دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش:
نویسندگان: Swapnil Dubey. Mandar J. Kulkarni
سری:
ناشر: BPB Publications
سال نشر: 2023
تعداد صفحات: 376
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 29 Mb
در صورت تبدیل فایل کتاب Hands-On Kubernetes, Service Mesh and Zero-Trust: Build and manage secure applications using Kubernetes and Istio به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب Hands-On Kubernetes، Service Mesh و Zero-Trust: با استفاده از Kubernetes و Istio برنامه های ایمن بسازید و مدیریت کنید نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
Book Title Inner title Copyright Dedicated About the Authors About the Reviewer Acknowledgements Preface Code Bundle and Coloured Images Piracy Table of Contents Chapter 1: Docker and Kubernetes 101 Introduction Structure Objectives Introduction to Docker Introduction to Kubernetes Kubernetes architecture Principles of immutability, declarative and self-healing Installing Kubernetes Installing Kubernetes locally using Minikube Installing Kubernetes in Docker Kubernetes client Checking the version Checking the status of Kubernetes Master Daemons Listing all worker nodes and describing the worker node Strategies to validate cluster quality Cost-efficiency as measure of quality Conclusion Points to remember Multiple choice questions Answers Chapter 2: PODs Introduction Structure Objectives Concept of Pods CRUD operations on Pods Creating and running Pods Listing Pods Deleting Pods Accessing PODs Accessing via port forwarding Running commands inside PODs using exec Accessing logs Managing resources Resource requests: Minimum and maximum limits to PODs Data persistence Internal: Using data volumes with PODs External: Data on remote disks Health checks Startup probe Liveness probe Readiness probe POD security Pod Security Standards Pod Security Admissions Conclusion Points to remember Questions Answers Chapter 3: HTTP Load Balancing with Ingress Introduction Structure Objectives Networking 101 Configuring Kubeproxy Configuring container network interfaces Ingress specifications and Ingress controller Effective Ingress usage Utilizing hostnames Utilizing paths Advanced Ingress Running and managing multiple Ingress controllers Ingress and namespaces Path rewriting Serving TLS Alternate implementations API gateways Need for API gateways Securing network Securing via network policies Securing via third-party tool Best practices for securing a network Conclusion Points to remember Multiple choice questions Answers Questions Chapter 4: Kubernetes Workload Resources Introduction Structure Objectives ReplicaSets Designing ReplicaSets Creating ReplicaSets Inspecting ReplicaSets Scaling ReplicaSets Deleting ReplicaSets Deployments Creating deployments Managing deployments Updating deployments Deployment strategies Monitoring deployment status Deleting deployments DaemonSets Creating DaemonSets Restricting DaemonSets to specific nodes Updating DaemonSets Deleting DaemonSets Kubernetes Jobs Jobs Job patterns Pod and container failures Cleaning up finished jobs automatically CronJobs Conclusion Points to remember Questions Answers Chapter 5: ConfigMap, Secrets, and Labels Introduction Structure Objectives ConfigMap Creating ConfigMap Consuming ConfigMaps Secrets Creating Secrets Consuming Secrets Managing ConfigMaps and Secrets Listing Creating Updating Applying and modifying labels Labels selectors Equality-based selector Set-based selectors Role of labels in Kubernetes architecture Defining annotations Conclusion Points to remember Questions Answers Chapter 6: Configuring Storage with Kubernetes Introduction Structure Objectives Storage provisioning in Kubernetes Volumes Persistent Volumes and Persistent Volume claims Storage class Using StorageClass for dynamic provisioning StatefulSets Properties of StatefulSets Volume claim templates Headless service Installing MongoDB on Kubernetes using StatefulSets Disaster recovery Container storage interface Conclusion Points to remember Questions Answers Chapter 7: Introduction to Service Discovery Introduction Structure Objectives What is service discovery? Client-side discovery pattern Server-side discovery pattern Service registry Registration patterns Self-registration pattern Third-party registration Service discovery in Kubernetes Service discovery using etcd Service discovery in Kubernetes via Kubeproxy and DNS Advance details Endpoints Manual service discovery Cluster IP environment variables Kubeproxy and cluster IPs Conclusion Points to remember Questions Answers Chapter 8: Zero Trust Using Kubernetes Introduction Structure Objectives Kubernetes security challenges Role-based access control (RBAC) Identity Role and role bindings Managing RBAC Aggregating cluster roles User groups for bindings Introduction to Zero Trust Architecture Recommendations for Kubernetes Pod security Recommendations for Kubernetes network security Recommendations for authentication and authorization Recommendations for auditing and threat detection Recommendation for application security practices Zero trust in Kubernetes Identity-based service to service accesses and communication Include secret and certificate management and hardened Kubernetes encryption Enable observability with audits and logging Conclusion Points to remember Questions Answers Chapter 9: Monitoring, Logging and Observability Introduction Structure Objectives Kubernetes observability deep dive Selecting metrics for SLIs Setting SLO Tracking error budgets Creating alerts Probes and uptime checks Pillars of Kubernetes observability Challenges in observability Exploring metrics using Prometheus and Grafana Installing Prometheus and Grafana Pushing custom metrics to Prometheus Creating dashboard on the metrics using Grafana Logging and tracing Logging using Fluentd Tracing with Open Telemetry using Jae Defining a typical SRE process Responsibilities of SRE Incident management Playbook maintenance Drills Selecting monitoring, metrics and visualization tools Conclusion Points to remember Questions Answers Chapter 10: Effective Scaling Introduction Structure Objectives Needs of scaling microservices individually Principles of scaling Challenges of scaling Introduction to auto scaling Types of scaling in K8s Horizontal pod scaling Vertical pod scaling Cluster autoscaling Standard metric scaling Custom Metric scaling Best practices of scaling Conclusion Points to remember Questions Answers Chapter 11: Introduction to Service Mesh and Istio Introduction Structure Objectives Why do you need a Service Mesh? Service discovery Load balancing the traffic Monitoring the traffic between services Collecting metrics Recovering from failure What is a Service Mesh? What is Istio? Istio architecture Data plane Control plane Installing Istio Installation using istioctl Cost of using a Service Mesh Data plane performance and resource consumption Control plane performance and resource consumption Customizing the Istio setup Conclusion Points to remember Questions Answers Chapter 12: Traffic Management Using Istio Introduction Structure Objectives Traffic management via gateways Virtual service and destination rule Controlling Ingress and Egress traffic Shifting traffic between versions Injecting faults for testing Timeouts and retries Circuit breaking Conclusion Points to remember Questions Answers Chapter 13: Observability Using Istio Introduction Structure Objectives Understanding the telemetry flow Sample application and proxy logs Visualizing Service Mesh with Kiali Querying Istio Metrics with Prometheus Monitoring dashboards with Grafana Distributed tracing Conclusion Points to remember Questions Answers Chapter 14: Securing Your Services Using Istio Introduction Structure Objectives Identity Management with Istio Identity verification in TLS Certificate generation process in Istio Authentication with Istio Mutual TLS authentication Secure naming Peer authentication with a sample application Authorization with Istio Service authorization End user authorization Security architecture of Istio Conclusion Points to remember Questions Answers Index Back title