Production Kubernetes

- Autorzy:
- Josh Rosso, Rich Lander, Alex Brand
- Promocja Przejdź


- Ocena:
- Bądź pierwszym, który oceni tę książkę
- Stron:
- 508
- Dostępne formaty:
-
ePubMobi
Opis książki: Production Kubernetes
Kubernetes has become the dominant container orchestrator, but many organizations that have recently adopted this system are still struggling to run actual production workloads. In this practical book, four software engineers from VMware bring their shared experiences running Kubernetes in production and provide insight on key challenges and best practices.
The brilliance of Kubernetes is how configurable and extensible the system is, from pluggable runtimes to storage integrations. For platform engineers, software developers, infosec, network engineers, storage engineers, and others, this book examines how the path to success with Kubernetes involves a variety of technology, pattern, and abstraction considerations.
With this book, you will:
- Understand what the path to production looks like when using Kubernetes
- Examine where gaps exist in your current Kubernetes strategy
- Learn Kubernetes's essential building blocks--and their trade-offs
- Understand what's involved in making Kubernetes a viable location for applications
- Learn better ways to navigate the cloud native landscape
Wybrane bestsellery
-
To książka przeznaczona dla osób, które chcą z powodzeniem uruchomić Kubernetes w środowisku produkcyjnym jako platformę dla aplikacji przedsiębiorstwa. Zawiera wiele wniosków płynących z praktycznych doświadczeń autorów, omawia też kluczowe wyzwania i najlepsze praktyki. Pokazuje, w jaki sposób ...
Kubernetes w środowisku produkcyjnym. Jak budować efektywne platformy aplikacji Kubernetes w środowisku produkcyjnym. Jak budować efektywne platformy aplikacji
(0,00 zł najniższa cena z 30 dni)64.35 zł
99.00 zł(-35%) -
Oto znakomity przewodnik po Kubernetesie. Dzięki niemu w ciągu 22 godzinnych lekcji poznasz najważniejsze możliwości Kubernetesa. Od początku będziesz się koncentrować na praktyce: dzięki codziennym ćwiczeniom, przykładom i laboratoriom zdobędziesz biegłość w używaniu najlepszych narzędzi Kuberne...(0,00 zł najniższa cena z 30 dni)
83.85 zł
129.00 zł(-35%) -
The ability to administer and monitor a Kubernetes cluster is in high demand today. To meet this need, the Cloud Native Computing Foundation developed a certification exam to establish an administrator's credibility and value in the job market to confidently work in a Kubernetes environment.The C...
Certified Kubernetes Administrator (CKA) Study Guide Certified Kubernetes Administrator (CKA) Study Guide
(0,00 zł najniższa cena z 30 dni)203.15 zł
239.00 zł(-15%) -
Oto praktyczne wprowadzenie do Azure. Wyjaśniono tu wiele pojęć potrzebnych w pracy administratora, takich jak sieci wirtualne oraz koncepcja IaaS. Omówiono zasady pracy z Azure oraz pokazano, jak można przygotować platformę do wdrożenia własnego systemu. Od strony praktycznej przedstawiono tworz...
Chmura Azure. Praktyczne wprowadzenie dla administratora. Implementacja, monitorowanie i zarządzanie ważnymi usługami i komponentami IaaS/PaaS Chmura Azure. Praktyczne wprowadzenie dla administratora. Implementacja, monitorowanie i zarządzanie ważnymi usługami i komponentami IaaS/PaaS
-
Developers with the ability to operate, troubleshoot, and monitor applications in Kubernetes are in high demand today. To meet this need, the Cloud Native Computing Foundation created a certification exam to establish a developer's credibility and value in the job market to work in a Kubernetes e...
