Book Image

DevOps with Kubernetes

By : Hideto Saito, Hui-Chuan Chloe Lee, Cheng-Yang Wu
Book Image

DevOps with Kubernetes

By: Hideto Saito, Hui-Chuan Chloe Lee, Cheng-Yang Wu

Overview of this book

Containerization is said to be the best way to implement DevOps. Google developed Kubernetes, which orchestrates containers efficiently and is considered the frontrunner in container orchestration. Kubernetes is an orchestrator that creates and manages your containers on clusters of servers. This book will guide you from simply deploying a container to administrate a Kubernetes cluster, and then you will learn how to do monitoring, logging, and continuous deployment in DevOps. The initial stages of the book will introduce the fundamental DevOps and the concept of containers. It will move on to how to containerize applications and deploy them into. The book will then introduce networks in Kubernetes. We then move on to advanced DevOps skills such as monitoring, logging, and continuous deployment in Kubernetes. It will proceed to introduce permission control for Kubernetes resources via attribute-based access control and role-based access control. The final stage of the book will cover deploying and managing your container clusters on the popular public cloud Amazon Web Services and Google Cloud Platform. At the end of the book, other orchestration frameworks, such as Docker Swarm mode, Amazon ECS, and Apache Mesos will be discussed.

Related Content you might be interested in

Current Title:

Small book image
DevOps with Kubernetes
Hideto Saito | Hui-Chuan Chloe Lee | Cheng-Yang Wu
Oct, 2017 | 382 pages
Small book image
Kubernetes Cookbook
HuiChuan Chloe Lee | KeJou Carol Hsu | Hideto Saito
May, 2018 | 554 pages
Small book image
Kubernetes on AWS
Edward Robinson
Nov, 2018 | 270 pages
Small book image
Getting Started with Kubernetes
Jesse White | Jonathan Baier
Oct, 2018 | 470 pages
Table of Contents (12 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Introduction to DevOps
Introduction to DevOps
Software delivery challenges
Trend of microservices
Automation and tools
Summary
2
DevOps with Container
DevOps with Container
Understanding container
Container life cycle
Working with Dockerfile
Multi-containers orchestration
Summary
3
Getting Started with Kubernetes
Getting Started with Kubernetes
Understanding Kubernetes
Getting started with Kubernetes
Multi-containers orchestration
Summary
4
Working with Storage and Resources
Working with Storage and Resources
Kubernetes volume management
Kubernetes resource management
Summary
5
Network and Security
Network and Security
Kubernetes networking
Ingress
Network policy
Summary
6
Monitoring and Logging
Monitoring and Logging
Inspecting a container
Monitoring in Kubernetes
Hands-on monitoring
Logging events
Extracting metrics from logs
Summary
7
Continuous Delivery
Continuous Delivery
Updating resources
Building a delivery pipeline
Gaining deeper understanding of pods
Summary
8
Cluster Administration
Cluster Administration
Kubernetes namespaces
ResourceQuota
Kubeconfig
Service account
Authentication and authorization
Admission control
Summary
9
Kubernetes on AWS
Kubernetes on AWS
Introduction to AWS
Setup Kubernetes on AWS
Summary
10
Kubernetes on GCP
Kubernetes on GCP
Introduction to GCP
Google Container Engine (GKE)
Summary
11
What's Next
What's Next
Exploring the possibilities of Kubernetes
Gravitating towards a future infrastructure
Summary

Authentication and authorization

Authentication and authorization are important from DevOps' point of view. Authentication verifies users and checks if the users are really who they represent themselves to be. Authorization, on the other hand, checks what permission levels users have. Kubernetes supports different authentication and authorization modules.

The following is an illustration that shows how the Kubernetes API server processes the access control when it receives a request.

Access control in API server

When the request comes to API server, firstly, it establishes a TLS connection by validating the clients' certificate with the certificate authority (CA) in the API server. The CA in the API server is usually at /etc/kubernetes/, and the clients' certificate is usually at $HOME/.kube/config. After the handshake, it goes to the authentication stage. In Kuberentes...

Previous Section
End of Section 6
Next Section