The way developers design, build, and run software has changed significantly with the evolution of microservices and containers. These modern architectures offer new distributed primitives that require a different set of practices than many developers, tech leads, and architects are accustomed to. With this focused guide, Bilgin Ibryam and Roland Huss provide common reusable patterns and principles for designing and implementing cloud native applications on Kubernetes.
Each pattern includes a description of the problem and a Kubernetes-specific solution. All patterns are backed by and demonstrated with concrete code examples. This updated edition is ideal for developers and architects familiar with basic Kubernetes concepts who want to learn how to solve common cloud native challenges with proven design patterns.
You'll explore:
• Foundational patterns covering core principles and practices for building and running container-based cloud native applications
• Behavioral patterns that delve into finer-grained concepts for managing various types of container and platform interactions
• Structural patterns for organizing containers within a Pod for addressing specific use cases
• Configuration patterns that provide insight into how application configurations can be handled in Kubernetes
• Security patterns for hardening the access to cloud native applications running on Kubernetes Advanced patterns covering more complex topics such as operators and autoscaling
Author(s): Bilgin Ibryam, Roland Huss
Edition: 2
Publisher: O'Reilly Media
Year: 2023
Language: English
Commentary: Publisher's PDF
Pages: 390
City: Sebastopol, CA
Tags: Application Development; Kubernetes; Automation; Software Architecture Patterns; Application Security; Cloud-Native Applications; Access Control; Declarative Deployment
Cover
Copyright
Table of Contents
Foreword
Preface
Kubernetes
Design Patterns
How This Book Is Structured
Who This Book Is For
What You Will Learn
What’s New in the Second Edition
Conventions Used in This Book
Using Code Examples
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Chapter 1. Introduction
The Path to Cloud Native
Distributed Primitives
Containers
Pods
Services
Labels
Namespaces
Discussion
More Information
Part I. Foundational Patterns
Chapter 2. Predictable Demands
Problem
Solution
Runtime Dependencies
Resource Profiles
Pod Priority
Project Resources
Capacity Planning
Discussion
More Information
Chapter 3. Declarative Deployment
Problem
Solution
Rolling Deployment
Fixed Deployment
Blue-Green Release
Canary Release
Discussion
More Information
Chapter 4. Health Probe
Problem
Solution
Process Health Checks
Liveness Probes
Readiness Probes
Startup Probes
Discussion
More Information
Chapter 5. Managed Lifecycle
Problem
Solution
SIGTERM Signal
SIGKILL Signal
PostStart Hook
PreStop Hook
Other Lifecycle Controls
Discussion
More Information
Chapter 6. Automated Placement
Problem
Solution
Available Node Resources
Container Resource Demands
Scheduler Configurations
Scheduling Process
Node Affinity
Pod Affinity and Anti-Affinity
Topology Spread Constraints
Taints and Tolerations
Discussion
More Information
Part II. Behavioral Patterns
Chapter 7. Batch Job
Problem
Solution
Discussion
More Information
Chapter 8. Periodic Job
Problem
Solution
Discussion
More Information
Chapter 9. Daemon Service
Problem
Solution
Discussion
More Information
Chapter 10. Singleton Service
Problem
Solution
Out-of-Application Locking
In-Application Locking
Pod Disruption Budget
Discussion
More Information
Chapter 11. Stateless Service
Problem
Solution
Instances
Networking
Storage
Discussion
More Information
Chapter 12. Stateful Service
Problem
Storage
Networking
Identity
Ordinality
Other Requirements
Solution
Storage
Networking
Identity
Ordinality
Other Features
Discussion
More Information
Chapter 13. Service Discovery
Problem
Solution
Internal Service Discovery
Manual Service Discovery
Service Discovery from Outside the Cluster
Application Layer Service Discovery
Discussion
More Information
Chapter 14. Self Awareness
Problem
Solution
Discussion
More Information
Part III. Structural Patterns
Chapter 15. Init Container
Problem
Solution
Discussion
More Information
Chapter 16. Sidecar
Problem
Solution
Discussion
More Information
Chapter 17. Adapter
Problem
Solution
Discussion
More Information
Chapter 18. Ambassador
Problem
Solution
Discussion
More Information
Part IV. Configuration Patterns
Chapter 19. EnvVar Configuration
Problem
Solution
Discussion
More Information
Chapter 20. Configuration Resource
Problem
Solution
Discussion
More Information
Chapter 21. Immutable Configuration
Problem
Solution
Docker Volumes
Kubernetes Init Containers
OpenShift Templates
Discussion
More Information
Chapter 22. Configuration Template
Problem
Solution
Discussion
More Information
Part V. Security Patterns
Chapter 23. Process Containment
Problem
Solution
Running Containers with a Non-Root User
Restricting Container Capabilities
Avoiding a Mutable Container Filesystem
Enforcing Security Policies
Discussion
More Information
Chapter 24. Network Segmentation
Problem
Solution
Network Policies
Authorization Policies
Discussion
More Information
Chapter 25. Secure Configuration
Problem
Solution
Out-of-Cluster Encryption
Centralized Secret Management
Discussion
More Information
Chapter 26. Access Control
Problem
Solution
Authentication
Authorization
Admission Controllers
Subject
Role-Based Access Control
Discussion
More Information
Part VI. Advanced Patterns
Chapter 27. Controller
Problem
Solution
Discussion
More Information
Chapter 28. Operator
Problem
Solution
Custom Resource Definitions
Controller and Operator Classification
Operator Development and Deployment
Example
Discussion
More Information
Chapter 29. Elastic Scale
Problem
Solution
Manual Horizontal Scaling
Horizontal Pod Autoscaling
Vertical Pod Autoscaling
Cluster Autoscaling
Scaling Levels
Discussion
More Information
Chapter 30. Image Builder
Problem
Solution
Container Image Builder
Build Orchestrators
Build Pod
OpenShift Build
Discussion
More Information
Afterword
What We Covered
Final Words
Index
About the Authors
Colophon
