Cover image for Modern DevOps Practices

Modern DevOps Practices

Author Gaurav Agarwal
Release Date: 2021/09/01
ISBN: 9781800562387
Topic:
0%
22
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Enhance DevOps workflows by integrating the functionalities of Docker, Kubernetes, Spinnaker, Ansible, Terraform, Flux CD, CaaS, and more with the help of practical examples and expert tips

Key Features

  • Get up and running with containerization-as-a-service and infrastructure automation in the public cloud
  • Learn container security techniques and secret management with Cloud KMS, Anchore Grype, and Grafeas Kritis
  • Leverage the combination of DevOps, GitOps, and automation to continuously ship a package of software

Book Description

Containers have entirely changed how developers and end-users see applications as a whole. With this book, you'll learn all about containers, their architecture and benefits, and how to implement them within your development lifecycle.

You'll discover how you can transition from the traditional world of virtual machines and adopt modern ways of using DevOps to ship a package of software continuously. Starting with a quick refresher on the core concepts of containers, you'll move on to study the architectural concepts to implement modern ways of application development. You'll cover topics around Docker, Kubernetes, Ansible, Terraform, Packer, and other similar tools that will help you to build a base. As you advance, the book covers the core elements of cloud integration (AWS ECS, GKE, and other CaaS services), continuous integration, and continuous delivery (GitHub actions, Jenkins, and Spinnaker) to help you understand the essence of container management and delivery. The later sections of the book will take you through container pipeline security and GitOps (Flux CD and Terraform).

By the end of this DevOps book, you'll have learned best practices for automating your development lifecycle and making the most of containers, infrastructure automation, and CaaS, and be ready to develop applications using modern tools and techniques.

What you will learn

  • Become well-versed with AWS ECS, Google Cloud Run, and Knative
  • Discover how to build and manage secure Docker images efficiently
  • Understand continuous integration with Jenkins on Kubernetes and GitHub actions
  • Get to grips with using Spinnaker for continuous deployment/delivery
  • Manage immutable infrastructure on the cloud with Packer, Terraform, and Ansible
  • Explore the world of GitOps with GitHub actions, Terraform, and Flux CD

Who this book is for

If you are a software engineer, system administrator, or operations engineer looking to step into the world of DevOps within public cloud platforms, this book is for you. Existing DevOps engineers will also find this book useful as it covers best practices, tips, and tricks to implement DevOps with a cloud-native mindset. Although no containerization experience is necessary, a basic understanding of the software development life cycle and delivery will help you get the most out of the book.

