- Ocena:
- Bądź pierwszym, który oceni tę książkę
- Stron:
- 508
- Dostępne formaty:
-
ePubMobi
Opis ebooka: Production Kubernetes
Kubernetes has become the dominant container orchestrator, but many organizations that have recently adopted this system are still struggling to run actual production workloads. In this practical book, four software engineers from VMware bring their shared experiences running Kubernetes in production and provide insight on key challenges and best practices.
The brilliance of Kubernetes is how configurable and extensible the system is, from pluggable runtimes to storage integrations. For platform engineers, software developers, infosec, network engineers, storage engineers, and others, this book examines how the path to success with Kubernetes involves a variety of technology, pattern, and abstraction considerations.
With this book, you will:
- Understand what the path to production looks like when using Kubernetes
- Examine where gaps exist in your current Kubernetes strategy
- Learn Kubernetes's essential building blocks--and their trade-offs
- Understand what's involved in making Kubernetes a viable location for applications
- Learn better ways to navigate the cloud native landscape
Wybrane bestsellery
-
To książka przeznaczona dla osób, które chcą z powodzeniem uruchomić Kubernetes w środowisku produkcyjnym jako platformę dla aplikacji przedsiębiorstwa. Zawiera wiele wniosków płynących z praktycznych doświadczeń autorów, omawia też kluczowe wyzwania i najlepsze praktyki. Pokazuje, w jaki sposób ...
Kubernetes w środowisku produkcyjnym. Jak budować efektywne platformy aplikacji Kubernetes w środowisku produkcyjnym. Jak budować efektywne platformy aplikacji
(59.40 zł najniższa cena z 30 dni)64.35 zł
99.00 zł(-35%) -
To drugie, zaktualizowane wydanie przewodnika po systemie Prometheus. Znajdziesz w nim wyczerpujące wprowadzenie do tego oprogramowania, a także wskazówki dotyczące monitorowania aplikacji i infrastruktury, tworzenia wykresów, przekazywania ostrzeżeń, bezpośredniej instrumentacji kodu i pobierani...
Prometheus w pełnej gotowości. Jak monitorować pracę infrastruktury i wydajność działania aplikacji. Wydanie II Prometheus w pełnej gotowości. Jak monitorować pracę infrastruktury i wydajność działania aplikacji. Wydanie II
(53.40 zł najniższa cena z 30 dni)57.84 zł
89.00 zł(-35%) -
Odkryj moc Dockera i przekształć swój sposób pracy z aplikacjami i infrastrukturą! Ta książka to Twój bilet do świata, gdzie wdrożenia stają się szybsze, a aplikacje bardziej przenośne i bezpieczne. Oto, jak Docker może rewolucjonizować Twój workflow: Izolacja aplikacji: Każda aplikacja dział...
Docker w 1 dzień. Docker od podstaw, po projektowanie i praktyczne zastosowania Docker w 1 dzień. Docker od podstaw, po projektowanie i praktyczne zastosowania
-
NGINX is one of the most widely used web servers available today, in part because of itscapabilities as a load balancer and reverse proxy server for HTTP and other network protocols. This revised cookbook provides easy-to-follow examples of real-world problems in application delivery. Practical r...(186.15 zł najniższa cena z 30 dni)
186.15 zł
219.00 zł(-15%) -
Kubernetes is the de facto standard for container orchestration and distributed applications management across a microservices framework. With this practical cookbook, you'll learn hands-on Kubernetes recipes for automating the deployment, scaling, and operations of application containers across ...(203.15 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%) -
In this practical guide, four Kubernetes professionals with deep experience in distributed systems, enterprise application development, and open source will guide you through the process of building applications with this container orchestration system. They distill decades of experience from com...(203.15 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%) -
Vulnerabilities in software and IT infrastructure pose a major threat to organizations. In response, the Cloud Native Computing Foundation (CNCF) developed the Certified Kubernetes Security Specialist (CKS) certification to verify an administrator's proficiency to protect Kubernetes clusters and ...
Certified Kubernetes Security Specialist (CKS) Study Guide Certified Kubernetes Security Specialist (CKS) Study Guide
(169.14 zł najniższa cena z 30 dni)177.65 zł
209.00 zł(-15%) -
Get up to speed with Prometheus, the metrics-based monitoring system used in production by tens of thousands of organizations. This updated second edition provides site reliability engineers, Kubernetes administrators, and software developers with a hands-on introduction to the most important asp...(203.15 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%) -
Is Kubernetes ready for stateful workloads? This open source system has become the primary platform for deploying and managing cloud native applications. But because it was originally designed for stateless workloads, working with data on Kubernetes has been challenging. If you want to avoid the ...(211.65 zł najniższa cena z 30 dni)
220.15 zł
259.00 zł(-15%) -
Kubernetes has gained significant popularity over the past few years, with OpenShift as one of its most mature and prominent distributions. But while OpenShift provides several layers of abstraction over vanilla Kubernetes, this software can quickly become overwhelming because of its rich feature...(186.15 zł najniższa cena z 30 dni)
186.15 zł
219.00 zł(-15%)
O autorach ebooka
Josh Rosso jest inżynierem oprogramowania. Pracował z Kubernetesem w CoreOS (Red Hat), Heptio i VMware.
