Index
As this ebook edition doesn't have fixed pagination, the page numbers below are hyperlinked for reference only, based on the printed edition of this book.
A
AAAA records 190
ABAC authorization
about 154
reference link 154
access modes
about 128
reference link 129
addons, installing
reference link 41
Amazon Web Service (AWS) 19
annotations 101
API server 9
applications
cluster events, monitoring 219, 220
configuring 105
deploying 81
managing 81
monitoring, on Kubernetes cluster 213
resource usage, monitoring 213-215
scaling 90
Attribute-Based Access Control (ABAC) 145
Azure Kubernetes Service (AKS) 19, 181
B
browser
important documentation, bookmarking 7
BusyBox
reference link 264
C
Certified Kubernetes Administrator (CKA) 3
Certified Kubernetes Security Specialist (CKS) 4
CKA exam
Cloud layer 144
Cloud Native Computing Foundation (CNCF) 15, 144, 190
cloud-native landscape
URL 19
cluster
sharing, with namespaces 17
cluster components
troubleshooting 230
Cluster layer 144
cluster-level logging
about 220
patterns 220
cluster node
CPU/memory metrics, checking 213
logs, managing 220
monitoring 208
status, checking 222
ClusterRoleBinding 155
ClusterRoles
about 155
CNI plugins
decision metrics 186
networking in Kubernetes 185, 186
selecting 185
Code layer 144
container engine 12
container images 11
containerized applications
failing pods, troubleshooting 245-249
high-level view, obtaining 243
init containers, troubleshooting 249-251
namespace events, inspecting 244, 245
troubleshooting 243
containerized workloads 11
Container layer 144
Container Network Interface (CNI) 15, 41, 185
container registry 12
Container Runtime Interface (CRI) plugin 14
container runtimes 12
container stderr log
container stdout log
Container Storage Interface (CSI) 15, 118
container-to-container communication 166-168
controllers 10
CoreDNS
configuring 190
leveraging 190
pod IPs and DNS hostnames 196-199
service IPs and DNS hostnames 199-202
CoreDNS server
checking, up and running on cluster 190-196
core tools, Kubernetes
CRI-O
reference link 25
CronJobs
reference link 81
CSI drivers
reference link 121
CSI ephemeral volumes 120, 121
Custom Resource Definitions (CRDs) 41
D
DaemonSet
dashboard 28
decision metrics 186
declarative management
versus imperative management 72
dependencies, on Docker
reference link 31
deployment tools, Kubernetes 25
DNS records
AAAA records 190
PTR records 190
SRV records 190
types 190
Domain Name System (DNS) 190
downwardAPI 122
E
Elastic Kubernetes Service (EKS) 19, 181
ephemeral volumes
about 119
CSI ephemeral volumes 120, 121
generic ephemeral volumes 121, 122
etcd
about 10
working with 56
etcd cluster backup and restore, for Kubernetes
reference link 65
etcd cluster members
listing 59
ETCD cluster pod
etcd cluster status
ExternalName 182
external-to-service communications 170
G
generic ephemeral volumes 121, 122
Google Cloud Platform (GCP) 19
Google Kubernetes Engine (GKE) 19, 181
H
health probes
reference link 74
Helm
common package management 113
installing 26
templating with 113
URL 113
Helm, installation guide
reference link 26
highly available (HA) Kubernetes cluster
about 29
external etcd cluster, building 44
multiple master nodes, building 44
setting up, with kubeadm 43-45
HorizontalPodAutoscaler (HPA) 90-95
hostPath 139
I
imperative management
versus declarative management 72
Ingress
annotations 189
rewrite-target 189
Ingress controllers
configuring 186
Ingress resources
about 186
init container
about 77
reference link 77
inter-process communications (IPC) 166
J
K
killer.sh 5
kind 25
Kompose
about 27
kubeadm
about 25
master node, bootstrapping 40, 41
networking plugins, installing 41, 42
used, for installing Kubernetes cluster 36, 37
used, for setting up HA cluster 43-45
worker nodes, bootstrapping 43
worker nodes, joining to control plane 43
kubeconfig
used, for organizing cluster access 149-152
kubectl
setting, autocomplete 7
using, for rolling updates 86, 87
kubectl alias
setting up, to save time 6
kubectl create command
using, to create service account 148
kubectl delete sa command
using, to delete sa command 149
kubelet 10
kube-proxy 10
Kubernetes
access, configuring to multiple clusters 152, 153
authentication 145
authorization 145
cluster access, organizing with kubeconfig 149-152
concepts 10
ecosystems 18
in-market distribution 18
reference link, for Configure Access to Multiple Clusters 150
reference link, for Organizing Cluster Access with kubeconfig Files 152
reference link, for security context 163
service accounts, assigning to Pod 149
service accounts, creating 148
service accounts, deleting 149
service accounts, managing 146-148
service accounts, versus user accounts 146
stateful applications 130
upstream vanilla Kubernetes 19
Kubernetes administrator 229
Kubernetes API primitives 16, 17
Kubernetes authentication process
reference link 145
Kubernetes authorization, modes
ABAC authorization 154
Node authorization 154
RBAC authorization 154
Kubernetes cluster
