دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Production Kubernetes
دانلود کتاب تولید Kubernetes
مشخصات کتاب
Production Kubernetes
ویرایش: نویسندگان: Josh Rosso, Rich Lander, Alex Brand, John Harris سری: ISBN (شابک) : 9781492092308 ناشر: O'Reilly Media, Inc. سال نشر: 2021 تعداد صفحات: زبان: English فرمت فایل : EPUB (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) حجم فایل: 8 Mb
قیمت کتاب (تومان) : 34,000
در صورت تبدیل فایل کتاب Production Kubernetes به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب تولید Kubernetes نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی در مورد کتاب تولید Kubernetes
Kubernetes به ارکستراتور کانتینر غالب تبدیل شده است، اما بسیاری از سازمانهایی که اخیراً این سیستم را پذیرفتهاند هنوز برای اجرای بارهای کاری واقعی تلاش میکنند. در این کتاب کاربردی، چهار مهندس نرمافزار از VMware تجربیات مشترک خود را با اجرای Kubernetes در تولید ارائه میکنند و بینشی در مورد چالشهای کلیدی و بهترین شیوهها ارائه میدهند. درخشش Kubernetes این است که این سیستم تا چه حد قابل تنظیم و توسعه است، از زمان اجراهای قابل اتصال گرفته تا ادغام های ذخیره سازی. برای مهندسان پلت فرم، توسعه دهندگان نرم افزار، infosec، مهندسان شبکه، مهندسان ذخیره سازی، و دیگران، این کتاب به بررسی چگونگی مسیر موفقیت با Kubernetes شامل انواع فناوری، الگو و ملاحظات انتزاعی می پردازد. با این کتاب، میتوانید: بفهمید که مسیر تولید هنگام استفاده از Kubernetes چگونه است. بررسی کنید که در استراتژی Kubernetes فعلی شما شکافهایی وجود دارد. روش های بهتری برای پیمایش در چشم انداز بومی ابر بیاموزید
توضیحاتی درمورد کتاب به خارجی
Kubernetes has become the dominant container orchestrator, but many organizations that have recently adopted this system are still struggling to run actual production workloads. In this practical book, four software engineers from VMware bring their shared experiences running Kubernetes in production and provide insight on key challenges and best practices. The brilliance of Kubernetes is how configurable and extensible the system is, from pluggable runtimes to storage integrations. For platform engineers, software developers, infosec, network engineers, storage engineers, and others, this book examines how the path to success with Kubernetes involves a variety of technology, pattern, and abstraction considerations. With this book, you will: Understand what the path to production looks like when using Kubernetes Examine where gaps exist in your current Kubernetes strategy Learn Kubernetes's essential building blocks--and their trade-offs Understand what's involved in making Kubernetes a viable location for applications Learn better ways to navigate the cloud native landscape
فهرست مطالب
Cover Copyright Table of Contents Foreword Preface Conventions Used in This Book Using Code Examples O’Reilly Online Learning How to Contact Us Acknowledgments Chapter 1. A Path to Production Defining Kubernetes The Core Components Beyond Orchestration—Extended Functionality Kubernetes Interfaces Summarizing Kubernetes Defining Application Platforms The Spectrum of Approaches Aligning Your Organizational Needs Summarizing Application Platforms Building Application Platforms on Kubernetes Starting from the Bottom The Abstraction Spectrum Determining Platform Services The Building Blocks Summary Chapter 2. Deployment Models Managed Service Versus Roll Your Own Managed Services Roll Your Own Making the Decision Automation Prebuilt Installer Custom Automation Architecture and Topology etcd Deployment Models Cluster Tiers Node Pools Cluster Federation Infrastructure Bare Metal Versus Virtualized Cluster Sizing Compute Infrastructure Networking Infrastructure Automation Strategies Machine Installations Configuration Management Machine Images What to Install Containerized Components Add-ons Upgrades Platform Versioning Plan to Fail Integration Testing Strategies Triggering Mechanisms Summary Chapter 3. Container Runtime The Advent of Containers The Open Container Initiative OCI Runtime Specification OCI Image Specification The Container Runtime Interface Starting a Pod Choosing a Runtime Docker containerd CRI-O Kata Containers Virtual Kubelet Summary Chapter 4. Container Storage Storage Considerations Access Modes Volume Expansion Volume Provisioning Backup and Recovery Block Devices and File and Object Storage Ephemeral Data Choosing a Storage Provider Kubernetes Storage Primitives Persistent Volumes and Claims Storage Classes The Container Storage Interface (CSI) CSI Controller CSI Node Implementing Storage as a Service Installation Exposing Storage Options Consuming Storage Resizing Snapshots Summary Chapter 5. Pod Networking Networking Considerations IP Address Management Routing Protocols Encapsulation and Tunneling Workload Routability IPv4 and IPv6 Encrypted Workload Traffic Network Policy Summary: Networking Considerations The Container Networking Interface (CNI) CNI Installation CNI Plug-ins Calico Cilium AWS VPC CNI Multus Additional Plug-ins Summary Chapter 6. Service Routing Kubernetes Services The Service Abstraction Endpoints Service Implementation Details Service Discovery DNS Service Performance Ingress The Case for Ingress The Ingress API Ingress Controllers and How They Work Ingress Traffic Patterns Choosing an Ingress Controller Ingress Controller Deployment Considerations DNS and Its Role in Ingress Handling TLS Certificates Service Mesh When (Not) to Use a Service Mesh The Service Mesh Interface (SMI) The Data Plane Proxy Service Mesh on Kubernetes Data Plane Architecture Adopting a Service Mesh Summary Chapter 7. Secret Management Defense in Depth Disk Encryption Transport Security Application Encryption The Kubernetes Secret API Secret Consumption Models Secret Data in etcd Static-Key Encryption Envelope Encryption External Providers Vault Cyberark Injection Integration CSI Integration Secrets in the Declarative World Sealing Secrets Sealed Secrets Controller Key Renewal Multicluster Models Best Practices for Secrets Always Audit Secret Interaction Don’t Leak Secrets Prefer Volumes Over Environment Variables Make Secret Store Providers Unknown to Your Application Summary Chapter 8. Admission Control The Kubernetes Admission Chain In-Tree Admission Controllers Webhooks Configuring Webhook Admission Controllers Webhook Design Considerations Writing a Mutating Webhook Plain HTTPS Handler Controller Runtime Centralized Policy Systems Summary Chapter 9. Observability Logging Mechanics Container Log Processing Kubernetes Audit Logs Kubernetes Events Alerting on Logs Security Implications Metrics Prometheus Long-Term Storage Pushing Metrics Custom Metrics Organization and Federation Alerts Showback and Chargeback Metrics Components Distributed Tracing OpenTracing and OpenTelemetry Tracing Components Application Instrumentation Service Meshes Summary Chapter 10. Identity User Identity Authentication Methods Implementing Least Privilege Permissions for Users Application/Workload Identity Shared Secrets Network Identity Service Account Tokens (SAT) Projected Service Account Tokens (PSAT) Platform Mediated Node Identity Summary Chapter 11. Building Platform Services Points of Extension Plug-in Extensions Webhook Extensions Operator Extensions The Operator Pattern Kubernetes Controllers Custom Resources Operator Use Cases Platform Utilities General-Purpose Workload Operators App-Specific Operators Developing Operators Operator Development Tooling Data Model Design Logic Implementation Extending the Scheduler Predicates and Priorities Scheduling Policies Scheduling Profiles Multiple Schedulers Custom Scheduler Summary Chapter 12. Multitenancy Degrees of Isolation Single-Tenant Clusters Multitenant Clusters The Namespace Boundary Multitenancy in Kubernetes Role-Based Access Control (RBAC) Resource Quotas Admission Webhooks Resource Requests and Limits Network Policies Pod Security Policies Multitenant Platform Services Summary Chapter 13. Autoscaling Types of Scaling Application Architecture Workload Autoscaling Horizontal Pod Autoscaler Vertical Pod Autoscaler Autoscaling with Custom Metrics Cluster Proportional Autoscaler Custom Autoscaling Cluster Autoscaling Cluster Overprovisioning Summary Chapter 14. Application Considerations Deploying Applications to Kubernetes Templating Deployment Manifests Packaging Applications for Kubernetes Ingesting Configuration and Secrets Kubernetes ConfigMaps and Secrets Obtaining Configuration from External Systems Handling Rescheduling Events Pre-stop Container Life Cycle Hook Graceful Container Shutdown Satisfying Availability Requirements State Probes Liveness Probes Readiness Probes Startup Probes Implementing Probes Pod Resource Requests and Limits Resource Requests Resource Limits Application Logs What to Log Unstructured Versus Structured Logs Contextual Information in Logs Exposing Metrics Instrumenting Applications USE Method RED Method The Four Golden Signals App-Specific Metrics Instrumenting Services for Distributed Tracing Initializing the Tracer Creating Spans Propagate Context Summary Chapter 15. Software Supply Chain Building Container Images The Golden Base Images Antipattern Choosing a Base Image Runtime User Pinning Package Versions Build Versus Runtime Image Cloud Native Buildpacks Image Registries Vulnerability Scanning Quarantine Workflow Image Signing Continuous Delivery Integrating Builds into a Pipeline Push-Based Deployments Rollout Patterns GitOps Summary Chapter 16. Platform Abstractions Platform Exposure Self-Service Onboarding The Spectrum of Abstraction Command-Line Tooling Abstraction Through Templating Abstracting Kubernetes Primitives Making Kubernetes Invisible Summary Index About the Authors Colophon