Rich Lander jest inżynierem terenowym VMware. Pomaga przedsiębiorstwom wdrażać Kubernetes i technologie natywne dla chmury.
Alexander Brand jest inżynierem oprogramowania. Zajmuje się Kubernetesem i technologiami natywnymi chmury.
Kup polskie wydanie:
Kubernetes w środowisku produkcyjnym. Jak budować efektywne platformy aplikacji
- Autor:
- Josh Rosso, Rich Lander, Alex Brand, John Harris
49,50 zł
99,00 zł
(39.90 zł najniższa cena z 30 dni)
Ebooka "Production Kubernetes" przeczytasz na:
-
czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
-
systemach Windows, MacOS i innych
-
systemach Windows, Android, iOS, HarmonyOS
-
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi
Masz pytania? Zajrzyj do zakładki Pomoc »
Audiobooka "Production Kubernetes" posłuchasz:
-
w aplikacji Ebookpoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych
-
na dowolnych urządzeniach i aplikacjach obsługujących format MP3 (pliki spakowane w ZIP)
Masz pytania? Zajrzyj do zakładki Pomoc »
Kurs Video "Production Kubernetes" zobaczysz:
-
w aplikacjach Ebookpoint i Videopoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych z dostępem do najnowszej wersji Twojej przeglądarki internetowej
Szczegóły ebooka
- ISBN Ebooka:
- 978-14-920-9225-4, 9781492092254
- Data wydania ebooka:
- 2021-03-16 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
- Język publikacji:
- angielski
- Rozmiar pliku ePub:
- 8.5MB
- Rozmiar pliku Mobi:
- 21.7MB
Spis treści ebooka
- Foreword
- Preface
- Conventions Used in This Book
- Using Code Examples
- OReilly Online Learning
- How to Contact Us
- Acknowledgments
- 1. A Path to Production
- Defining Kubernetes
- The Core Components
- Beyond OrchestrationExtended Functionality
- Kubernetes Interfaces
- Summarizing Kubernetes
- Defining Kubernetes
- Defining Application Platforms
- The Spectrum of Approaches
- Aligning Your Organizational Needs
- Summarizing Application Platforms
- Building Application Platforms on Kubernetes
- Starting from the Bottom
- The Abstraction Spectrum
- Determining Platform Services
- The Building Blocks
- IAAS/datacenter and Kubernetes
- Container runtime
- Container networking
- Storage integration
- Service routing
- Secret management
- Identity
- Authorization/admission control
- Software supply chain
- Observability
- Developer abstractions
- Summary
- 2. Deployment Models
- Managed Service Versus Roll Your Own
- Managed Services
- Roll Your Own
- Making the Decision
- Managed Service Versus Roll Your Own
- Automation
- Prebuilt Installer
- Custom Automation
- Architecture and Topology
- etcd Deployment Models
- Network considerations
- Dedicated versus colocated
- Containerized versus on host
- etcd Deployment Models
- Cluster Tiers
- Node Pools
- Cluster Federation
- Management clusters
- Observability
- Federated software deployment
- Infrastructure
- Bare Metal Versus Virtualized
- Cluster Sizing
- Compute Infrastructure
- Networking Infrastructure
- Routability
- Redundancy
- Load balancing
- Automation Strategies
- Infra management tools
- Kubernetes operators
- Machine Installations
- Configuration Management
- Machine Images
- What to Install
- Containerized Components
- Add-ons
- Upgrades
- Platform Versioning
- Plan to Fail
- Integration Testing
- Strategies
- Cluster replacement
- Node replacement
- In-place upgrades
- Triggering Mechanisms
- Summary
- 3. Container Runtime
- The Advent of Containers
- The Open Container Initiative
- OCI Runtime Specification
- OCI Image Specification
- The Container Runtime Interface
- Starting a Pod
- Choosing a Runtime
- Docker
- containerd
- CRI-O
- Kata Containers
- Virtual Kubelet
- Summary
- 4. Container Storage
- Storage Considerations
- Access Modes
- Volume Expansion
- Volume Provisioning
- Backup and Recovery
- Block Devices and File and Object Storage
- Ephemeral Data
- Choosing a Storage Provider
- Storage Considerations
- Kubernetes Storage Primitives
- Persistent Volumes and Claims
- Storage Classes
- The Container Storage Interface (CSI)
- CSI Controller
- CSI Node
- Implementing Storage as a Service
- Installation
- Exposing Storage Options
- Consuming Storage
- Resizing
- Snapshots
- Summary
- 5. Pod Networking
- Networking Considerations
- IP Address Management
- Routing Protocols
- Encapsulation and Tunneling
- Workload Routability
