Home Page Icon
Home Page
Table of Contents for
Cover
Close
Cover
by Duncan C. E. Winn
Cloud Foundry: The Definitive Guide, 1st Edition
Foreword
Preface
Who Should Read This Book
Why I Wrote This Book
A Word on Cloud-Native Platforms
Online Resources
Conventions Used in This Book
O’Reilly Safari
How to Contact Us
Acknowledgments
1. The Cloud-Native Platform
Why You Need a Cloud-Native Platform
Cloud-Native Platform Concepts
The Structured Platform
The Opinionated Platform
The Open Platform
Summary
2. Concepts
Undifferentiated Heavy Lifting
The Cloud Operating System
Do More
The Application as the Unit of Deployment
Using cf push Command to Deploy
Staging
Self-Service Application Life Cycle
The Twelve-Factor Contract
Release Engineering through BOSH
Built-In Resilience and Fault Tolerance
Self-Healing Processes
Self-Healing VMs
Self-Healing Application Instance Count
Resiliency Through Availability Zones
Aggregated Streaming of Logs and Metrics
Security
Distributed System Security
Environmental Risk Factors for Advanced Persistent Threats
Challenge of Minimal Change
The Three Rs of Enterprise Security
UAA Management
Organizations and Spaces
Orgs
Spaces
Resource Allocation
Domains Hosts and Routes
Route
Domains
Context Path–Based Routing
Rolling Upgrades and Blue/Green Deployments
Summary
3. Components
Component Overview
Routing via the Load Balancer and GoRouter
User Management and the UAA
The Cloud Controller
System State
The Application Life-Cycle Policy
Application Execution
Diego
Garden and runC
Metrics and Logging
Metron Agent
Loggregator
Messaging
Additional Components
Stacks
A Marketplace of On-Demand Services
Buildpacks and Docker Images
Infrastructure and the Cloud Provider Interface
The Cloud Foundry GitHub Repository
Summary
4. Preparing Your Cloud Foundry Environment
Installation Steps
Non-technical Considerations
Team Structure: Platform Operations for the Enterprise
Deployment Topology
Cloud Foundry Dependencies and Integrations
IaaS and Infrastructure Design
Designing for Resilience
Sizing and Scoping the Infrastructure
Setting Up an AWS VPC
Jumpbox
Networking Design and Routing
Using Static IPs
Subnets
Security Groups
Setting Up the Load Balancer
Setting Up Domains and Certificates
Summary
5. Installing and Configuring Cloud Foundry
Installation Steps
Installing Cloud Foundry
Changing Stacks
Growing the Platform
Validating Platform Integrity in Production
Start with a Sandbox
Production Verification Testing
Logical Environment Structure
Pushing Your First App
Summary
6. Diego
Why Diego?
A Brief Overview of How Diego Works
Essential Diego Concepts
Action Abstraction
Composable Actions
Layered Architecture
Interacting with Diego
CAPI
Staging Workflow
The CC-Bridge
Logging and Traffic Routing
Diego Components
The BBS
Diego Cell Components
The Diego Brain
The Access VM
The Diego State Machine and Workload Life Cycles
The Application Life Cycle
Task Life Cycle
Additional Components and Concepts
The Route-Emitter
Consul
Application Life-Cycle Binaries
Putting It All Together
Summary
7. Routing Considerations
Routing Primitives
Routes
Hostnames
Domains
Context Path Routing
Routing Components Overview
Routing Flow
Route-Mapping Flow
Load Balancer Considerations
Setting Request Header Fields
WebSocket Upgrades
The PROXY Protocol
TLS Termination and IPSec
GoRouter Considerations
Routing Table
Router and Route High Availability
Router Instrumentation and Logging
Sticky Sessions
The TCPRouter
TCP Routing Management Plane
TCPRouter Configuration Steps
Route Services
Route Service Workflow
Route Service Use Cases
Summary
8. Containers, Containers, Containers
What Is a Container?
