Cover image for Kubernetes in Production Best Practices

Kubernetes in Production Best Practices

Release Date: 2021/03/01
ISBN: 9781800202450
Topic:
0%
15
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Design, build, and operate scalable and reliable Kubernetes infrastructure for production

Key Features

  • Implement industry best practices to build and manage production-grade Kubernetes infrastructure
  • Learn how to architect scalable Kubernetes clusters, harden container security, and fine-tune resource management
  • Understand, manage, and operate complex business workloads confidently

Book Description

Although out-of-the-box solutions can help you to get a cluster up and running quickly, running a Kubernetes cluster that is optimized for production workloads is a challenge, especially for users with basic or intermediate knowledge. With detailed coverage of cloud industry standards and best practices for achieving scalability, availability, operational excellence, and cost optimization, this Kubernetes book is a blueprint for managing applications and services in production.

You'll discover the most common way to deploy and operate Kubernetes clusters, which is to use a public cloud-managed service from AWS, Azure, or Google Cloud Platform (GCP). This book explores Amazon Elastic Kubernetes Service (Amazon EKS), the AWS-managed version of Kubernetes, for working through practical exercises. As you get to grips with implementation details specific to AWS and EKS, you'll understand the design concepts, implementation best practices, and configuration applicable to other cloud-managed services. Throughout the book, you'll also discover standard and cloud-agnostic tools, such as Terraform and Ansible, for provisioning and configuring infrastructure.

By the end of this book, you'll be able to leverage Kubernetes to operate and manage your production environments confidently.

What you will learn

  • Explore different infrastructure architectures for Kubernetes deployment
  • Implement optimal open source and commercial storage management solutions
  • Apply best practices for provisioning and configuring Kubernetes clusters, including infrastructure as code (IaC) and configuration as code (CAC)
  • Configure the cluster networking plugin and core networking components to get the best out of them
  • Secure your Kubernetes environment using the latest tools and best practices
  • Deploy core observability stacks, such as monitoring and logging, to fine-tune your infrastructure

Who this book is for

This book is for cloud infrastructure experts, DevOps engineers, site reliability engineers, and engineering managers looking to design and operate Kubernetes infrastructure for production. Basic knowledge of Kubernetes, Terraform, Ansible, Linux, and AWS is needed to get the most out of this book.

Downloading the example code for this book You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.