- IPv4 and IPv6
- Encrypted Workload Traffic
- Network Policy
- Summary: Networking Considerations
- Networking Considerations
- The Container Networking Interface (CNI)
- CNI Installation
- CNI Plug-ins
- Calico
- Cilium
- AWS VPC CNI
- Multus
- Additional Plug-ins
- Summary
- 6. Service Routing
- Kubernetes Services
- The Service Abstraction
- Service IP Address Management
- The Service resource
- Service types
- ClusterIP
- NodePort
- LoadBalancer
- ExternalName
- Headless Service
- Supported communication protocols
- The Service Abstraction
- Kubernetes Services
- Endpoints
- The Endpoints resource
- The Endpoints controller
- Pod readiness and readiness probes
- The EndpointSlices resource
- Service Implementation Details
- Kube-proxy
- Kube-proxy: iptables mode
- ClusterIP Services
- NodePort and LoadBalancer Services
- Connection tracking (conntrack)
- Masquerade
- Performance concerns
- Kube-proxy: IP Virtual Server (IPVS) mode
- ClusterIP Services
- NodePort and LoadBalancer Services
- Running without kube-proxy
- Service Discovery
- Using DNS
- Using the Kubernetes API
- Using environment variables
- DNS Service Performance
- DNS cache on each node
- Auto-scaling the DNS server deployment
- Ingress
- The Case for Ingress
- The Ingress API
- Ingress Controllers and How They Work
- Ingress Traffic Patterns
- HTTP proxying
- HTTP proxying with TLS
- Layer 3/4 proxying
- Choosing an Ingress Controller
- Ingress Controller Deployment Considerations
- Dedicated Ingress nodes
- Binding to the host network
- Ingress controllers and external traffic policy
- Spread Ingress controllers across failure domains
- DNS and Its Role in Ingress
- Wildcard DNS record
- Kubernetes and DNS integration
- Handling TLS Certificates
- Service Mesh
- When (Not) to Use a Service Mesh
- The Service Mesh Interface (SMI)
- The Data Plane Proxy
- Service Mesh on Kubernetes
- Data Plane Architecture
- Sidecar proxy
- Node proxy
- Adopting a Service Mesh
- Prioritize one of the pillars
- Deploy to a new or an existing cluster?
- Handling upgrades
- Resource overhead
- Certificate Authority for mutual TLS
- Multicluster service mesh
- Summary
- 7. Secret Management
- Defense in Depth
- Disk Encryption
- Transport Security
- Application Encryption
- Defense in Depth
- The Kubernetes Secret API
- Secret Consumption Models
- Environment variables
- Volumes
- Client API Consumption
- Secret Consumption Models
- Secret Data in etcd
- Static-Key Encryption
- Envelope Encryption
- External Providers
- Vault
- Cyberark
- Injection Integration
- CSI Integration
- Secrets in the Declarative World
- Sealing Secrets
- Sealed Secrets Controller
- Key Renewal
- Multicluster Models
- Best Practices for Secrets
- Always Audit Secret Interaction
- Dont Leak Secrets
- Prefer Volumes Over Environment Variables
- Make Secret Store Providers Unknown to Your Application
- Summary
- 8. Admission Control
- The Kubernetes Admission Chain
- In-Tree Admission Controllers
- Webhooks
- Configuring Webhook Admission Controllers
- Webhook Design Considerations
- Writing a Mutating Webhook
- Plain HTTPS Handler
- Controller Runtime
- Centralized Policy Systems
- Summary
- 9. Observability
- Logging Mechanics
- Container Log Processing
- Application forwarding
- Sidecar processing
- Node agent forwarding
- Container Log Processing
- Kubernetes Audit Logs
- Kubernetes Events
- Alerting on Logs
- Security Implications
- Logging Mechanics
- Metrics
- Prometheus
- Long-Term Storage
- Pushing Metrics
- Custom Metrics
- Organization and Federation
- Alerts
- Dead mans switch
- Showback and Chargeback
- Showback by requests
- Showback by consumption
- Chargeback
- Network and storage
- Metrics Components
- Prometheus Operator
- Prometheus servers
- Alertmanager
- Grafana
- Node exporter
- kube-state-metrics
- Prometheus adapter
- Distributed Tracing
- OpenTracing and OpenTelemetry
- Tracing Components
- Agent
- Collector
- Storage
- API
- User interface
- Application Instrumentation
- Service Meshes
- Summary
- 10. Identity
- User Identity
- Authentication Methods
- Shared secrets
- Public key infrastructure
- OpenID Connect (OIDC)
- Authentication Methods
- Implementing Least Privilege Permissions for Users
- User Identity
- Application/Workload Identity
- Shared Secrets
- Network Identity
- Calico