applications, monitoring 213
architecture and components 8-10
configuring 29
installing 29
installing, with kubeadm 36, 37
Metrics Server installation, checking 209
Metrics Server, installing 209
Metrics Server, working 208
prerequisites, for installing 29-33
Kubernetes cluster, upgrading with kubeadm
about 49
Kubernetes, concepts
container images 11
containerized workload 11
container registry 12
Kubernetes Conformance Program
reference link 37
Kubernetes DNS server
Kubernetes ecosystems 19
Kubernetes event feed
reference link 244
Kubernetes, installing with native package management
reference link 22
Kubernetes, layers
Cloud layer 144
Cluster layer 144
Code layer 144
Container layer 144
Kubernetes logging architecture
reference link 220
Kubernetes multi-tenant model 17
Kubernetes networking model
about 166
container-to-container communication 166-168
external-to-service communications 170
node-to-node communication 184
pod-to-pod communication 168-170
pod-to-service communication 170
Kubernetes plugin model
layers 14
Kubernetes RBAC
about 155
roles, versus ClusterRoles 155-158
Kubernetes scheduler 10
Kubernetes service accounts 146
Kubernetes service types
ExternalName 182
Kubernetes tools
about 22
core tools 22
dashboard 28
deployment tools 25
Helm 26
Kubernetes volumes
about 118
ephemeral volumes 119
reference link 139
Kubernetes workloads
basics 72
kustomize
reference link 112
L
labels 100
large clusters, considerations
reference link 208
layers
layers, Kubernetes plugin model
container runtime 14
networking layer 15
storage layer 15
Linux shell 6
liveness probes 74
logs
managing, at cluster node 220
managing, at Pod levels 220
M
managed Kubernetes 19
manifest management
master node
MESSAGE column 244
Metrics Server
installation, checking 209
installing, in Kubernetes cluster 209
installing, with Helm charts 210
installing, with minikube add-ons 211, 212
installing, with YAML manifest file 210
Metrics Server Helm charts
reference link 210
Microsoft Azure 19
minikube
about 25
installing 33
using, to provision single node Kubernetes cluster 33, 34
using, to set up single node Kubernetes cluster 33
minikube cluster
configuring 35
deleting 35
installation, verifying 34
mock CKA scenario-based practice test 114
mounted storage
used, for configuring stateful applications 130-134
multi-container pod
about 75
shared networking 75
multiple Ingress controllers
using 187
N
namespaces
cluster, sharing with 17
Network Address Translation (NAT) 168
network file system (NFS) 118
networking layer 15
networking plugins
networking, troubleshooting
Kubernetes DNS server, troubleshooting 258-260
service, troubleshooting 260-262
nginx
reference link 189
node
kubelet agent, troubleshooting 240-242
Kubernetes components, inspecting 237
system-reserved process, troubleshooting 237-240
node affinity 101
node authorization
about 154
reference link 154
node selectors 100
node-to-node communication 184
O
OBJECT column 244
P
package management
with Helm 113
persistent storage
used, for configuring stateful applications 134
PersistentVolumeClaim (PVC) 125, 129, 130
PersistentVolume (PV)
access modes 128
reference link 129
volume modes 128
Pod
Kubernets service accounts, assigning to 149
pod events 73
Pod levels
logs, managing 220
pods 72
Pods 16
pod-to-pod communication 168-170
pod-to-service communications 170
ports and protocols
reference link 31
probes
about 74
liveness 74
readiness 74
startup 74
PTR records 190
R
RBAC authorization 154
RBAC failures, troubleshooting
minikube cluster, initiating 254-256
minikube cluster, managing 256, 257
readiness probes 74
REASON column 244
rewrite-target
reference link 189
role-based access control (RBAC) 4
RoleBinding 155
roles
about 155
ROLES column
about 232
control-plane role 232
etcd role 232
worker role 232
rolling updates
about 86
S
security context 8
selectors 100
service accounts
about 146
versus user accounts 146
service account tokens 122, 123
service, in Kubernetes
shell
obtaining, for troubleshooting 263, 264
single node Kubernetes cluster
setting up, with minikube 33
special interest group (SIG) 19, 49
SRV records 190
startup probes 74
stateful
versus stateless workloads 118
stateful applications
configuring, with mounted storage 130-134
configuring, with persistent storage 134
in Kubernetes 130
pod, configuring to consume PV 136-139
StatefulSet 16
static Pod 78
STATUS column 232
StorageClass
reference link 126
storage layer 15
T
taints 102
templating
with Helm 113
time management 8
tolerations 102
tools
installation link 23
Transmission Control Protocol (TCP) 29
troubleshooting
networking 258
RBAC failures 254
TYPE column 244
U
Unix domain socket 29
upstream vanilla Kubernetes 19
user accounts
about 146
versus service accounts 146
user impersonation
reference link 257
V
virtual machines (VMs) 11
volume modes 128
W
Webhook authorization 154
Webhook Mode
reference link 154
worker nodes
bootstrapping 43
joining, to control plane 43
workload scheduling 98