Certified Kubernetes Application Developer (CKAD) Study Guide Certified Kubernetes Application Developer (CKAD) Study Guide
(0,00 zł najniższa cena z 30 dni)169.15 zł
199.00 zł(-15%) -
Kubernetes has become an essential part of the daily work for most system, network, and cluster administrators today. But to work effectively together on a production-scale Kubernetes system, they must be able to speak the same language. This book provides a clear guide to the layers of complexit...(0,00 zł najniższa cena z 30 dni)
203.15 zł
239.00 zł(-15%) -
Is Kubernetes ready for stateful workloads? This open source system has become the primary platform for deploying and managing cloud native applications. But because it was originally designed for stateless workloads, working with data on Kubernetes has been challenging. If you want to avoid the ...(0,00 zł najniższa cena z 30 dni)
237.15 zł
279.00 zł(-15%) -
In just five years, Kubernetes has radically changed the way developers and ops personnel build, deploy, and maintain applications in the cloud. With this book's updated third edition, you'll learn how this popular container orchestrator can help your company achieve new levels of velocity, agili...(0,00 zł najniższa cena z 30 dni)
237.15 zł
279.00 zł(-15%) -
O tym, że wirtualizacja wcale nie musi być problematyczna i może znacznie ułatwić pracę, przekona Cię lektura książki „Wirtualizacja w praktyce”. Poznasz korzyści płynące z zastosowania najbardziej popularnych rozwiązań, sposoby instalacji odpowiedniego oprogramowania oraz tworzenia i...(0,00 zł najniższa cena z 30 dni)
32.94 zł
54.90 zł(-40%) -
NGINX is one of the most widely used web servers available today, in part because of itscapabilities as a load balancer and reverse proxy server for HTTP and other network protocols. This revised cookbook provides easy-to-follow examples of real-world problems in application delivery. The practic...(0,00 zł najniższa cena z 30 dni)
169.15 zł
199.00 zł(-15%)
O autorach książki
3 Josh Rosso, Rich Lander, Alex BrandJosh Rosso jest inżynierem oprogramowania. Pracował z Kubernetesem w CoreOS (Red Hat), Heptio i VMware.
Rich Lander jest inżynierem terenowym VMware. Pomaga przedsiębiorstwom wdrażać Kubernetes i technologie natywne dla chmury.
Alexander Brand jest inżynierem oprogramowania. Zajmuje się Kubernetesem i technologiami natywnymi chmury.
Kup polskie wydanie:
Kubernetes w środowisku produkcyjnym. Jak budować efektywne platformy aplikacji
- Autor:
- Josh Rosso, Rich Lander, Alex Brand, John Harris
64,35 zł
99,00 zł
(59.40 zł najniższa cena z 30 dni)
Ebooka przeczytasz na:
-
czytnikach Inkbook, Kindle, Pocketbook i innych
-
systemach Windows, MacOS i innych
-
systemach Windows, Android, iOS, HarmonyOS
-
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi
Masz pytania? Zajrzyj do zakładki Pomoc »
Audiobooka posłuchasz:
-
w aplikacji Ebookpoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych
-
na dowolonych urządzeniach i aplikacjach obsługujących format MP3 (pliki spakowane w ZIP)
Masz pytania? Zajrzyj do zakładki Pomoc »
Kurs Video zobaczysz:
-
w aplikacji Ebookpoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych
-
na dowolonych urządzeniach i aplikacjach obsługujących format MP4 (pliki spakowane w ZIP)
Szczegóły książki
- ISBN Ebooka:
- 978-14-920-9225-4, 9781492092254
- Data wydania ebooka:
-
2021-03-16
Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@helion.pl.
