Index
A
- A/B testing (see canary deployments)
- ABAC (Attribute-Based Access Control), ABAC, Authorization Best Practices
- access control
- admission controllers, Admission Controllers, Admission Control and Authorization-Admission Control Best Practices
- affinity/anti-affinity, Pod Affinity and Anti-Affinity
- alert fatigue, Alerting
- alert thresholds, Alerting
- alerting
- Amazon EC2, Monitoring Tools
- Amazon Web Services (AWS), Exporting Services by Using Internal Load Balancers
- anomaly detection, Intrusion and Anomaly Detection Tooling
- application configuration, Configuring an Application with ConfigMaps
- application platforms
- approaches to developing higher-level abstractions, Approaches to Developing Higher-Level Abstractions
- best practices for building, Building Application Platforms Best Practices
- building on top of Kubernetes, Building Higher-Level Application Patterns on Top of Kubernetes-Summary
- design considerations, Design Considerations When Building Platforms-Support Existing Mechanisms for Service and Service Discovery
- design considerations when building platforms, Design Considerations When Building Platforms-Support Existing Mechanisms for Service and Service Discovery
- extending Kubernetes, Extending Kubernetes-Extending the Kubernetes User Experience
- extending Kubernetes clusters, Extending Kubernetes Clusters-Extending Kubernetes Clusters
- extending Kubernetes UX, Extending the Kubernetes User Experience
- support for existing mechanisms for service/service discovery, Support Existing Mechanisms for Service and Service Discovery
- support for exporting to a container image, Support Exporting to a Container Image
- application scaling, Application Scaling
- Application Service, Managing Configuration Files
- Attribute-Based Access Control (ABAC), ABAC, Authorization Best Practices
- authentication, Secrets and, Managing Authentication with Secrets-Managing Authentication with Secrets
- authorization, Authorization-Authorization Best Practices
- autoscaling, for machine learning, Machine Leaning on Kubernetes Best Practices
- AWS (Amazon Web Services), Exporting Services by Using Internal Load Balancers
- AWS Container Insights, Monitoring Tools
- Azure, Exporting Services by Using Internal Load Balancers
- Azure Container Instances, Monitoring Tools
- Azure CosmosDB, Multicluster Design Concerns
- Azure Kubernetes Service, Monitoring Tools
- Azure Monitor, Monitoring Tools
C
- cAdvisor, cAdvisor
- canary deployments, Deployment Strategies
- canary region, Canary Region
- Canonical Name (see CNAME-based Kubernetes Services)
- CD (see continuous delivery; continuous deployment; CI/CD pipeline)
- certificate-based authentication, Onboarding Users
- chaos engineering, Testing in Production
- chaos experiment, A Simple Chaos Experiment
- Chaos Toolkit, A Simple Chaos Experiment
- chart (Helm file collection), Parameterizing Your Application by Using Helm
- checkpoints, Checkpoints and saving models
- CI (see continuous integration)
- CI/CD pipeline, Continuous Integration, Testing, and Deployment-Summary
- best practices for, Best Practices for CI/CD
- chaos experiment, A Simple Chaos Experiment
- container builds, Container Builds
- container image tagging, Container Image Tagging
- continuous deployment (CD), Continuous Deployment-Deployment Strategies
- deployment strategies, Deployment Strategies-Deployment Strategies
- rolling upgrade, Performing a Rolling Upgrade
- setting up CD, Setting Up CD
- setting up CI, Setting Up CI-Setting Up CI
- testing, Testing
- testing in production, Testing in Production-Testing in Production
- version control, Version Control
- Classless Inter-Domain Routing (CIDR), Kubenet
- Cloud Spanner, Multicluster Design Concerns
- CloudWatch Container Insights, Monitoring Tools
- Cluster API, Managing Multiple Cluster Deployments
- Cluster Autoscaler add-on, Cluster autoscaling
- cluster scaling, Cluster Scaling
- cluster-level services, Cluster-Level Services
- ClusterIP service type, Service Type ClusterIP
- clusters
- CNAME-based Kubernetes Services, CNAME-Based Services for Stable DNS Names
- CNI plug-in
- compliance, multicluster design and, Why Multiple Clusters?