Container Fervor
Linux Containers
Namespaces
CGroups
Disk Quotas
Filesystems
Container Implementation in Cloud Foundry
Why Garden?
OCI and runC
Container Scale
Container Technologies (and the Orchestration Challenge)
Summary
9. Buildpacks and Docker
Why Buildpacks?
Why Docker?
Buildpacks Explained
Staging
Detect
Compile
Release
Buildpack Structure
Modifying Buildpacks
Overriding Buildpacks
Using Custom or Community Buildpacks
Forking Buildpacks
Restaging
Packaging and Dependencies
Buildpack and Dependency Pipelines
Summary
10. BOSH Concepts
Release Engineering
Why BOSH?
The Cloud Provider Interface
Infrastructure as Code
Creating a BOSH Environment
Single-Node versus Distributed BOSH
BOSH Lite
BOSH Top-Level Primitives
Stemcells
Releases
Deployments
BOSH 2.0
Cloud Configuration
BOSH Links
Orphaned Disks
Addons
Summary
11. BOSH Releases
Release Overview
Cloud Foundry BOSH Release
BOSH Director BOSH Release
Anatomy of a BOSH Release
Jobs
Packages
Src, Blobs, and Blobstores
Packaging a Release
Compilation VMs
Summary
12. BOSH Deployments
YAML Files
Understanding YAML Syntax
Deployment Manifests
Director UUID and Deployment Name
Release Names
Stemcell
Instance Groups
Properties
Update
Credentials
Summary
13. BOSH Components and Commands
The BOSH Director
Director Blobstore
Director Task, Queue, and Workers
Director Database
Director Registry
BOSH Agent
Errand
The Command Line Interface
The Cloud Provider Interface
Health Monitor
Resurrector
Message Bus (NATS)
Creating a New VM
Disk Creation
Networking Definition
The BOSH CLI v2
Basic BOSH Commands
Summary
14. Debugging Cloud Foundry
Cloud Foundry Acceptance Tests
Logging
Typical Failure Scenarios
Configuration Failures
Infrastructure Failures
Release Job Process Failure
Scenario One: The App Is Not Reachable
Scenario Two: Network Address Translation Instance Deleted (Network Failure)
Scenario Three: Security Group Misconfiguration That Blocks Ingress Traffic
Scenario Four: Invoking High Memory Usage That Kills a Container
Scenario Five: Route Collision
Scenario 6: Release Job Process Failures
Scenario 7: Instance Group Failure
Summary
15. User Account and Authentication Management
Background Information
OAuth 2.0
UAA Documentation
UAA Release
UAA Responsibilities
Securing Cloud Foundry Components and API Endpoints
Securing Service Access for Apps
UAA Architecture and Configuration Within Cloud Foundry
Instance Groups Governed by the UAA
UAA Instance Groups
UAA Database
UAA Runtime Components
UAA Logging and Metrics
Keys, Tokens, and Certificate Rotation
User Import
Roles and Scopes
Scopes
Roles
Summary
16. Designing for Resilience, Planning for Disaster
High Availability Considerations
Extending Cloud Foundry’s Built-In Resiliency
Resiliency Through Multiple Cloud Foundry Deployments
Resiliency Through Pipelines
Data Consistency Through Services
HA IaaS Configuration
AWS Failure Boundaries
vCenter Failure Boundaries
Backup and Restore
Restoring BOSH
Bringing Back Cloud Foundry
Validating Platform Integrity in Production
Start with a Sandbox
Production Verification Testing
Summary
17. Cloud Foundry Roadmap
v3 API
Multiple Droplets per App
Multiple Apps per Droplet (Process Types)
Tasks
Diego Scheduling
Cell Rebalancing
Boulders
Tracing
Containers
Network Shaping
Container Snapshots
Container-to-Container Networking
Traffic Resiliency
Buildpacks and Staging
Multibuildpacks
Post-Staging Policy or Step
Compiler-Less Rootfs and Stemcells
Isolation Segments
Summary
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Cloud Foundry: The Definitive Guide
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset