Book Image

Getting Started with Kubernetes, Second Edition - Second Edition

By : Jonathan Baier
Book Image

Getting Started with Kubernetes, Second Edition - Second Edition

By: Jonathan Baier

Overview of this book

Kubernetes has continued to grow and achieve broad adoption across various industries, helping you to orchestrate and automate container deployments on a massive scale. This book will give you a complete understanding of Kubernetes and how to get a cluster up and running. You will develop an understanding of the installation and configuration process. The book will then focus on the core Kubernetes constructs such as pods, services, replica sets, replication controllers, and labels. You will also understand how cluster level networking is done in Kubernetes. The book will also show you how to manage deployments and perform updates with minimal downtime. Additionally, you will learn about operational aspects of Kubernetes such as monitoring and logging. Advanced concepts such as container security and cluster federation will also be covered. Finally, you will learn about the wider Kubernetes ecosystem with OCP, CoreOS, and Tectonic and explore the third-party extensions and tools that can be used with Kubernetes. By the end of the book, you will have a complete understanding of the Kubernetes platform and will start deploying applications on it.

Related Content you might be interested in

Current Title:

Small book image
Getting Started with Kubernetes, Second Edition - Second Edition
Jonathan Baier
May, 2017 | 286 pages
Small book image
Mastering Kubernetes
Gigi Sayfan
Apr, 2018 | 468 pages
Small book image
Mastering Kubernetes
Gigi Sayfan
May, 2017 | 426 pages
Small book image
DevOps with Kubernetes
HuiChuan Chloe Lee | ChengYang Wu | Hideto Saito
Oct, 2017 | 382 pages
Table of Contents (20 chapters)
Title Page
Title Page
Credits
Credits
About the Author
About the Author
Acknowledgement
Acknowledgement
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Preface
Preface
Free Chapter
1
Introduction to Kubernetes
Introduction to Kubernetes
A brief overview of containers
Why are containers so cool?
Microservices and orchestration
The birth of Kubernetes
Our first cluster
Working with other providers
Summary
2
Pods, Services, Replication Controllers, and Labels
Pods, Services, Replication Controllers, and Labels
The architecture
Core constructs
Our first Kubernetes application
Health checks
Application scheduling
Summary
3
Networking, Load Balancers, and Ingress
Networking, Load Balancers, and Ingress
Kubernetes networking
Advanced services
Service discovery
DNS
Multitenancy
A note on resource usage
Summary
4
Updates, Gradual Rollouts, and Autoscaling
Updates, Gradual Rollouts, and Autoscaling
Example set up
Scaling up
Smooth updates
Testing, releases, and cutovers
Application autoscaling
Scaling a cluster
Summary
5
Deployments, Jobs, and DaemonSets
Deployments, Jobs, and DaemonSets
Deployments
Jobs
DaemonSets
Node selection
Summary
6
Storage and Running Stateful Applications
Storage and Running Stateful Applications
Persistent storage
StatefulSets
Summary
7
Continuous Delivery
Continuous Delivery
Integrating with continuous delivery pipeline
Gulp.js
Kubernetes plugin for Jenkins
Bonus fun
Summary
8
Monitoring and Logging
Monitoring and Logging
Monitoring operations
Built-in monitoring
FluentD and Google Cloud Logging
Maturing our monitoring operations
Summary
9
Cluster Federation
Cluster Federation
Introduction to federation
Setting up federation
True multi-cloud
Summary
10
Container Security
Container Security
Basics of container security
Image repositories
Kubernetes cluster security
Securing sensitive application data (secrets)
Summary
11
Extending Kubernetes with OCP, CoreOS, and Tectonic
Extending Kubernetes with OCP, CoreOS, and Tectonic
The importance of standards
The Open Container Initiative
Cloud Native Computing Foundation
Standard container specification
CoreOS
Kubernetes with CoreOS
Tectonic
Summary
12
Towards Production Ready
Towards Production Ready
Ready for production
Third-party companies
Where to learn more?
Summary

Kubernetes cluster security

Kubernetes has continued to add a number of security features in their latest releases and has a well-rounded set of control points that can be used in your cluster; everything from secure node communication to pod security and even storage of sensitive configuration data.

Secure API calls

During every API call, Kubernetes applies a number of security controls. This security life cycle is depicted here:

API call life cycle

After secure TLS communication is established, the API server runs through Authorization and Authentication. Finally, an Admission Controller loop is applied to the request before it reaches the API server.

Secure node communication

Kubernetes supports the use of secure communication channels between the API server and any client including the nodes themselves. Whether it's a GUI or command-line utility such as kubectl, we can use certificates to communicate with the API server. Hence, the API server is the central interaction point for any changes...

Previous Section
End of Section 4
Next Section