Table of Contents

  1. Kubernetes in Production Best Practices
  2. Contributors
  3. About the authors
  4. About the reviewers
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Code in Action
    6. Download the color images
    7. Conventions used
    8. Get in touch
    9. Reviews
  6. Chapter 1: Introduction to Kubernetes Infrastructure and Production-Readiness
    1. The basics of Kubernetes infrastructure
    2. Kubernetes components
    3. Why Kubernetes is challenging in production
    4. Kubernetes production-readiness
    5. The production-readiness checklist
    6. Kubernetes infrastructure best practices
    7. The 12 principles of infrastructure design and management
    8. Applications definition and deployment
    9. Processes, team, and culture
    10. Cloud-native approach
    11. The Cloud Native Computing Foundation
    12. Why we should care about cloud-native
    13. Cloud-native landscape and ecosystem
    14. Cloud-native trail map
    15. Summary
    16. Further reading
  7. Chapter 2: Architecting Production-Grade Kubernetes Infrastructure
    1. Understanding Kubernetes infrastructure design considerations
    2. Scaling and elasticity
    3. High availability and reliability
    4. Security and compliance
    5. Cost management and optimization
    6. Manageability and operational efficiency
    7. Exploring Kubernetes deployment strategy alternatives
    8. Designing an Amazon EKS infrastructure
    9. Choosing the infrastructure provider
    10. Choosing the cluster and node size
    11. Choosing tools for cluster deployment and management
    12. Deciding the cluster architecture
    13. Summary
    14. Further reading
  8. Chapter 3: Provisioning Kubernetes Clusters Using AWS and Terraform
    1. Technical requirements
    2. Installing Terraform
    3. Implementation principles and best practices
    4. Cluster deployment and rollout strategy
    5. Preparing Terraform
    6. Terraform directory structure
    7. Persisting the Terraform state
    8. Creating Terraform state configuration
    9. Provisioning the Terraform state
    10. Utilizing Terraform workspaces
    11. Creating the network infrastructure
    12. Developing the VPC Terraform module
    13. Developing the cluster VPC
    14. Provisioning the cluster VPC
    15. Creating the cluster infrastructure
    16. Developing the EKS Terraform module
    17. Developing the workers' Terraform module
    18. Developing the Kubernetes cluster Terraform module
    19. Putting all modules together
    20. Provisioning the cluster infrastructure
    21. Cleaning up and destroying infrastructure resources
    22. Destroying the cluster resources
    23. Destroying the VPC resources
    24. Destroying the shared state resources
    25. Summary
    26. Further reading
  9. Chapter 4: Managing Cluster Configuration with Ansible
    1. Technical requirements
    2. Installing the required tools
    3. Implementation principles
    4. Kubernetes configuration management
    5. Kubernetes configuration management workflow
    6. Configuration management with Ansible
    7. Configuring the clusters
    8. The ansible directory's structure
    9. Creating Ansible templates
    10. Creating Ansible variables
    11. Creating Ansible inventories
    12. Creating Ansible tasks
    13. Creating the cluster's playbook
    14. Applying the cluster's Ansible playbook
    15. Destroying the cluster's resources
    16. Summary
    17. Further reading
  10. Chapter 5: Configuring and Enhancing Kubernetes Networking Services
    1. Technical requirements
    2. Introducing networking production readiness
    3. Configuring Kube Proxy
    4. Configuring the Amazon CNI plugin
    5. Configuring CoreDNS
    6. Configuring ExternalDNS
    7. Configuring NGINX Ingress Controller
    8. Deploying the cluster's network services
    9. Destroying the cluster's resources
    10. Summary
    11. Further reading
  11. Chapter 6: Securing Kubernetes Effectively
    1. Technical requirements
    2. Securing Kubernetes infrastructure
    3. Managing cluster access
    4. Cluster authentication
    5. Cluster authorization
    6. Admission controller
    7. Managing secrets and certificates
    8. Creating and managing secrets
    9. Managing TLS certificates with Cert-Manager
    10. Securing workloads and apps
    11. Isolating critical workloads
    12. Hardening the default pod security policy
    13. Limiting pod access
    14. Creating network policies with Calico
    15. Monitoring runtime with Falco
    16. Ensuring cluster security and compliance
    17. Executing Kubernetes conformance tests
    18. Scanning cluster security configuration
    19. Executing the CIS Kubernetes benchmark
    20. Enabling audit logging
    21. Bonus security tips
    22. Deploying the security configurations
    23. Destroying the cluster
    24. Summary
    25. Further reading
  12. Chapter 7: Managing Storage and Stateful Applications
    1. Technical requirements
    2. Installing the required tools
    3. Implementation principles
    4. Understanding the challenges with stateful applications
    5. Tuning Kubernetes storage
    6. Understanding storage primitives in Kubernetes
    7. Choosing a persistent storage solution
    8. Deploying stateful applications
    9. Installing OpenEBS
    10. Deploying a stateful application on OpenEBS volumes
    11. Summary
    12. Further reading
  13. Chapter 8: Deploying Seamless and Reliable Applications
    1. Technical requirements
    2. Understanding the challenges with container images
    3. Exploring the components of container images
    4. Choosing the right container base image
    5. Reducing container image size
    6. Scanning container images for vulnerabilities
    7. Testing the download speed of a container image
    8. Applying container base images best practices
    9. Learning application deployment strategies
    10. Choosing the deployment model
    11. Monitoring deployments
    12. Using readiness and liveness container probes
    13. Scaling applications and achieving higher availability
    14. Summary
    15. Further reading
  14. Chapter 9: Monitoring, Logging, and Observability
    1. Technical requirements
    2. Understanding the challenges with Kubernetes observability
    3. Exploring the Kubernetes metrics
    4. Learning site reliability best practices
    5. Monitoring, metrics, and visualization
    6. Installing the Prometheus stack on Kubernetes
    7. Monitoring applications with Grafana
    8. Logging and tracing
    9. Installing the EFK stack on Kubernetes
    10. Summary
    11. Further reading
  15. Chapter 10: Operating and Maintaining Efficient Kubernetes Clusters
    1. Technical requirements
    2. Learning about cluster maintenance and upgrades
    3. Upgrading kubectl
    4. Upgrading the Kubernetes control plane
    5. Upgrading Kubernetes components
    6. Upgrading Kubernetes worker nodes
    7. Preparing for backups and disaster recovery
    8. Installing Velero on Kubernetes
    9. Taking a backup of specific resources using Velero
    10. Restoring an application resource from its backup using Velero
    11. Validating cluster quality
    12. Generating compliance reports
    13. Managing and improving the cost of cluster resources
    14. Summary
    15. Further reading
    16. Why subscribe?
  16. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think
18.117.158.47