- config resource, Data Replication
- ConfigMaps
- configuration
- configuration drift, Continuous Deployment
- constraint resource, Defining Constraints
- constraint templates
- constraints
- Consul, Service Meshes, Multicluster Design Concerns
- container
- Container Advisor (cAdvisor), cAdvisor
- container builds, Container Builds
- container image tagging, Container Image Tagging
- container images (see image management)
- Container Insights, Monitoring Tools
- Container Network Interface (CNI) (see CNI plug-in)
- Container Storage Interface (CSI), Container Storage Interface and FlexVolume
- continuous delivery (CD), Multicluster Design Concerns
- (see also CI/CD pipeline)
- continuous deployment (CD), Continuous Deployment-Deployment Strategies
- continuous integration (CI), Continuous Integration
- control-plane components, Kubernetes Metrics Overview
- Core CNI project, The CNI Plug-in
- CoreDNS server, CNAME-Based Services for Stable DNS Names
- CSI (Container Storage Interface), Container Storage Interface and FlexVolume
- custom controllers, Deployment and Management Patterns
- Custom Metrics API, Metrics Server, HPA with Custom Metrics
- custom resource definitions (CRDs), Managing Namespaces, Introducing Gatekeeper
D
- data replication
- data scientists, machine learning and, Data Scientist Concerns
- database
- Datadog, Monitoring Tools
- dataset storage, for machine learning, Dataset storage and distribution among worker nodes during training
- debugging, Enabling Testing and Debugging
- declarative model, Managing Configuration Files, Releases
- DefaultStorageClass admission plug-in, Storage Classes
- dependencies, installation of, Initial Setup
- deployment
- Deployment object, Enabling Active Development
- Deployment resource, Creating a Replicated Application
- developer workflows (see workflows)
- development cluster
- development environment, Setting Up a Development Environment Best Practices
- disruption budgets, PodDisruptionBudgets
- distributed training, Distributed Training on Kubernetes, Machine Leaning on Kubernetes Best Practices
- DNS servers/resolvers, CNAME-Based Services for Stable DNS Names
- Docker image, Container Image Tagging
- docker-registry secrets, Secrets
- Domain Name System (DNS), Load-Balancing Traffic Around the World
- dot notation, Versioning
- drivers, machine learning, Libraries, Drivers, and Kernel Modules
- dynamic admission controllers, Admission Controller Types
F
- failurePolicy field, Admission Control Best Practices
- Falco, Intrusion and Anomaly Detection Tooling
- feature flag, Deployment Strategies
- Federation, Kubernetes Federation-Kubernetes Federation
- Federation v2 (KubeFed), Kubernetes Federation-Kubernetes Federation
- filesystem layout, Managing Configuration Files
- flaky tests, Goals
- flat networks, Multicluster Design Concerns
- FlexVolume, Container Storage Interface and FlexVolume
- Fluentd, Logging by Using an EFK Stack
- Flux, The GitOps Approach to Managing Clusters-The GitOps Approach to Managing Clusters
- Four Golden Signals, Monitoring Patterns, CNI Best Practices
G
- Gardener, Multicluster Management Tools
- Gatekeeper, Introducing Gatekeeper-Gatekeeper Next Steps
- audit and, Audit
- constraint, Constraint
- constraint templates, Constraint template
- data replication, Data Replication
- defining constraint templates, Defining Constraint Templates
- defining constraints, Defining Constraints
- demonstration content, Becoming Familiar with Gatekeeper
- example policies, Example Policies
- next steps for, Gatekeeper Next Steps
- rego and, Rego
- terminology, Gatekeeper Terminology
- UX, UX
- GCP Stackdriver, Monitoring Tools
- generic secrets, Secrets
- Git, Managing Configuration Files
- GitOps, The GitOps Approach to Managing Clusters-The GitOps Approach to Managing Clusters
- GKE (Google Kubernetes Engine), Monitoring Tools
- global deployment, Worldwide Application Distribution and Staging-Summary
- best practices, Worldwide Rollout Best Practices
- canary region, Canary Region
- constructing a global rollout, Constructing a Global Rollout
- distributing your image, Distributing Your Image
- identifying region types, Identifying Region Types
- load-balancing traffic, Load-Balancing Traffic Around the World
- parameterizing your deployment, Parameterizing Your Deployment
- pre-rollout validation, Pre-Rollout Validation-Pre-Rollout Validation
- reliably rolling out software, Reliably Rolling Out Software Around the World-Constructing a Global Rollout
- responding to problems, When Something Goes Wrong
- Google Cloud Spanner, Multicluster Design Concerns
- Google Four Golden Signals, Monitoring Patterns, CNI Best Practices
- Google Kubernetes Engine (GKE), Monitoring Tools
- Grafana, Monitoring Kubernetes Using Prometheus
- graphics processing units (GPUs), Model Training on Kubernetes-Training your first model on Kubernetes
- guaranteed QoS, Resource Limits and Pod Quality of Service
H
- hard multitenancy, Why Multiple Clusters?