- Język publikacji:
- angielski
- Rozmiar pliku ePub:
- 8.5MB
- Rozmiar pliku Mobi:
- 21.7MB
- Kategorie:
Serwery internetowe » Inne
Spis treści książki
- Foreword
- Preface
- Conventions Used in This Book
- Using Code Examples
- OReilly Online Learning
- How to Contact Us
- Acknowledgments
- 1. A Path to Production
- Defining Kubernetes
- The Core Components
- Beyond OrchestrationExtended Functionality
- Kubernetes Interfaces
- Summarizing Kubernetes
- Defining Kubernetes
- Defining Application Platforms
- The Spectrum of Approaches
- Aligning Your Organizational Needs
- Summarizing Application Platforms
- Building Application Platforms on Kubernetes
- Starting from the Bottom
- The Abstraction Spectrum
- Determining Platform Services
- The Building Blocks
- IAAS/datacenter and Kubernetes
- Container runtime
- Container networking
- Storage integration
- Service routing
- Secret management
- Identity
- Authorization/admission control
- Software supply chain
- Observability
- Developer abstractions
- Summary
- 2. Deployment Models
- Managed Service Versus Roll Your Own
- Managed Services
- Roll Your Own
- Making the Decision
- Managed Service Versus Roll Your Own
- Automation
- Prebuilt Installer
- Custom Automation
- Architecture and Topology
- etcd Deployment Models
- Network considerations
- Dedicated versus colocated
- Containerized versus on host
- etcd Deployment Models
- Cluster Tiers
- Node Pools
- Cluster Federation
- Management clusters
- Observability
- Federated software deployment
- Infrastructure
- Bare Metal Versus Virtualized
- Cluster Sizing
- Compute Infrastructure
- Networking Infrastructure
- Routability
- Redundancy
- Load balancing
- Automation Strategies
- Infra management tools
- Kubernetes operators
- Machine Installations
- Configuration Management
- Machine Images
- What to Install
- Containerized Components
- Add-ons
- Upgrades
- Platform Versioning
- Plan to Fail
- Integration Testing
- Strategies
- Cluster replacement
- Node replacement
- In-place upgrades
- Triggering Mechanisms
- Summary
- 3. Container Runtime
- The Advent of Containers
- The Open Container Initiative
- OCI Runtime Specification
- OCI Image Specification
- The Container Runtime Interface
- Starting a Pod
- Choosing a Runtime
- Docker
- containerd
- CRI-O
- Kata Containers
- Virtual Kubelet
- Summary
- 4. Container Storage
- Storage Considerations
- Access Modes
- Volume Expansion
- Volume Provisioning
- Backup and Recovery
- Block Devices and File and Object Storage
- Ephemeral Data
- Choosing a Storage Provider
- Storage Considerations
- Kubernetes Storage Primitives
- Persistent Volumes and Claims
- Storage Classes
- The Container Storage Interface (CSI)
- CSI Controller
- CSI Node
- Implementing Storage as a Service
- Installation
- Exposing Storage Options
- Consuming Storage
- Resizing
- Snapshots
- Summary
- 5. Pod Networking
- Networking Considerations
- IP Address Management
- Routing Protocols
- Encapsulation and Tunneling
- Workload Routability
- IPv4 and IPv6
- Encrypted Workload Traffic
- Network Policy
- Summary: Networking Considerations
- Networking Considerations
- The Container Networking Interface (CNI)
- CNI Installation
- CNI Plug-ins
- Calico
- Cilium
- AWS VPC CNI
- Multus
- Additional Plug-ins
- Summary
- 6. Service Routing
- Kubernetes Services
- The Service Abstraction
- Service IP Address Management
- The Service resource
- Service types
- ClusterIP
- NodePort
- LoadBalancer
- ExternalName
- Headless Service
- Supported communication protocols
- The Service Abstraction
- Kubernetes Services
- Endpoints
- The Endpoints resource
- The Endpoints controller
- Pod readiness and readiness probes
- The EndpointSlices resource
- Service Implementation Details
- Kube-proxy
- Kube-proxy: iptables mode
- ClusterIP Services
- NodePort and LoadBalancer Services
- Connection tracking (conntrack)
- Masquerade
- Performance concerns
- Kube-proxy: IP Virtual Server (IPVS) mode
- ClusterIP Services
- NodePort and LoadBalancer Services
- Running without kube-proxy
- Service Discovery
- Using DNS
- Using the Kubernetes API
- Using environment variables
- DNS Service Performance
- DNS cache on each node
- Auto-scaling the DNS server deployment
- Ingress
- The Case for Ingress
- The Ingress API
- Ingress Controllers and How They Work
- Ingress Traffic Patterns
- HTTP proxying
- HTTP proxying with TLS
- Layer 3/4 proxying
- Choosing an Ingress Controller
- Ingress Controller Deployment Considerations
- Dedicated Ingress nodes
- Binding to the host network
- Ingress controllers and external traffic policy
- Spread Ingress controllers across failure domains
- DNS and Its Role in Ingress
- Wildcard DNS record
- Kubernetes and DNS integration
- Handling TLS Certificates
- Service Mesh
- When (Not) to Use a Service Mesh
- The Service Mesh Interface (SMI)
- The Data Plane Proxy
- Service Mesh on Kubernetes
- Data Plane Architecture
- Sidecar proxy
- Node proxy
- Adopting a Service Mesh
- Prioritize one of the pillars
- Deploy to a new or an existing cluster?