Table of Contents

  1. Modern DevOps Practices
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
  6. Section 1: Container Fundamentals and Best Practices
  7. Chapter 1: The Move to Containers
    1. The need for containers
    2. The matrix of hell
    3. Virtual machines
    4. Containers
    5. It works on my machine
    6. Container architecture
    7. Container networking
    8. Modern DevOps versus traditional DevOps
    9. Containers and modern DevOps practices
    10. Migrating from virtual machines to containers
    11. Discovery
    12. Application requirement assessment
    13. Container infrastructure design
    14. Containerizing the application
    15. Testing
    16. Deployment and rollout
    17. What applications should go in containers?
    18. Breaking the applications into smaller pieces
    19. Are we there yet?
    20. Summary
    21. Questions
    22. Answers
  8. Chapter 2: Containerization with Docker
    1. Technical requirements
    2. Installing tools
    3. Installing Git
    4. Installing vim
    5. Installing Docker
    6. Introducing Docker storage drivers and volumes
    7. Docker data storage options
    8. Mounting volumes
    9. Docker storage drivers
    10. Configuring a storage driver
    11. Running your first container
    12. Running containers from versioned images
    13. Running Docker containers in the background
    14. Troubleshooting containers
    15. Putting it all together
    16. Restarting and removing containers
    17. Docker logging and logging drivers
    18. Container log management
    19. Logging drivers
    20. Configuring logging drivers
    21. Typical challenges and best practices with Docker logging
    22. Docker monitoring with Prometheus
    23. Challenges with container monitoring
    24. Installing Prometheus
    25. Configuring cAdvisor and the node exporter to expose metrics
    26. Configuring Prometheus to scrape metrics
    27. Launching a sample container application
    28. Metrics to monitor
    29. Declarative container management with Docker Compose
    30. Installing Docker Compose
    31. Deploying a sample application with Docker Compose
    32. Creating the docker-compose file
    33. Docker Compose best practices
    34. Summary
    35. Questions
    36. Answers
  9. Chapter 3: Creating and Managing Container Images
    1. Technical requirements
    2. Docker architecture
    3. Understanding Docker images
    4. The layered filesystem
    5. Image history
    6. Understanding Dockerfiles, components, and directives
    7. Can we use ENTRYPOINT instead of CMD?
    8. Are RUN and CMD the same?
    9. Building our first container
    10. Building and managing Docker images
    11. Single-stage builds
    12. Multi-stage builds
    13. Managing Docker images
    14. Flattening Docker images
    15. Optimizing containers with distroless images
    16. Performance
    17. Security
    18. Cost
    19. Understanding Docker registries
    20. Hosting your private Docker registry
    21. Other public registries
    22. Summary
    23. Questions
    24. Answers
  10. Chapter 4: Container Orchestration with Kubernetes – Part I
    1. Technical requirements
    2. What is Kubernetes and why do I need it?
    3. Kubernetes architecture
    4. Installing Kubernetes (Minikube and KinD)
    5. Installing Minikube
    6. Installing KinD
    7. Understanding Kubernetes pods
    8. Using port forwarding
    9. Troubleshooting pods
    10. Ensuring pod reliability
    11. Pod multi-container design patterns
    12. Summary
    13. Questions
    14. Answers
  11. Chapter 5: Container Orchestration with Kubernetes – Part II
    1. Technical requirements
    2. Spinning up Google Kubernetes Engine
    3. Kubernetes Deployments
    4. ReplicaSet resource
    5. Deployment resource
    6. Kubernetes Deployment strategies
    7. Kubernetes Services and Ingresses
    8. ClusterIP Services
    9. NodePort services
    10. LoadBalancer services
    11. Ingress resources
    12. Horizontal Pod autoscaling
    13. Managing stateful applications
    14. StatefulSet resource
    15. Managing persistent volumes
    16. Kubernetes command-line best practices
    17. Using alias
    18. Using kubectl bash autocompletion
    19. Summary
    20. Questions
    21. Answers
  12. Section 2: Delivering Containers
  13. Chapter 6: Infrastructure as Code (IaC) with Terraform
    1. Technical requirements
    2. Introduction to IaC
    3. Installing Terraform
    4. Terraform providers
    5. Authentication and authorization with Azure
    6. Using the Azure Terraform provider
    7. Terraform variables
    8. Providing variable values
    9. Terraform workflow
    10. terraform init
    11. Creating the first resource – Azure resource group
    12. terraform fmt
    13. terraform validate
    14. terraform plan
    15. terraform apply
    16. terraform destroy
    17. terraform state
    18. Using the Azure Storage backend
    19. Terraform workspaces
    20. Inspecting resources
    21. Inspecting state files
    22. Cleaning up
    23. Terraform output, state, console, and graphs
    24. terraform output
    25. Managing Terraform state
    26. terraform console
    27. Terraform dependencies and graph
    28. Cleaning up resources
    29. Summary
    30. Questions
    31. Answers
  14. Chapter 7: Configuration Management with Ansible
    1. Technical requirements
    2. Introduction to config management
    3. Setting up Ansible
    4. Setting up inventory
    5. Installing Ansible in the control node
    6. Connecting the Ansible control node with inventory servers
    7. Setting up an inventory file
    8. Setting up the Ansible configuration file
    9. Ansible tasks and modules
