Book Image

Hands-On Microservices with Kubernetes

By : Gigi Sayfan
Book Image

Hands-On Microservices with Kubernetes

By: Gigi Sayfan

Overview of this book

Kubernetes is among the most popular open source platforms for automating the deployment, scaling, and operations of application containers across clusters of hosts, providing a container-centric infrastructure. Hands-On Microservices with Kubernetes starts by providing you with in-depth insights into the synergy between Kubernetes and microservices. You will learn how to use Delinkcious, which will serve as a live lab throughout the book to help you understand microservices and Kubernetes concepts in the context of a real-world application. Next, you will get up to speed with setting up a CI/CD pipeline and configuring microservices using Kubernetes ConfigMaps. As you cover later chapters, you will gain hands-on experience in securing microservices and implementing REST, gRPC APIs, and a Delinkcious data store. In addition to this, you’ll explore the Nuclio project, run a serverless task on Kubernetes, and manage and implement data-intensive tests. Toward the concluding chapters, you’ll deploy microservices on Kubernetes and learn to maintain a well-monitored system. Finally, you’ll discover the importance of service meshes and how to incorporate Istio into the Delinkcious cluster. By the end of this book, you’ll have gained the skills you need to implement microservices on Kubernetes with the help of effective tools and best practices.
Table of Contents (16 chapters)

East-west versus north-south communication

East-west communication is when services/pods/containers communicate with each other inside the cluster. As you may recall, Kubernetes exposes all the services inside the cluster via both DNS and environment variables. This solves the service discovery problem inside the cluster. It is up to you to impose further restrictions via network policies or other mechanisms. For example, in Chapter 5, Configuring Microservices with Kubernetes, we established mutual authentication between the link service and the social graph service.

North-south communication is about exposing services to the world. In theory, you could expose just your services via NodePort, but this approach is beset by numerous problems, including the following:

  • You have to deal with secure/encrypted transport yourself
  • You can't control which pods will actually service...