What’s New in the Second Edition
The Kubernetes ecosystem has continued to grow since the first edition came out four years ago. As a result, there have been many Kubernetes releases, and more tools and patterns for using Kubernetes have become de facto standards.
Fortunately, most of the patterns described in our book have stood the test of time and remain valid. Therefore, we have updated these patterns, added new features up to Kubernetes 1.26, and removed obsolete and deprecated parts. For the most part, only minor changes were necessary, except for Chapter 29, “Elastic Scale”, and Chapter 30, “Image Builder”, which underwent significant changes due to new developments in these areas.
Additionally, we have included five new patterns and introduced a new category, Part V, “Security Patterns”, which addresses a gap in the first edition and provides important security-related patterns for developers.
Our GitHub examples have been updated and extended. And, lastly, we added 50% more content for our readers to enjoy.
Kubernetes Patterns
The way developers design, build, and run software has changed significantly with the evolution of microservices and containers. These modern architectures offer new distributed primitives that require a different set of practices than many developers, tech leads, and architects are accustomed to. With this focused guide, Bilgin Ibryam and Roland Huß provide common reusable patterns and principles for designing and implementing cloud native applications on Kubernetes.
Each pattern includes a description of the problem and a Kubernetes-specific solution. All patterns are backed by and demonstrated with concrete code examples. This updated edition is ideal for developers and architects who are familiar with basic Kubernetes concepts but want to learn how to solve common cloud native challenges with proven design patterns.
Author(s): Bilgin Ibryam, Roland Huß
Edition: 2
Publisher: O’Reilly Media
Year: 2023
Language: English
Pages: 394
Cover
Red Hat
Copyright
Table of Contents
Foreword
Preface
Kubernetes
Design Patterns
How This Book Is Structured
Who This Book Is For
What You Will Learn
What’s New in the Second Edition
Conventions Used in This Book
Using Code Examples
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Chapter 1. Introduction
The Path to Cloud Native
Distributed Primitives
Containers
Pods
Services
Labels
Namespaces
Discussion
More Information
Part I. Foundational Patterns
Chapter 2. Predictable Demands
Problem
Solution
Runtime Dependencies
Resource Profiles
Pod Priority
Project Resources
Capacity Planning
Discussion
More Information
Chapter 3. Declarative Deployment
Problem
Solution
Rolling Deployment
Fixed Deployment
Blue-Green Release
Canary Release
Discussion
More Information
Chapter 4. Health Probe
Problem
Solution
Process Health Checks
Liveness Probes
Readiness Probes
Startup Probes
Discussion
More Information
Chapter 5. Managed Lifecycle
Problem
Solution
SIGTERM Signal
SIGKILL Signal
PostStart Hook
PreStop Hook
Other Lifecycle Controls
Discussion
More Information
Chapter 6. Automated Placement
Problem
Solution
Available Node Resources
Container Resource Demands
Scheduler Configurations
Scheduling Process
Node Affinity
Pod Affinity and Anti-Affinity
Topology Spread Constraints
Taints and Tolerations
Discussion
More Information
Part II. Behavioral Patterns
Chapter 7. Batch Job
Problem
Solution
Discussion
More Information
Chapter 8. Periodic Job
Problem
Solution
Discussion
More Information
Chapter 9. Daemon Service
Problem
Solution
Discussion
More Information
Chapter 10. Singleton Service
Problem
Solution
Out-of-Application Locking
In-Application Locking
Pod Disruption Budget
Discussion
More Information
Chapter 11. Stateless Service
Problem
Solution
Instances
Networking
Storage
Discussion
More Information
Chapter 12. Stateful Service
Problem
Storage
Networking
Identity
Ordinality
Other Requirements
Solution
Storage
Networking
Identity
Ordinality
Other Features
Discussion
More Information
Chapter 13. Service Discovery
Problem
Solution
Internal Service Discovery
Manual Service Discovery
Service Discovery from Outside the Cluster
Application Layer Service Discovery
Discussion
More Information
Chapter 14. Self Awareness
Problem
Solution
Discussion
More Information
Part III. Structural Patterns
Chapter 15. Init Container
Problem
Solution
Discussion
More Information
Chapter 16. Sidecar
Problem
Solution
Discussion
More Information
Chapter 17. Adapter
Problem
Solution
Discussion
More Information
Chapter 18. Ambassador
Problem
Solution
Discussion
More Information
Part IV. Configuration Patterns
Chapter 19. EnvVar Configuration
Problem
Solution
Discussion
More Information
Chapter 20. Configuration Resource
Problem
Solution
Discussion
More Information
Chapter 21. Immutable Configuration
Problem
Solution
Docker Volumes
Kubernetes Init Containers
OpenShift Templates
Discussion
More Information
Chapter 22. Configuration Template
Problem
Solution
Discussion
More Information
Part V. Security Patterns
Chapter 23. Process Containment
Problem
Solution
Running Containers with a Non-Root User
Restricting Container Capabilities
Avoiding a Mutable Container Filesystem
Enforcing Security Policies
Discussion
More Information
Chapter 24. Network Segmentation
Problem
Solution
Network Policies
Authentication Policies
Discussion
More Information
Chapter 25. Secure Configuration
Problem
Solution
Out-of-Cluster Encryption
Centralized Secret Management
Discussion
More Information
Chapter 26. Access Control
Problem
Solution
Authentication
Authorization
Admission Controllers
Subject
Role-Based Access Control
Discussion
More Information
Part VI. Advanced Patterns
Chapter 27. Controller
Problem
Solution
Discussion
More Information
Chapter 28. Operator
Problem
Solution
Custom Resource Definitions
Controller and Operator Classification
Operator Development and Deployment
Example
Discussion
More Information
Chapter 29. Elastic Scale
Problem
Solution
Manual Horizontal Scaling
Horizontal Pod Autoscaling
Vertical Pod Autoscaling
Cluster Autoscaling
Scaling Levels
Discussion
More Information
Chapter 30. Image Builder
Problem
Solution
Container Image Builder
Build Orchestrators
Build Pod
OpenShift Build
Discussion
More Information
Afterword
What We Covered
Final Words
Index
About the Authors
Colophon
