Selling your CTO on the merits of OpenShift and Kubernetes is only the beginning. To operate and scale OpenShift, you also need to know how to manage and expose resources to application teams and continuously deliver changes to the applications running in these environments. With this practical book, new and experienced developers and operators will learn specific techniques for operationalizing OpenShift and Kubernetes in the enterprise.
Industry experts Michael Elder, Jake Kitchener, and Brad Topol show you how to run OpenShift and Kubernetes in production and deliver your applications to a highly available, secure, and scalable platform. You'll learn how to build a strong foundation in advanced cluster operational topics, such as tenancy management, scheduling and capacity management, cost management, continuous delivery, and more.
• Examine the fundamental concepts of Kubernetes architecture
• Get different Kubernetes and OpenShift environments up and running
• Dive into advanced resource management topics, including capacity planning
• Learn how to support high availability inside a single cluster
• Use production-level approaches for continuous delivery and code promotion across clusters
• Explore hybrid cloud use cases, including multicluster provisioning, upgrading, and policy support
• Devise and deliver disaster recovery strategies
Author(s): Michael Elder, Jake Kitchener, Brad Topol
Edition: 1
Publisher: O'Reilly Media
Year: 2021
Language: English
Commentary: Vector PDF
Pages: 274
City: Sebastopol, CA
Tags: Cloud Computing; Web Applications; Clusters; Continuous Delivery; Kubernetes; OpenShift
Cover
Copyright
Table of Contents
Foreword
Preface
Why We Wrote This Book
Who This Book Is For
How This Book Is Organized
Conventions Used in This Book
Using Code Examples
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Chapter 1. Kubernetes and OpenShift Overview
Kubernetes: Cloud Infrastructure for Orchestrating Containerized Applications
CNCF Accelerates the Growth of the Kubernetes Ecosystem
OpenShift: Red Hat’s Distribution of Kubernetes
Benefits of OpenShift for Developers
Benefits of OpenShift for IT Operations
Summary
Chapter 2. Getting Started with OpenShift and Kubernetes
Kubernetes Architecture
Deployment Options for Kubernetes and OpenShift
Red Hat’s CodeReady Containers
IBM Cloud
OpenShift Deployment Options
Kubernetes and OpenShift Command-Line Tools
Kubernetes Fundamentals
What’s a Pod?
How Do I Describe What’s in My Pod?
Deployments
Running the Pod and Deployment Examples in Production on OpenShift
Service Accounts
OpenShift Enhancements
Authentication
Projects
Applications
Security Context Constraints
Image Streams
Kubernetes and OpenShift Advanced Topics
Webhooks
Admission Controllers
Role-Based Access Control
Operators
Summary
Chapter 3. Advanced Resource Management
Pod Resources and Scheduling
Driving Scheduler Decisions via Resource Requests
Node Available Resources
Scheduling
Pod Priority and Preemption
Post-Scheduling Pod Life Cycle
Pod Quality of Service
Pod QoS Levels
Testing Resource Limits
Node Eviction
Capacity Planning and Management
Kubernetes Worker Node Capacity
Kubernetes Master Capacity
Admission Controller Best Practices
Standard Admission Controllers
Admission Webhooks
Summary
Chapter 4. Single Cluster Availability
System Availability
Measuring System Availability
What Is a Highly Available System?
OpenShift and Kubernetes Application and Service Availability
Failure Modes
Application Pod Failure
Worker Node Failure
Worker Zone Failure
Control Plane Failure
Network Failure
Summary
Chapter 5. Continuous Delivery Across Clusters
Helm
Kustomize
Generators
Composition
Patches
Overlays
Direct Deploy of Kustomize-Generated Resource Files
GitOps
Razee
Argo CD
Tekton
Tasks
Pipelines
OpenShift Pipelines
Open Cluster Management Apps
Summary
Chapter 6. Multicluster Fleets: Provision and Upgrade Life Cycles
Why Multicluster?
Use Case: Using Multiple Clusters to Provide Regional Availability for Your Applications
Use Case: Using Multiple Clusters for Multiple Tenants
Use Case: Supporting Far-Edge Use Cases Where Clusters Do Not Run in Traditional Datacenters or Clouds
Architectural Characteristics
Provisioning Across Clouds
User-Managed OpenShift
Upgrading Your Clusters to the Latest Version of Kubernetes
Summary of Multicloud Cluster Provisioning
OpenShift as a Service
Kubernetes as a Service
Operating System Currency for Nodes
Summary
Chapter 7. Multicluster Policy Configuration
Configuring Your Cluster with Operators
Understanding Operators
Example: Container Security Operator
Using Cluster Operators to Manage OpenShift
Example: Configuring the Authentication Operator
OpenShift htpasswd Identity Provider
Policy and Compliance Across Multiple Clusters
Policy Example: Federate a Project Across Your Fleet
PlacementRules to Assign Content to ManagedClusters
Policy Example: Managing etcd Encryption Within ManagedClusters
Policy Example: Managing RBAC Within ManagedClusters
Policy Example: Managing IdPs Within ManagedClusters
Policy Example: Managing Upgrades with Policy Across ManagedClusters
Summary
Chapter 8. Working Example of Multicluster Application Delivery
Failure Is Inevitable
Multicluster Load Balancing
Automating Without Operators
Deploying the Example Application
Configure Your Hub Cluster
Provision an OpenShift Cluster to Host the Open Cluster Management Hub
Configure the Open Cluster Management Hub
Provision Two or More Clusters to Host the Application
Deploy Ansible Tower and the Ansible Resource Operator
Configure Projects for ServiceNow and F5 DNS Load Balancer
Configure the toweraccess Secret and Create the Ansible Tower Token
Deploy the pacman-app Example to Your Cluster
Summary
Chapter 9. The Future of Kubernetes and OpenShift
Increased Migration of Legacy Enterprise Applications to Cloud Native Applications
Increased Adoption of Kubernetes for High Performance Computing
Kubernetes and OpenShift Will Become the De Facto Platforms for Machine Learning and Deep Learning
Open Cloud Marketplaces Will Accelerate Adoption of Cloud Native Applications
OpenShift Will Be the Platform for Enterprise Multicloud
Recommended Resources
IBM Developer Website
Learn OpenShift
Kubernetes Website
Kubernetes IBM Cloud Provider Special Interest Group
Kubernetes Contributor Experience Special Interest Group
Summary
Index
About the Authors
Colophon