    10. Introduction to Ansible playbooks
    11. Checking playbook syntax
    12. Applying the first playbook
    13. Ansible playbooks in action
    14. Updating packages and repositories
    15. Installing application packages and services
    16. Configuring applications
    17. Combining the playbooks
    18. Executing the playbooks
    19. Designing for reusability
    20. Ansible variables
    21. Sourcing variable values
    22. Jinja2 templates
    23. Ansible roles
    24. Summary
    25. Questions
    26. Answers
  15. Chapter 8: IaC and Config Management in Action
    1. Technical requirements
    2. Immutable infrastructure with Hashicorp's Packer
    3. When to use immutable infrastructure
    4. Installing Packer
    5. Creating the Apache and MySQL playbooks
    6. Building the Apache and MySQL images using Packer and Ansible provisioners
    7. Prerequisites
    8. Defining the Packer configuration
    9. Creating the required infrastructure with Terraform
    10. Summary
    11. Questions
    12. Answers
  16. Chapter 9: Containers as a Service (CaaS) and Serverless Computing for Containers
    1. Technical requirements
    2. The need for serverless offerings
    3. Amazon ECS with EC2 and Fargate
    4. ECS architecture
    5. Installing the AWS and ECS CLIs
    6. Spinning up an ECS cluster
    7. Creating task definitions
    8. Scheduling EC2 tasks on ECS
    9. Scaling tasks
    10. Querying container logs from CloudWatch
    11. Stopping tasks
    12. Scheduling Fargate tasks on ECS
    13. Scheduling services on ECS
    14. Browsing container logs using the ECS CLI
    15. Deleting an ECS service
    16. Load balancing containers running on ECS
    17. Other CaaS products
    18. Open source CaaS with Knative
    19. Knative architecture
    20. Spinning up Google Kubernetes Engine
    21. Installing Knative
    22. Deploying a Python Flask app on Knative
    23. Load testing your app on Knative
    24. Summary
    25. Questions
    26. Answers
  17. Chapter 10: Continuous Integration
    1. Technical requirements
    2. The importance of automation
    3. Building a CI pipeline with GitHub Actions
    4. Creating a GitHub repository
    5. Creating a GitHub Actions workflow
    6. Scalable Jenkins on Kubernetes with Kaniko
    7. Spinning up Google Kubernetes Engine
    8. Installing Jenkins
    9. Connecting Jenkins with the cluster
    10. Running our first Jenkins job
    11. Automating a build with triggers
    12. CI with AWS Code Commit and Code Build
    13. Creating an AWS Code Commit repository
    14. Creating an AWS Code Build job
    15. Build performance best practices
    16. Aim for faster builds
    17. Always use post-commit triggers
    18. Configure build reporting
    19. Customize the build server size
    20. Ensure that your builds only contain what you need
    21. Summary
    22. Questions
    23. Answers
  18. Chapter 11: Continuous Deployment/Delivery with Spinnaker
    1. Technical requirements
    2. Importance of Continuous Deployment and automation
    3. Continuous deployment models and tools
    4. Simple deployment model
    5. Complex deployment models
    6. Introduction to Spinnaker
    7. Setting up Spinnaker
    8. Spinning up Google Kubernetes Engine
    9. Setting up service accounts and permissions
    10. Creating a halyard host VM
    11. Installing halyard
    12. Setting up the required credentials
    13. Setting up the Spinnaker configuration
    14. Deploying Spinnaker
    15. Deploying a sample application using a Spinnaker pipeline
    16. Creating a deployment manifest
    17. Creating a Spinnaker application
    18. Creating a Spinnaker pipeline
    19. Testing the pipeline
    20. Summary
    21. Questions
    22. Answers
  19. Chapter 12: Securing the Deployment Pipeline
    1. Technical requirements
    2. Securing CI/CD pipelines
    3. Managing secrets
    4. Sample application
    5. Creating a Secret manifest
    6. Creating a Cloud KMS secret
    7. Accessing the secret and deploying the application
    8. Container vulnerability scanning
    9. Installing Anchore Grype
    10. Scanning images
    11. Binary authorization
    12. Setting up binary authorization
    13. Creating a default binary authorization policy
    14. Attesting images
    15. Security of modern DevOps pipelines
    16. Adopt a DevSecOps culture
    17. Establish access control
    18. Implement shift left
    19. Manage security risks consistently
    20. Implement vulnerability scanning
    21. Automate security
    22. Summary
    23. Questions
    24. Answers
  20. Section 3: Modern DevOps with GitOps
  21. Chapter 13: Understanding DevOps with GitOps
    1. Technical requirements
    2. What is GitOps?
    3. The principles of GitOps
    4. Why GitOps?
    5. The branching strategy and GitOps workflow
    6. The push model
    7. The pull model
    8. Structuring the Git repository
    9. Declarative infrastructure and config management
    10. Summary
    11. Questions
    12. Answers
  22. Chapter 14: CI/CD Pipelines with GitOps
    1. Technical requirements
    2. Continuous integration with GitHub Actions
    3. Creating an application repository on GitHub
    4. Creating a GitHub Actions workflow
    5. Release gating with pull requests
    6. Continuous deployment with Flux CD
    7. Introduction to Flux CD
    8. Installing Flux CD
    9. Managing sensitive configuration and Secrets
    10. Installing the Sealed Secrets operator
    11. Installing kubeseal
    12. Creating Sealed Secrets
    13. Summary
    14. Questions
    15. Answers
    16. Why subscribe?
  23. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share your thoughts
3.133.108.241