Kubernetes in Production Best Practices

Book description

Design, build, and operate scalable and reliable Kubernetes infrastructure for production

Key Features

  • Implement industry best practices to build and manage production-grade Kubernetes infrastructure
  • Learn how to architect scalable Kubernetes clusters, harden container security, and fine-tune resource management
  • Understand, manage, and operate complex business workloads confidently

Book Description

Although out-of-the-box solutions can help you to get a cluster up and running quickly, running a Kubernetes cluster that is optimized for production workloads is a challenge, especially for users with basic or intermediate knowledge. With detailed coverage of cloud industry standards and best practices for achieving scalability, availability, operational excellence, and cost optimization, this Kubernetes book is a blueprint for managing applications and services in production.

You'll discover the most common way to deploy and operate Kubernetes clusters, which is to use a public cloud-managed service from AWS, Azure, or Google Cloud Platform (GCP). This book explores Amazon Elastic Kubernetes Service (Amazon EKS), the AWS-managed version of Kubernetes, for working through practical exercises. As you get to grips with implementation details specific to AWS and EKS, you'll understand the design concepts, implementation best practices, and configuration applicable to other cloud-managed services. Throughout the book, you'll also discover standard and cloud-agnostic tools, such as Terraform and Ansible, for provisioning and configuring infrastructure.

By the end of this book, you'll be able to leverage Kubernetes to operate and manage your production environments confidently.

What you will learn

  • Explore different infrastructure architectures for Kubernetes deployment
  • Implement optimal open source and commercial storage management solutions
  • Apply best practices for provisioning and configuring Kubernetes clusters, including infrastructure as code (IaC) and configuration as code (CAC)
  • Configure the cluster networking plugin and core networking components to get the best out of them
  • Secure your Kubernetes environment using the latest tools and best practices
  • Deploy core observability stacks, such as monitoring and logging, to fine-tune your infrastructure

Who this book is for

This book is for cloud infrastructure experts, DevOps engineers, site reliability engineers, and engineering managers looking to design and operate Kubernetes infrastructure for production. Basic knowledge of Kubernetes, Terraform, Ansible, Linux, and AWS is needed to get the most out of this book.

Table of contents

  1. Kubernetes in Production Best Practices
  2. Contributors
  3. About the authors
  4. About the reviewers
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Code in Action
    6. Download the color images
    7. Conventions used
    8. Get in touch
    9. Reviews
  6. Chapter 1: Introduction to Kubernetes Infrastructure and Production-Readiness
    1. The basics of Kubernetes infrastructure
      1. Kubernetes components
    2. Why Kubernetes is challenging in production
    3. Kubernetes production-readiness
      1. The production-readiness checklist
    4. Kubernetes infrastructure best practices
      1. The 12 principles of infrastructure design and management
      2. Applications definition and deployment
      3. Processes, team, and culture
    5. Cloud-native approach
      1. The Cloud Native Computing Foundation
      2. Why we should care about cloud-native
      3. Cloud-native landscape and ecosystem
      4. Cloud-native trail map
    6. Summary
    7. Further reading
  7. Chapter 2: Architecting Production-Grade Kubernetes Infrastructure
    1. Understanding Kubernetes infrastructure design considerations
      1. Scaling and elasticity
      2. High availability and reliability
      3. Security and compliance
      4. Cost management and optimization
      5. Manageability and operational efficiency
    2. Exploring Kubernetes deployment strategy alternatives
    3. Designing an Amazon EKS infrastructure
      1. Choosing the infrastructure provider
      2. Choosing the cluster and node size
      3. Choosing tools for cluster deployment and management
      4. Deciding the cluster architecture
    4. Summary
    5. Further reading
  8. Chapter 3: Provisioning Kubernetes Clusters Using AWS and Terraform
    1. Technical requirements
      1. Installing Terraform
    2. Implementation principles and best practices
    3. Cluster deployment and rollout strategy
    4. Preparing Terraform
      1. Terraform directory structure
      2. Persisting the Terraform state
      3. Creating Terraform state configuration
      4. Provisioning the Terraform state
      5. Utilizing Terraform workspaces
    5. Creating the network infrastructure
      1. Developing the VPC Terraform module
      2. Developing the cluster VPC
      3. Provisioning the cluster VPC
    6. Creating the cluster infrastructure
      1. Developing the EKS Terraform module
      2. Developing the workers' Terraform module
      3. Developing the Kubernetes cluster Terraform module
      4. Putting all modules together
      5. Provisioning the cluster infrastructure
    7. Cleaning up and destroying infrastructure resources
      1. Destroying the cluster resources
      2. Destroying the VPC resources
      3. Destroying the shared state resources
    8. Summary
    9. Further reading
  9. Chapter 4: Managing Cluster Configuration with Ansible
    1. Technical requirements
    2. Installing the required tools
    3. Implementation principles
    4. Kubernetes configuration management
      1. Kubernetes configuration management workflow
      2. Configuration management with Ansible
    5. Configuring the clusters
      1. The ansible directory's structure
      2. Creating Ansible templates
      3. Creating Ansible variables
      4. Creating Ansible inventories
      5. Creating Ansible tasks
      6. Creating the cluster's playbook
      7. Applying the cluster's Ansible playbook
    6. Destroying the cluster's resources
    7. Summary
    8. Further reading
  10. Chapter 5: Configuring and Enhancing Kubernetes Networking Services
    1. Technical requirements
    2. Introducing networking production readiness
    3. Configuring Kube Proxy
    4. Configuring the Amazon CNI plugin
    5. Configuring CoreDNS
    6. Configuring ExternalDNS
    7. Configuring NGINX Ingress Controller
    8. Deploying the cluster's network services
    9. Destroying the cluster's resources
    10. Summary
    11. Further reading
  11. Chapter 6: Securing Kubernetes Effectively
    1. Technical requirements
    2. Securing Kubernetes infrastructure
    3. Managing cluster access
      1. Cluster authentication
      2. Cluster authorization
      3. Admission controller
    4. Managing secrets and certificates
      1. Creating and managing secrets
      2. Managing TLS certificates with Cert-Manager
    5. Securing workloads and apps
      1. Isolating critical workloads
      2. Hardening the default pod security policy
      3. Limiting pod access
      4. Creating network policies with Calico
      5. Monitoring runtime with Falco
    6. Ensuring cluster security and compliance
      1. Executing Kubernetes conformance tests
      2. Scanning cluster security configuration
      3. Executing the CIS Kubernetes benchmark
      4. Enabling audit logging
    7. Bonus security tips
    8. Deploying the security configurations
    9. Destroying the cluster
    10. Summary
    11. Further reading
  12. Chapter 7: Managing Storage and Stateful Applications
    1. Technical requirements
      1. Installing the required tools
    2. Implementation principles
    3. Understanding the challenges with stateful applications
    4. Tuning Kubernetes storage
      1. Understanding storage primitives in Kubernetes
    5. Choosing a persistent storage solution
    6. Deploying stateful applications
      1. Installing OpenEBS
      2. Deploying a stateful application on OpenEBS volumes
    7. Summary
    8. Further reading
  13. Chapter 8: Deploying Seamless and Reliable Applications
    1. Technical requirements
    2. Understanding the challenges with container images
      1. Exploring the components of container images
      2. Choosing the right container base image
      3. Reducing container image size
      4. Scanning container images for vulnerabilities
      5. Testing the download speed of a container image
      6. Applying container base images best practices
    3. Learning application deployment strategies
      1. Choosing the deployment model
      2. Monitoring deployments
      3. Using readiness and liveness container probes
    4. Scaling applications and achieving higher availability
    5. Summary
    6. Further reading
  14. Chapter 9: Monitoring, Logging, and Observability
    1. Technical requirements
    2. Understanding the challenges with Kubernetes observability
      1. Exploring the Kubernetes metrics
    3. Learning site reliability best practices
    4. Monitoring, metrics, and visualization
      1. Installing the Prometheus stack on Kubernetes
      2. Monitoring applications with Grafana
    5. Logging and tracing
      1. Installing the EFK stack on Kubernetes
    6. Summary
    7. Further reading
  15. Chapter 10: Operating and Maintaining Efficient Kubernetes Clusters
    1. Technical requirements
    2. Learning about cluster maintenance and upgrades
      1. Upgrading kubectl
      2. Upgrading the Kubernetes control plane
      3. Upgrading Kubernetes components
      4. Upgrading Kubernetes worker nodes
    3. Preparing for backups and disaster recovery
      1. Installing Velero on Kubernetes
      2. Taking a backup of specific resources using Velero
      3. Restoring an application resource from its backup using Velero
    4. Validating cluster quality
      1. Generating compliance reports
      2. Managing and improving the cost of cluster resources
    5. Summary
    6. Further reading
    7. Why subscribe?
  16. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think

Product information

  • Title: Kubernetes in Production Best Practices
  • Author(s): Aly Saleh, Murat Karslioglu
  • Release date: March 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781800202450