Kubernetes and Docker - An Enterprise Guide
暫譯: Kubernetes 與 Docker - 企業指南

Surovich, Scott, Boorshtein, Marc

Kubernetes and Docker - An Enterprise Guide

相關主題

商品描述

Apply Kubernetes beyond the basics of Kubernetes clusters by implementing IAM using OIDC and Active Directory, Layer 4 load balancing using MetalLB, advanced service integration, security, auditing, and CI/CD

Key Features

  • Find out how to add enterprise features to a Kubernetes cluster with theory and exercises to guide you
  • Understand advanced topics including load balancing, externalDNS, IDP integration, security, auditing, backup, and CI/CD
  • Create development clusters for unique testing requirements, including running multiple clusters on a single server to simulate an enterprise environment

Book Description

Containerization has changed the DevOps game completely, with Docker and Kubernetes playing important roles in altering the flow of app creation and deployment. This book will help you acquire the knowledge and tools required to integrate Kubernetes clusters in an enterprise environment.

The book begins by introducing you to Docker and Kubernetes fundamentals, including a review of basic Kubernetes objects. You'll then get to grips with containerization and understand its core functionalities, including how to create ephemeral multinode clusters using kind. As you make progress, you'll learn about cluster architecture, Kubernetes cluster deployment, and cluster management, and get started with application deployment. Moving on, you'll find out how to integrate your container to a cloud platform and integrate tools including MetalLB, externalDNS, OpenID connect (OIDC), pod security policies (PSPs), Open Policy Agent (OPA), Falco, and Velero. Finally, you will discover how to deploy an entire platform to the cloud using continuous integration and continuous delivery (CI/CD).

By the end of this Kubernetes book, you will have learned how to create development clusters for testing applications and Kubernetes components, and be able to secure and audit a cluster by implementing various open-source solutions including OpenUnison, OPA, Falco, Kibana, and Velero.

What you will learn

  • Create a multinode Kubernetes cluster using kind
  • Implement Ingress, MetalLB, and ExternalDNS
  • Configure a cluster OIDC using impersonation
  • Map enterprise authorization to Kubernetes
  • Secure clusters using PSPs and OPA
  • Enhance auditing using Falco and EFK
  • Back up your workload for disaster recovery and cluster migration
  • Deploy to a platform using Tekton, GitLab, and ArgoCD

Who this book is for

This book is for anyone interested in DevOps, containerization, and going beyond basic Kubernetes cluster deployments. DevOps engineers, developers, and system administrators looking to enhance their IT career paths will also find this book helpful. Although some prior experience with Docker and Kubernetes is recommended, this book includes a Kubernetes bootcamp that provides a description of Kubernetes objects to help you if you are new to the topic or need a refresher.

商品描述(中文翻譯)

**超越 Kubernetes 集群基礎的應用,實作 IAM 使用 OIDC 和 Active Directory、使用 MetalLB 的第 4 層負載平衡、高級服務整合、安全性、審計及 CI/CD**

#### 主要特點

- 瞭解如何透過理論和練習為 Kubernetes 集群添加企業功能
- 理解包括負載平衡、externalDNS、IDP 整合、安全性、審計、備份和 CI/CD 等高級主題
- 為獨特的測試需求創建開發集群,包括在單一伺服器上運行多個集群以模擬企業環境

#### 書籍描述

容器化徹底改變了 DevOps 的遊戲,Docker 和 Kubernetes 在應用程式創建和部署流程中扮演了重要角色。本書將幫助您獲得在企業環境中整合 Kubernetes 集群所需的知識和工具。

本書首先介紹 Docker 和 Kubernetes 的基本概念,包括基本 Kubernetes 物件的回顧。接著,您將掌握容器化並理解其核心功能,包括如何使用 kind 創建短暫的多節點集群。隨著進展,您將學習集群架構、Kubernetes 集群部署和集群管理,並開始應用程式的部署。接下來,您將了解如何將容器整合到雲平台,並整合包括 MetalLB、externalDNS、OpenID connect (OIDC)、pod security policies (PSPs)、Open Policy Agent (OPA)、Falco 和 Velero 等工具。最後,您將發現如何使用持續整合和持續交付 (CI/CD) 將整個平台部署到雲端。

在本書結束時,您將學會如何為測試應用程式和 Kubernetes 元件創建開發集群,並能夠通過實施各種開源解決方案(包括 OpenUnison、OPA、Falco、Kibana 和 Velero)來保護和審計集群。

#### 您將學到的內容

- 使用 kind 創建多節點 Kubernetes 集群
- 實作 Ingress、MetalLB 和 ExternalDNS
- 使用模擬配置集群 OIDC
- 將企業授權映射到 Kubernetes
- 使用 PSPs 和 OPA 來保護集群
- 使用 Falco 和 EFK 增強審計
- 為災難恢復和集群遷移備份工作負載
- 使用 Tekton、GitLab 和 ArgoCD 部署到平台

#### 本書適合誰

本書適合任何對 DevOps、容器化以及超越基本 Kubernetes 集群部署感興趣的人。希望提升 IT 職業生涯的 DevOps 工程師、開發人員和系統管理員也會發現本書有幫助。雖然建議具備一些 Docker 和 Kubernetes 的先前經驗,但本書包含 Kubernetes 營隊訓練,提供 Kubernetes 物件的描述,以幫助您如果對此主題不熟悉或需要複習。

目錄大綱

Table of Contents

  1. Docker and Containers Essentials
  2. Working with Docker Data
  3. Understanding Docker Networking
  4. Deploying Kubernetes using Kind
  5. Kubernetes Bootcamp
  6. Services, Load Balancing, and External DNS
  7. Integrating Authentication into your Cluster
  8. RBAC Policies and Auditing
  9. Deploying a Secured Kubernetes Dashboard
  10. Creating Pod Security Policies
  11. Extending Security using Open Policy Agent
  12. Auditing using Falco and EFK
  13. Backing up Workloads
  14. Provisioning a Platform

目錄大綱(中文翻譯)

Table of Contents


  1. Docker and Containers Essentials

  2. Working with Docker Data

  3. Understanding Docker Networking

  4. Deploying Kubernetes using Kind

  5. Kubernetes Bootcamp

  6. Services, Load Balancing, and External DNS

  7. Integrating Authentication into your Cluster

  8. RBAC Policies and Auditing

  9. Deploying a Secured Kubernetes Dashboard

  10. Creating Pod Security Policies

  11. Extending Security using Open Policy Agent

  12. Auditing using Falco and EFK

  13. Backing up Workloads

  14. Provisioning a Platform

類似商品