- Handling upgrades
- Resource overhead
- Certificate Authority for mutual TLS
- Multicluster service mesh
- Summary
- 7. Secret Management
- Defense in Depth
- Disk Encryption
- Transport Security
- Application Encryption
- Defense in Depth
- The Kubernetes Secret API
- Secret Consumption Models
- Environment variables
- Volumes
- Client API Consumption
- Secret Consumption Models
- Secret Data in etcd
- Static-Key Encryption
- Envelope Encryption
- External Providers
- Vault
- Cyberark
- Injection Integration
- CSI Integration
- Secrets in the Declarative World
- Sealing Secrets
- Sealed Secrets Controller
- Key Renewal
- Multicluster Models
- Best Practices for Secrets
- Always Audit Secret Interaction
- Dont Leak Secrets
- Prefer Volumes Over Environment Variables
- Make Secret Store Providers Unknown to Your Application
- Summary
- 8. Admission Control
- The Kubernetes Admission Chain
- In-Tree Admission Controllers
- Webhooks
- Configuring Webhook Admission Controllers
- Webhook Design Considerations
- Writing a Mutating Webhook
- Plain HTTPS Handler
- Controller Runtime
- Centralized Policy Systems
- Summary
- 9. Observability
- Logging Mechanics
- Container Log Processing
- Application forwarding
- Sidecar processing
- Node agent forwarding
- Container Log Processing
- Kubernetes Audit Logs
- Kubernetes Events
- Alerting on Logs
- Security Implications
- Logging Mechanics
- Metrics
- Prometheus
- Long-Term Storage
- Pushing Metrics
- Custom Metrics
- Organization and Federation
- Alerts
- Dead mans switch
- Showback and Chargeback
- Showback by requests
- Showback by consumption
- Chargeback
- Network and storage
- Metrics Components
- Prometheus Operator
- Prometheus servers
- Alertmanager
- Grafana
- Node exporter
- kube-state-metrics
- Prometheus adapter
- Distributed Tracing
- OpenTracing and OpenTelemetry
- Tracing Components
- Agent
- Collector
- Storage
- API
- User interface
- Application Instrumentation
- Service Meshes
- Summary
- 10. Identity
- User Identity
- Authentication Methods
- Shared secrets
- Public key infrastructure
- OpenID Connect (OIDC)
- Authentication Methods
- Implementing Least Privilege Permissions for Users
- User Identity
- Application/Workload Identity
- Shared Secrets
- Network Identity
- Calico
- Cilium
- Service Account Tokens (SAT)
- Projected Service Account Tokens (PSAT)
- Platform Mediated Node Identity
- AWS platform authentication methods/tooling
- kube2iam
- kiam
- IAM Roles for Service Accounts (IRSA)
- AWS platform authentication methods/tooling
- Cross-platform identity with SPIFFE and SPIRE
- Architecture and concepts
- Direct application access
- Sidecar proxy
- Service mesh (Istio)
- Other application integration methods
- Integration with secrets store (Vault)
- Integration with AWS
- Summary
- 11. Building Platform Services
- Points of Extension
- Plug-in Extensions
- Webhook Extensions
- Authentication extensions
- Admission control
- Operator Extensions
- Points of Extension
- The Operator Pattern
- Kubernetes Controllers
- Custom Resources
- Operator Use Cases
- Platform Utilities
- General-Purpose Workload Operators
- App-Specific Operators
- Developing Operators
- Operator Development Tooling
- Kubebuilder
- Metacontroller
- Operator Framework
- Operator Development Tooling
- Data Model Design
- Logic Implementation
- Existing state
- Desired state
- Reconciliation
- Implementation details
- Admission webhooks
- Finalizers
- Extending the Scheduler
- Predicates and Priorities
- Scheduling Policies
- Scheduling Profiles
- Multiple Schedulers
- Custom Scheduler
- Summary
- 12. Multitenancy
- Degrees of Isolation
- Single-Tenant Clusters
- Multitenant Clusters
- Degrees of Isolation
- The Namespace Boundary
- Multitenancy in Kubernetes
- Role-Based Access Control (RBAC)
- Resource Quotas
- Admission Webhooks
