Managing Kubernetes: Operating Kubernetes Clusters in the Real World
185Managing Kubernetes: Operating Kubernetes Clusters in the Real World
185Paperback
-
PICK UP IN STORECheck Availability at Nearby Stores
Available within 2 business hours
Related collections and offers
Overview
Brendan Burns, cofounder of Kubernetes, and Craig Tracey, staff field engineer at Heptio, dissect how Kubernetes works internally and demonstrate ways to maintain, adjust, and improve the cluster to suit your particular use case. You’ll learn how to make architectural choices for designing a cluster, managing access control, monitoring and alerting, and upgrading Kubernetes. Dive in and discover how to take full advantage of this orchestration framework’s capabilities.
- Learn how your cluster operates, how developers use it to deploy applications, and how Kubernetes can facilitate a developer’s job
- Adjust, secure, and tune your cluster by understanding Kubernetes APIs and configuration options
- Detect cluster-level problems early and learn the steps necessary to respond and recover quickly
- Determine how and when to add libraries, tools, and platforms that build on, extend, or otherwise improve a Kubernetes cluster
Product Details
ISBN-13: | 9781492033912 |
---|---|
Publisher: | O'Reilly Media, Incorporated |
Publication date: | 12/03/2018 |
Pages: | 185 |
Sales rank: | 523,610 |
Product dimensions: | 6.90(w) x 9.10(h) x 0.50(d) |
About the Author
For the last 20 years Craig Tracey has helped build the infrastructure that powers the Internet. In this time he has had the opportunity to develop everything from kernel device drivers, to massive-scale cloud storage services, and even a few distributed compute platforms. Now as a Software Engineer turned Field Engineer at Heptio, he helps organizations accelerate their adoption of Kubernetes by teaching the principles of cloud native architectures through code.
Based in Boston, Massachusetts, in his free time, Craig loves playing hockey and exploring Europe. Craig holds a BS in Computer Science from Providence College.
Table of Contents
Preface ix
1 Introduction 1
How the Cluster Operates 2
Adjust, Secure, and Tune the Cluster 3
Responding When Things Go Wrong 3
Extending the System with New and Custom Functionality 4
Summary 5
2 An Overview of Kubernetes 7
Containers 7
Container Orchestration 9
The Kubernetes API 10
Basic Objects: Pods, ReplicaSets, and Services 10
Organizing Your Cluster with Namespaces, Labels, and Annotations 14
Advanced Concepts: Deployments, Ingress, and StatefulSets 15
Batch Workloads: Job and Scheduledjob 18
Cluster Agents and Utilities: DaemonSets 18
Summary 18
3 Kubernetes Architecture 21
Concepts 21
Declarative Configuration 21
Reconciliation or Controllers 22
Implicit or Dynamic Grouping 23
Structure 25
Unix Philosophy of Many Components 25
API-Driven Interactions 25
Components 26
Head Node Components 26
Components On All Nodes 28
Scheduled Components 29
Summary 30
4 The Kubernetes API Server 31
Basic Characteristics for Manageability 31
Pieces of the API Server 31
API Management 32
API Paths 32
API Discovery 33
OpenAPI Spec Serving 36
API Translation 37
Request Management 38
Types of Requests 38
Life of a Request 39
API Server Internals 46
CRD Control Loop 46
Debugging the API Server 46
Basic Logs 47
Audit Logs 47
Activating Additional Logs 47
Debugging kubectl Requests 48
Summary 48
5 Scheduler 49
An Overview of Scheduling 49
Scheduling Process 50
Predicates 50
Priorities 50
High-Level Algorithm 51
Conflicts 52
Controlling Scheduling with Labels, Affinity, Taints, and Tolerations 53
Node Selectors 53
Node Affinity 54
Taints and Tolerations 56
Summary 57
6 Installing Kubernetes 59
Kubeadm 59
Requirements 60
Kubelet 61
Installing the Control Plane 62
Kubeadm Configuration 63
Preflight Checks 64
Certificates 65
etcd 65
Kubeconfig 67
Taints 68
Installing Worker Nodes 68
Add-Ons 69
Phases 70
High Availability 70
Upgrades 71
Summary 73
7 Authentication and User Management 75
Users 76
Authentication 77
Kubeconfig 85
Service Accounts 87
Summary 89
8 Authorization 91
REST 91
Authorization 92
Role-Based Access Control 93
Role and ClusterRole 94
RoleBinding and ClusterRoleBinding 96
Testing Authorization 98
Summary 99
9 Admission Control 101
Configuration 102
Common Controllers 102
PodSecurityPolicies 102
ResourceQuota 104
LimitRange 106
Dynamic Admission Controllers 107
Validating Admission Controllers 108
Mutating Admission Controllers 110
Summary 113
10 Networking 115
Container Network Interface 115
Choosing a Plug-in 117
Kube-proxy 117
Service Discovery 119
DNS 119
Environment Variables 120
Network Policy 121
Service Mesh 123
Summary 124
11 Monitoring Kubernetes 127
Goals for Monitoring 127
Differences Between Logging and Monitoring 129
Building a Monitoring Stack 129
Getting Data from Your Cluster and Applications 129
Aggregating Metrics and Logs from Multiple Sources 131
Storing Data for Retrieval and Querying 133
Visualizing and Interacting with Your Data 134
What to Monitor? 134
Monitoring Machines 135
Monitoring Kubernetes 136
Monitoring Applications 136
Blackbox Monitoring 137
Streaming Logs 138
Alerting 138
Summary 139
12 Disaster Recovery 141
High Availability 141
State 142
Application Data 142
Persistent Volumes 143
Local Data 143
Worker Nodes 143
etcd 144
Ark 145
Summary 146
13 Extending Kubernetes 149
Kubernetes Extension Points 149
Cluster Daemons 150
Use Cases for Cluster Daemons 150
Installing a Cluster Daemon 151
Operational Considerations for Cluster Daemons 151
Hands-On: Example of Creating a Cluster Daemon 152
Cluster Assistants 152
Use Cases for Cluster Assistants 153
Installing a Cluster Assistant 153
Operational Considerations for Cluster Assistants 154
Hands-On: Example of Cluster Assistants 154
Extending the Life Cycle of the API Server 155
Use Cases for Extending the API Life Cycle 155
Installing API Life Cycle Extensions 156
Operational Considerations for Life Cycle Extensions 156
Hands-On: Example of Life Cycle Extensions 156
Adding Custom APIs to Kubernetes 158
Use Cases for Adding New APIs 158
Custom Resource Definitions and Aggregated API Servers 159
Architecture for Custom Resource Definitions 160
Installing Custom Resource Definitions 160
Operational Considerations for Custom Resources 161
Summary 161
14 Conclusions 163
Index 165