirements

In this chapter, we will work with Istio. I chose to use Google Kubernetes Engine (GKE) in this chapter because Istio can be enabled on GKE as an add-on and doesn't require you to install it. This has the following two benefits:

  • It saves time on installation
  • It demonstrates that Delinkcious can run in the cloud and not just locally

To install Istio, you simply have to enable it in the GKE console and select an mTLS mode, which is the mutual authentication between services. I chose permissive, which means that the internal communication inside the cluster is not encrypted by default, and the services will accept both encrypted and non-encrypted connections. You can override it per service. For production clusters, I recommend using the strict mTLS mode, where all connections must be encrypted:

Istio gets installed in its own istio-system namespace...

Previous Section
End of Section 2
Next Section