- Resource Requests and Limits
- Network Policies
- Pod Security Policies
- Multitenant Platform Services
- Summary
- 13. Autoscaling
- Types of Scaling
- Application Architecture
- Workload Autoscaling
- Horizontal Pod Autoscaler
- Vertical Pod Autoscaler
- Autoscaling with Custom Metrics
- Cluster Proportional Autoscaler
- Custom Autoscaling
- Cluster Autoscaling
- Cluster Overprovisioning
- Summary
- 14. Application Considerations
- Deploying Applications to Kubernetes
- Templating Deployment Manifests
- Packaging Applications for Kubernetes
- Deploying Applications to Kubernetes
- Ingesting Configuration and Secrets
- Kubernetes ConfigMaps and Secrets
- Obtaining Configuration from External Systems
- Handling Rescheduling Events
- Pre-stop Container Life Cycle Hook
- Graceful Container Shutdown
- Satisfying Availability Requirements
- State Probes
- Liveness Probes
- Readiness Probes
- Startup Probes
- Implementing Probes
- Pod Resource Requests and Limits
- Resource Requests
- Resource Limits
- Application Logs
- What to Log
- Unstructured Versus Structured Logs
- Contextual Information in Logs
- Exposing Metrics
- Instrumenting Applications
- USE Method
- RED Method
- The Four Golden Signals
- App-Specific Metrics
- Instrumenting Services for Distributed Tracing
- Initializing the Tracer
- Creating Spans
- Propagate Context
- Summary
- 15. Software Supply Chain
- Building Container Images
- The Golden Base Images Antipattern
- Choosing a Base Image
- Runtime User
- Pinning Package Versions
- Build Versus Runtime Image
- Cloud Native Buildpacks
- Building Container Images
- Image Registries
- Vulnerability Scanning
- Quarantine Workflow
- Image Signing
- Continuous Delivery
- Integrating Builds into a Pipeline
- Push-Based Deployments
- Rollout Patterns
- GitOps
- Summary
- 16. Platform Abstractions
- Platform Exposure
- Self-Service Onboarding
- The Spectrum of Abstraction
- Command-Line Tooling
- Abstraction Through Templating
- Helm
- Kustomize
- Abstracting Kubernetes Primitives
- Making Kubernetes Invisible
- Summary
- Index
O'Reilly Media - inne książki
-
FinOps brings financial accountability to the variable spend model of cloud. Used by the majority of global enterprises, this management practice has grown from a fringe activity to the de facto discipline managing cloud spend. In this book, authors J.R. Storment and Mike Fuller outline the proce...(0,00 zł najniższa cena z 30 dni)
262.65 zł
309.00 zł(-15%) -
Edge AI is transforming the way computers interact with the real world, allowing IoT devices to make decisions using the 99% of sensor data that was previously discarded due to cost, bandwidth, or power limitations. With techniques like embedded machine learning, developers can capture human intu...(0,00 zł najniższa cena z 30 dni)
262.65 zł
309.00 zł(-15%) -
Why is it difficult for so many companies to get digital identity right? If you're still wrestling with even simple identity problems like modern website authentication, this practical book has the answers you need. Author Phil Windley provides conceptual frameworks to help you make sense of all ...(0,00 zł najniższa cena z 30 dni)
186.15 zł
219.00 zł(-15%) -
Python was recently ranked as today's most popular programming language on the TIOBE index, thanks to its broad applicability to design and prototyping to testing, deployment, and maintenance. With this updated fourth edition, you'll learn how to get the most out of Python, whether you're a profe...(0,00 zł najniższa cena z 30 dni)
296.65 zł
349.00 zł(-15%) -
With the accelerating speed of business and the increasing dependence on technology, companies today are significantly changing the way they build in-house business solutions. Many now use low-code and no code technologies to help them deal with specific issues, but that's just the beginning. Wit...
