Kubernetes in production best practices : build and manage highly available production-ready Kubernetes clusters / Aly Saleh, Murat Karslioglu.

Format:

Book

Author/Creator:

Saleh, Aly, author.

Karslioglu, Murat, author.

Language:

English

Subjects (All):

Electronic data processing--Distributed processing.

Electronic data processing.

Application software--Development.

Application software.

Physical Description:

1 online resource (292 pages)

Place of Publication:

Birmingham ; Mumbai : Packt Publishing, 2021.

Summary:

Design, build, and operate scalable and reliable Kubernetes infrastructure for productionKey FeaturesImplement industry best practices to build and manage production-grade Kubernetes infrastructureLearn how to architect scalable Kubernetes clusters, harden container security, and fine-tune resource managementUnderstand, manage, and operate complex business workloads confidentlyBook DescriptionAlthough out-of-the-box solutions can help you to get a cluster up and running quickly, running a Kubernetes cluster that is optimized for production workloads is a challenge, especially for users with basic or intermediate knowledge. With detailed coverage of cloud industry standards and best practices for achieving scalability, availability, operational excellence, and cost optimization, this Kubernetes book is a blueprint for managing applications and services in production. You'll discover the most common way to deploy and operate Kubernetes clusters, which is to use a public cloud-managed service from AWS, Azure, or Google Cloud Platform (GCP). This book explores Amazon Elastic Kubernetes Service (Amazon EKS), the AWS-managed version of Kubernetes, for working through practical exercises. As you get to grips with implementation details specific to AWS and EKS, you'll understand the design concepts, implementation best practices, and configuration applicable to other cloud-managed services. Throughout the book, you’ll also discover standard and cloud-agnostic tools, such as Terraform and Ansible, for provisioning and configuring infrastructure. By the end of this book, you’ll be able to leverage Kubernetes to operate and manage your production environments confidently.What you will learnExplore different infrastructure architectures for Kubernetes deploymentImplement optimal open source and commercial storage management solutionsApply best practices for provisioning and configuring Kubernetes clusters, including infrastructure as code (IaC) and configuration as code (CAC)Configure the cluster networking plugin and core networking components to get the best out of themSecure your Kubernetes environment using the latest tools and best practicesDeploy core observability stacks, such as monitoring and logging, to fine-tune your infrastructureWho this book is forThis book is for cloud infrastructure experts, DevOps engineers, site reliability engineers, and engineering managers looking to design and operate Kubernetes infrastructure for production. Basic knowledge of Kubernetes, Terraform, Ansible, Linux, and AWS is needed to get the most out of this book.

Contents:

Intro

Title Page

Copyright and Credits

Dedication

Contributors

Table of Contents

Preface

Chapter 1: Introduction to Kubernetes Infrastructure and Production-Readiness

The basics of Kubernetes infrastructure

Kubernetes components

Why Kubernetes is challenging in production

Kubernetes production-readiness

The production-readiness checklist

Kubernetes infrastructure best practices

The 12 principles of infrastructure design and management

Applications definition and deployment

Processes, team, and culture

Cloud-native approach

The Cloud Native Computing Foundation

Why we should care about cloud-native

Cloud-native landscape and ecosystem

Cloud-native trail map

Summary

Further reading

Chapter 2: Architecting Production-Grade Kubernetes Infrastructure

Understanding Kubernetes infrastructure design considerations

Scaling and elasticity

High availability and reliability

Security and compliance

Cost management and optimization

Manageability and operational efficiency

Exploring Kubernetes deployment strategy alternatives

Designing an Amazon EKS infrastructure

Choosing the infrastructure provider

Choosing the cluster and node size

Choosing tools for cluster deployment and management

Deciding the cluster architecture

Chapter 3: Provisioning Kubernetes Clusters Using AWS and Terraform

Technical requirements

Installing Terraform

Implementation principles and best practices

Cluster deployment and rollout strategy

Preparing Terraform

Terraform directory structure

Persisting the Terraform state

Creating Terraform state configuration

Provisioning the Terraform state

Utilizing Terraform workspaces

Creating the network infrastructure

Developing the VPC Terraform module.

Developing the cluster VPC

Provisioning the cluster VPC

Creating the cluster infrastructure

Developing the EKS Terraform module

Developing the workers' Terraform module

Developing the Kubernetes cluster Terraform module

Putting all modules together

Provisioning the cluster infrastructure

Cleaning up and destroying infrastructure resources

Destroying the cluster resources

Destroying the VPC resources

Destroying the shared state resources

Chapter 4: Managing Cluster Configuration with Ansible

Installing the required tools

Implementation principles

Kubernetes configuration management

Kubernetes configuration management workflow

Configuration management with Ansible

Configuring the clusters

The ansible directory's structure

Creating Ansible templates

Creating Ansible variables

Creating Ansible inventories

Creating Ansible tasks

Creating the cluster's playbook

Applying the cluster's Ansible playbook

Destroying the cluster's resources

Chapter 5: Configuring and Enhancing Kubernetes Networking Services

Introducing networking production readiness

Configuring Kube Proxy

Configuring the Amazon CNI plugin

Configuring CoreDNS

Configuring ExternalDNS

Configuring NGINX Ingress Controller

Deploying the cluster's network services

Chapter 6: Securing Kubernetes Effectively

Securing Kubernetes infrastructure

Managing cluster access

Cluster authentication

Cluster authorization

Admission controller

Managing secrets and certificates

Creating and managing secrets

Managing TLS certificates with Cert-Manager

Securing workloads and apps.

Isolating critical workloads

Hardening the default pod security policy

Limiting pod access

Creating network policies with Calico

Monitoring runtime with Falco

Ensuring cluster security and compliance

Executing Kubernetes conformance tests

Scanning cluster security configuration

Executing the CIS Kubernetes benchmark

Enabling audit logging

Bonus security tips

Deploying the security configurations

Destroying the cluster

Chapter 7: Managing Storage and Stateful Applications

Understanding the challenges with stateful applications

Tuning Kubernetes storage

Understanding storage primitives in Kubernetes

Choosing a persistent storage solution

Deploying stateful applications

Installing OpenEBS

Deploying a stateful application on OpenEBS volumes

Chapter 8: Deploying Seamless and Reliable Applications

Understanding the challenges with container images

Exploring the components of container images

Choosing the right container base image

Reducing container image size

Scanning container images for vulnerabilities

Testing the download speed of a container image

Applying container base images best practices

Learning application deployment strategies

Choosing the deployment model

Monitoring deployments

Using readiness and liveness container probes

Scaling applications and achieving higher availability

Chapter 9: Monitoring, Logging, and Observability

Understanding the challenges with Kubernetes observability

Exploring the Kubernetes metrics

Learning site reliability best practices

Monitoring, metrics, and visualization.

Installing the Prometheus stack on Kubernetes

Monitoring applications with Grafana

Logging and tracing

Installing the EFK stack on Kubernetes

Chapter 10: Operating and Maintaining Efficient Kubernetes Clusters

Learning about cluster maintenance and upgrades

Upgrading kubectl

Upgrading the Kubernetes control plane

Upgrading Kubernetes components

Upgrading Kubernetes worker nodes

Preparing for backups and disaster recovery

Installing Velero on Kubernetes

Taking a backup of specific resources using Velero

Restoring an application resource from its backup using Velero

Validating cluster quality

Generating compliance reports

Managing and improving the cost of cluster resources

About Packt

Other Books You May Enjoy

Index.

Notes:

Includes index.

Description based on print version record.

ISBN:

9781800202719

1800202717

OCLC:

1240773172