- Hardware Security Module (HSM), Best practices specific to secrets
- headless service, Creating a TCP Load Balancer by Using Services, Service Type ClusterIP
- Heapster, Metrics Server
- Helm
- helm lint, Testing
- Horizontal Pod Autoscaler (HPA), Metrics Server, Application Scaling-HPA with Custom Metrics, Scaling with HPA
- HSM (Hardware Security Module), Best practices specific to secrets
- HTTP protocol management, Ingress and Ingress Controllers
- HTTP traffic, external Ingress for, Setting Up an External Ingress for HTTP Traffic
- hyperparameter tuning, Model Training on Kubernetes
I
- image management, Best Practices for Image Management
- importing services into Kubernetes, Importing Services into Kubernetes-Active Controller-Based Approaches
- InfluxDB, Monitoring Tools
- Infrastructure as Code (IaC), Multicluster Design Concerns
- Infrastructure as Software, Deployment and Management Patterns
- Ingress
- integration testing, Pre-Rollout Validation-Pre-Rollout Validation
- internal load balancers, exporting services using, Exporting Services by Using Internal Load Balancers
- intrusion detection, Intrusion and Anomaly Detection Tooling
- involuntary disruptions, PodDisruptionBudgets
- Istio, Service Meshes
K
- kernel modules, Libraries, Drivers, and Kernel Modules
- Kibana, Logging by Using an EFK Stack
- KQueen, Multicluster Management Tools
- kube-proxy, Integrating External Machines and Kubernetes
- kube-state-metrics, kube-state-metrics
- kube-system namespace, Admission Control Best Practices
- kubectl
- kubectx, Multicluster Management Tools
- KubeFed (Federation v2), Kubernetes Federation-Kubernetes Federation
- Kubenet
- kubens, Multicluster Management Tools
- Kubernetes Federation, Kubernetes Federation-Kubernetes Federation
- Kubernetes scheduler, Kubernetes Scheduler-Taints and Tolerations
- Kubernetes Services
- Kubernetes Volumes (see Volumes)
L
- libraries, machine learning, Libraries, Drivers, and Kernel Modules
- Limit (resource request), Creating a Replicated Application
- LimitRange, LimitRange
- Linkerd2, Service Meshes
- linters, Extending Kubernetes Clusters
- liveness probes, Alerting
- load balancing, Load-Balancing Traffic Around the World
- LoadBalancer service type, Service Type LoadBalancer
- logging, Logging Overview-Logging
- Logging as a Service (LaaS), Cluster-Level Services
M
- machine learning, Running Machine Learning in Kubernetes-Summary
- advantages of Kubernetes for, Why Is Kubernetes Great for Machine Learning?
- best practices, Machine Leaning on Kubernetes Best Practices
- checkpoints and saving models, Checkpoints and saving models
- data scientist concerns, Data Scientist Concerns
- dataset storage/distribution among worker nodes during training, Dataset storage and distribution among worker nodes during training
- distributed training, Distributed Training on Kubernetes
- for Kubernetes cluster admins, Machine Learning for Kubernetes Cluster Admins-Specialized Protocols
- libraries, drivers, and kernel modules, Libraries, Drivers, and Kernel Modules
- model training, Model Training on Kubernetes-Libraries, Drivers, and Kernel Modules
- networking, Networking
- resource constraints, Resource Constraints
- scheduling idiosyncrasies, Scheduling idiosyncrasies
- specialized hardware, Specialized Hardware
- specialized protocols, Specialized Protocols
- storage, Storage
- workflow phases, Machine Learning Workflow
- master branch, Version Control
- Message Passing Interface (MPI), Specialized Protocols
- metrics
- Metrics Aggregator, HPA with Custom Metrics
- Metrics API, Metrics Server
- Metrics Server API, HPA with Custom Metrics
- metrics-server, Metrics Server
- Microsoft Azure, Exporting Services by Using Internal Load Balancers
- Microsoft Azure CosmosDB, Multicluster Design Concerns
- Microsoft Azure Monitor, Monitoring Tools
- MNIST dataset, Training your first model on Kubernetes
- modules, authorization, Authorization Modules-Webhook
- monitoring, Monitoring and Logging in Kubernetes-Monitoring Kubernetes Using Prometheus
- MPI (Message Passing Interface), Specialized Protocols
- multiple clusters, Managing Multiple Clusters-Summary
- MutatingWebhookConfiguration, Configuring Admission Webhooks
- mutation, Admission Control Best Practices