- Cilium
- Service Account Tokens (SAT)
- Projected Service Account Tokens (PSAT)
- Platform Mediated Node Identity
- AWS platform authentication methods/tooling
- kube2iam
- kiam
- IAM Roles for Service Accounts (IRSA)
- AWS platform authentication methods/tooling
- Cross-platform identity with SPIFFE and SPIRE
- Architecture and concepts
- Direct application access
- Sidecar proxy
- Service mesh (Istio)
- Other application integration methods
- Integration with secrets store (Vault)
- Integration with AWS
- Summary
- 11. Building Platform Services
- Points of Extension
- Plug-in Extensions
- Webhook Extensions
- Authentication extensions
- Admission control
- Operator Extensions
- Points of Extension
- The Operator Pattern
- Kubernetes Controllers
- Custom Resources
- Operator Use Cases
- Platform Utilities
- General-Purpose Workload Operators
- App-Specific Operators
- Developing Operators
- Operator Development Tooling
- Kubebuilder
- Metacontroller
- Operator Framework
- Operator Development Tooling
- Data Model Design
- Logic Implementation
- Existing state
- Desired state
- Reconciliation
- Implementation details
- Admission webhooks
- Finalizers
- Extending the Scheduler
- Predicates and Priorities
- Scheduling Policies
- Scheduling Profiles
- Multiple Schedulers
- Custom Scheduler
- Summary
- 12. Multitenancy
- Degrees of Isolation
- Single-Tenant Clusters
- Multitenant Clusters
- Degrees of Isolation
- The Namespace Boundary
- Multitenancy in Kubernetes
- Role-Based Access Control (RBAC)
- Resource Quotas
- Admission Webhooks
- Resource Requests and Limits
- Network Policies
- Pod Security Policies
- Multitenant Platform Services
- Summary
- 13. Autoscaling
- Types of Scaling
- Application Architecture
- Workload Autoscaling
- Horizontal Pod Autoscaler
- Vertical Pod Autoscaler
- Autoscaling with Custom Metrics
- Cluster Proportional Autoscaler
- Custom Autoscaling
- Cluster Autoscaling
- Cluster Overprovisioning
- Summary
- 14. Application Considerations
- Deploying Applications to Kubernetes
- Templating Deployment Manifests
- Packaging Applications for Kubernetes
- Deploying Applications to Kubernetes
- Ingesting Configuration and Secrets
- Kubernetes ConfigMaps and Secrets
- Obtaining Configuration from External Systems
- Handling Rescheduling Events
- Pre-stop Container Life Cycle Hook
- Graceful Container Shutdown
- Satisfying Availability Requirements
- State Probes
- Liveness Probes
- Readiness Probes
- Startup Probes
- Implementing Probes
- Pod Resource Requests and Limits
- Resource Requests
- Resource Limits
- Application Logs
- What to Log
- Unstructured Versus Structured Logs
- Contextual Information in Logs
- Exposing Metrics
- Instrumenting Applications
- USE Method
- RED Method
- The Four Golden Signals
- App-Specific Metrics
- Instrumenting Services for Distributed Tracing
- Initializing the Tracer
- Creating Spans
- Propagate Context
- Summary
- 15. Software Supply Chain
- Building Container Images
- The Golden Base Images Antipattern
- Choosing a Base Image
- Runtime User
- Pinning Package Versions
- Build Versus Runtime Image
- Cloud Native Buildpacks
- Building Container Images
- Image Registries
- Vulnerability Scanning
- Quarantine Workflow
- Image Signing
- Continuous Delivery
- Integrating Builds into a Pipeline
- Push-Based Deployments
- Rollout Patterns
- GitOps
- Summary
- 16. Platform Abstractions
- Platform Exposure
- Self-Service Onboarding
- The Spectrum of Abstraction
- Command-Line Tooling
- Abstraction Through Templating
- Helm
- Kustomize
- Abstracting Kubernetes Primitives
- Making Kubernetes Invisible
- Summary
- Index
O'Reilly Media - inne książki
-
JavaScript gives web developers great power to create rich interactive browser experiences, and much of that power is provided by the browser itself. Modern web APIs enable web-based applications to come to life like never before, supporting actions that once required browser plug-ins. Some are s...(186.15 zł najniższa cena z 30 dni)
186.15 zł
219.00 zł(-15%) -
How will software development and operations have to change to meet the sustainability and green needs of the planet? And what does that imply for development organizations? In this eye-opening book, sustainable software advocates Anne Currie, Sarah Hsu, and Sara Bergman provide a unique overview...(160.65 zł najniższa cena z 30 dni)