Building Solutions with the Microsoft Power Platform Building Solutions with the Microsoft Power Platform
(0,00 zł najniższa cena z 30 dni)262.65 zł
309.00 zł(-15%) -
Companies are scrambling to integrate AI into their systems and operations. But to build truly successful solutions, you need a firm grasp of the underlying mathematics. This accessible guide walks you through the math necessary to thrive in the AI field such as focusing on real-world application...(0,00 zł najniższa cena z 30 dni)
262.65 zł
309.00 zł(-15%) -
DevOps engineers, developers, and security engineers have ever-changing roles to play in today's cloud native world. In order to build secure and resilient applications, you have to be equipped with security knowledge. Enter security as code.In this book, authors BK Sarthak Das and Virginia Chu d...(0,00 zł najniższa cena z 30 dni)
186.15 zł
219.00 zł(-15%) -
With the increasing use of AI in high-stakes domains such as medicine, law, and defense, organizations spend a lot of time and money to make ML models trustworthy. Many books on the subject offer deep dives into theories and concepts. This guide provides a practical starting point to help develop...(0,00 zł najniższa cena z 30 dni)
262.65 zł
309.00 zł(-15%) -
Why are so many companies adopting GitOps for their DevOps and cloud native strategy? This reliable framework is quickly becoming the standard method for deploying apps to Kubernetes. With this practical, developer-oriented book, DevOps engineers, developers, IT architects, and SREs will learn th...(0,00 zł najniższa cena z 30 dni)
262.65 zł
309.00 zł(-15%) -
Learn the essentials of working with Flutter and Dart to build full stack applications that meet the needs of a cloud-driven world. Together, the Flutter open source UI software development kit and the Dart programming language for client development provide a unified solution to building applica...(0,00 zł najniższa cena z 30 dni)
220.15 zł
259.00 zł(-15%)
Dzieki opcji "Druk na żądanie" do sprzedaży wracają tytuły Grupy Helion, które cieszyły sie dużym zainteresowaniem, a których nakład został wyprzedany.
Dla naszych Czytelników wydrukowaliśmy dodatkową pulę egzemplarzy w technice druku cyfrowego.
Co powinieneś wiedzieć o usłudze "Druk na żądanie":
- usługa obejmuje tylko widoczną poniżej listę tytułów, którą na bieżąco aktualizujemy;
- cena książki może być wyższa od początkowej ceny detalicznej, co jest spowodowane kosztami druku cyfrowego (wyższymi niż koszty tradycyjnego druku offsetowego). Obowiązująca cena jest zawsze podawana na stronie WWW książki;
- zawartość książki wraz z dodatkami (płyta CD, DVD) odpowiada jej pierwotnemu wydaniu i jest w pełni komplementarna;
- usługa nie obejmuje książek w kolorze.
W przypadku usługi "Druk na żądanie" termin dostarczenia przesyłki może obejmować także czas potrzebny na dodruk (do 10 dni roboczych)
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka, którą chcesz zamówić pochodzi z końcówki nakładu. Oznacza to, że mogą się pojawić drobne defekty (otarcia, rysy, zagięcia).
Co powinieneś wiedzieć o usłudze "Końcówka nakładu":
- usługa obejmuje tylko książki oznaczone tagiem "Końcówka nakładu";
- wady o których mowa powyżej nie podlegają reklamacji;
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.


Oceny i opinie klientów: Production Kubernetes Josh Rosso, Rich Lander, Alex Brand (0)
Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.