N
- namespaces
- naming, of images, Best Practices for Image Management
- NCCL (NVIDIA Collective Communications Library), Specialized Protocols
- Netflix, chaos engineering at, Testing in Production
- network address translation (NAT), Multicluster Design Concerns
- networking, Networking, Network Security, and Service Mesh-Network Policy Best Practices
- NetworkPolicy API, Network Security Policy-Network Policy Best Practices
- NGINX, Using Ingress to Route Traffic to a Static File Server, Pod Affinity and Anti-Affinity, Ingress and Ingress Controllers
- NodePorts, Service Type NodePort, Exporting Services on NodePorts
- nodeSelector, nodeSelector
- NoSQL databases, Multicluster Design Concerns
- NVIDIA Collective Communications Library (NCCL), Specialized Protocols
- NVIDIA device plug-in, Specialized Hardware
P
- parameterizing
- passwords, Managing Authentication with Secrets-Managing Authentication with Secrets
- PersistentVolume, Deploying a Simple Stateful Database, PersistentVolume
- PersistentVolumeClaim, Deploying a Simple Stateful Database, PersistentVolumeClaims
- plug-ins
- PodDisruptionBudget, PodDisruptionBudgets
- pods
- PodSecurityPolicy API, PodSecurityPolicy API-PodSecurityPolicy Next Steps, Why Are They Important?
- policy and governance, Policy and Governance for Your Cluster-Summary
- predicate function, Predicates
- preStop hook, Deployment Strategies, StatefulSet and Operator Best Practices
- priority value, Priorities
- Prometheus, Monitoring Tools
- prometheus-operator, Deployment and Management Patterns-Deployment and Management Patterns
R
- Rancher, Multicluster Management Tools
- RBAC (role-based access control), RBAC-RBAC Best Practices
- RDMA (Remote Direct Memory Access), Networking
- readiness probe, Deployment Strategies
- recreate strategy, Rollouts
- RED (rate, errors, duration) monitoring pattern, Monitoring Patterns
- Redis, Managing Authentication with Secrets-Managing Authentication with Secrets
- rego
- releases, Releases, Best Practices for Versioning, Releases, and Rollouts
- Remote Direct Memory Access (RDMA), Networking
- ReplicaSet, Creating a Replicated Application, Rollouts, Stateful Applications
- Request (resource request), Creating a Replicated Application
- resource management, Resource Management-Summary
- admission controllers and, Why Are They Important?
- advanced scheduling techniques, Advanced Scheduling Techniques-Taints and Tolerations
- application scaling, Application Scaling
- best practices, Resource Management Best Practices
- cluster scaling, Cluster Scaling
- HPA with custom metrics, Scaling with HPA
- Kubernetes scheduler, Kubernetes Scheduler-Taints and Tolerations
- LimitRange, LimitRange
- namespaces for, Managing Resources by Using Namespaces
- pod disruption budgets, PodDisruptionBudgets
- pods, Pod Resource Management-Vertical Pod Autoscaler
- resource limits and pod QoS, Resource Limits and Pod Quality of Service-Resource Limits and Pod Quality of Service
- resource request, Resource Request
- setting ResourceQuotas on namespaces, ResourceQuota-ResourceQuota
- Vertical Pod Autoscaler, Vertical Pod Autoscaler
- Resource Metrics API, Metrics Server
- resource request, Resource Request
- ResourceQuotas, Creating and Securing a Namespace, ResourceQuota-ResourceQuota
- role-based access control (see RBAC)
- RoleBinding, Creating and Securing a Namespace, RoleBindings
- rolling updates, Deployment Strategies-Deployment Strategies
- rolling upgrade, Performing a Rolling Upgrade
- rollingUpdate, Rollouts
- rollouts, Rollouts
- rules, in RBAC, Rules
- RuntimeClass
S
- scaling
- scheduler (see Kubernetes scheduler)
- scoping, admission webhook, Admission Control Best Practices
- secret password, Managing Authentication with Secrets
- Secrets
- security, RBAC
- selector-less Kubernetes Services, Selector-Less Services for Stable IP Addresses
- semantic versioning, Versioning, Best Practices for Versioning, Releases, and Rollouts
- service API, Services in Kubernetes-Services and Ingress Controllers Best Practices
- service discovery, Multicluster Design Concerns
- service mesh, Service Meshes-Service Mesh Best Practices
- Service Mesh Interface (SMI), Service Meshes
- service type
- Service-Level Objectives (SLOs), Alerting