177.65 zł
209.00 zł(-15%) -
OpenTelemetry is a revolution in observability data. Instead of running multiple uncoordinated pipelines, OpenTelemetry provides users with a single integrated stream of data, providing multiple sources of high-quality telemetry data: tracing, metrics, logs, RUM, eBPF, and more. This practical gu...(143.65 zł najniższa cena z 30 dni)
152.15 zł
179.00 zł(-15%) -
Interested in developing embedded systems? Since they don't tolerate inefficiency, these systems require a disciplined approach to programming. This easy-to-read guide helps you cultivate good development practices based on classic software design patterns and new patterns unique to embedded prog...(152.15 zł najniższa cena z 30 dni)
160.65 zł
189.00 zł(-15%) -
If you use Linux in your day-to-day work, then Linux Pocket Guide is the perfect on-the-job reference. This thoroughly updated 20th anniversary edition explains more than 200 Linux commands, including new commands for file handling, package management, version control, file format conversions, an...(92.65 zł najniższa cena z 30 dni)
101.15 zł
119.00 zł(-15%) -
Gain the valuable skills and techniques you need to accelerate the delivery of machine learning solutions. With this practical guide, data scientists, ML engineers, and their leaders will learn how to bridge the gap between data science and Lean product delivery in a practical and simple way. Dav...(245.65 zł najniższa cena z 30 dni)
245.65 zł
289.00 zł(-15%) -
This practical book provides a detailed explanation of the zero trust security model. Zero trust is a security paradigm shift that eliminates the concept of traditional perimeter-based security and requires you to "always assume breach" and "never trust but always verify." The updated edition off...(203.15 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%) -
Decentralized finance (DeFi) is a rapidly growing field in fintech, having grown from $700 million to $100 billion over the past three years alone. But the lack of reliable information makes this area both risky and murky. In this practical book, experienced securities attorney Alexandra Damsker ...(203.15 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%) -
Whether you're a startup founder trying to disrupt an industry or an entrepreneur trying to provoke change from within, your biggest challenge is creating a product people actually want. Lean Analytics steers you in the right direction.This book shows you how to validate your initial idea, find t...(126.65 zł najniższa cena z 30 dni)
126.65 zł
149.00 zł(-15%) -
When it comes to building user interfaces on the web, React enables web developers to unlock a new world of possibilities. This practical book helps you take a deep dive into fundamental concepts of this JavaScript library, including JSX syntax and advanced patterns, the virtual DOM, React reconc...(194.65 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%)
Dzieki opcji "Druk na żądanie" do sprzedaży wracają tytuły Grupy Helion, które cieszyły sie dużym zainteresowaniem, a których nakład został wyprzedany.
Dla naszych Czytelników wydrukowaliśmy dodatkową pulę egzemplarzy w technice druku cyfrowego.
Co powinieneś wiedzieć o usłudze "Druk na żądanie":
- usługa obejmuje tylko widoczną poniżej listę tytułów, którą na bieżąco aktualizujemy;
- cena książki może być wyższa od początkowej ceny detalicznej, co jest spowodowane kosztami druku cyfrowego (wyższymi niż koszty tradycyjnego druku offsetowego). Obowiązująca cena jest zawsze podawana na stronie WWW książki;
- zawartość książki wraz z dodatkami (płyta CD, DVD) odpowiada jej pierwotnemu wydaniu i jest w pełni komplementarna;
- usługa nie obejmuje książek w kolorze.
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka, którą chcesz zamówić pochodzi z końcówki nakładu. Oznacza to, że mogą się pojawić drobne defekty (otarcia, rysy, zagięcia).
Co powinieneś wiedzieć o usłudze "Końcówka nakładu":
- usługa obejmuje tylko książki oznaczone tagiem "Końcówka nakładu";
- wady o których mowa powyżej nie podlegają reklamacji;
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka drukowana
Oceny i opinie klientów: Production Kubernetes Josh Rosso, Rich Lander, Alex Brand (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.