- services, Creating a TCP Load Balancer by Using Services
- setting up a basic service, Setting Up a Basic Service-Summary
- application overview, Application Overview
- configuring an application with ConfigMaps, Configuring an Application with ConfigMaps
- creating a replicated application, Creating a Replicated Application-Creating a Replicated Application
- creating a replicated service using deployments, Creating a Replicated Service Using Deployments-Creating a Replicated Application
- creating a TCP load balancer by using Services, Creating a TCP Load Balancer by Using Services
- deploying a simple stateful database, Deploying a Simple Stateful Database-Deploying a Simple Stateful Database
- deploying services best practices, Deploying Services Best Practices
- image management best practices, Best Practices for Image Management
- managing authentication with Secrets, Managing Authentication with Secrets-Managing Authentication with Secrets
- managing configuration files, Managing Configuration Files
- parameterizing application with Helm, Parameterizing Your Application by Using Helm-Parameterizing Your Application by Using Helm
- setting up external Ingress for HTTP traffic, Setting Up an External Ingress for HTTP Traffic
- using Ingress to route traffic to a static file server, Using Ingress to Route Traffic to a Static File Server-Using Ingress to Route Traffic to a Static File Server
- shared cluster
- sidecar containers, Extending Kubernetes Clusters
- sidecar pattern, Logging Overview
- Sidecar proxies, Service Meshes
- SLOs (Service-Level Objectives), Alerting
- smart scheduling, Machine Leaning on Kubernetes Best Practices
- SMI (Service Mesh Interface), Service Meshes
- soft multitenancy, Why Multiple Clusters?
- Software as a Service (SaaS)
- Stackdriver Kubernetes Engine Monitoring, Monitoring Tools
- standard admission controllers, Admission Controller Types
- state
- stateful applications, Stateful Applications-Summary
- stateful database, Deploying a Simple Stateful Database-Deploying a Simple Stateful Database
- StatefulSets
- static file server, Using Ingress to Route Traffic to a Static File Server-Using Ingress to Route Traffic to a Static File Server
- storage
- subjects, in RBAC, Subjects
- supply-chain attacks, Best Practices for Image Management
- Sysdig Monitor, Monitoring Tools
T
- taint-based eviction, Taints and Tolerations
- taints, Taints and Tolerations-Taints and Tolerations, Machine Leaning on Kubernetes Best Practices
- TCP (Transmission Control Protocol), Setting Up an External Ingress for HTTP Traffic, Creating a TCP Load Balancer by Using Services
- TCP load balancer, Creating a TCP Load Balancer by Using Services
- templating system, Parameterizing Your Application by Using Helm
- Terraform, Multicluster Design Concerns
- test flakiness, Goals
- testing, Goals
- Tiller, RBAC Best Practices
- time to live (TTL), Managing Namespaces
- tls secret, Secrets
- tolerations, Taints and Tolerations, Machine Leaning on Kubernetes Best Practices
- traffic shifting (see blue/green deployments)
- Transmission Control Protocol (TCP), Setting Up an External Ingress for HTTP Traffic, Creating a TCP Load Balancer by Using Services
- Transport Layer Security (TLS) secret, Secrets
- Transport Layer Security (TLS) termination, Ingress and Ingress Controllers
- troubleshooting, When Something Goes Wrong
- TTL (time to live), Managing Namespaces
U
- USE (utilization, saturation, errors) monitoring pattern, Monitoring Patterns
- UX (user experience)
V
- ValidatingWebhookConfiguration, Configuring Admission Webhooks
- validation, pre-global rollout, Pre-Rollout Validation-Pre-Rollout Validation
- versioning, Versioning
- Vertical Pod Autoscaler (VPA), Metrics Server, Vertical Pod Autoscaler
- Visual Studio (VS) Code, Enabling Testing and Debugging
- volumeMounts, Common Best Practices for the ConfigMap and Secrets APIs, Volumes and Volume Mounts
- Volumes, Managing Authentication with Secrets, Volumes and Volume Mounts
- voluntary evictions, PodDisruptionBudgets
- VPA (Vertical Pod Autoscaler), Metrics Server, Vertical Pod Autoscaler
- VS (Visual Studio) Code, Enabling Testing and Debugging
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.