Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Title Page
Copyright
Getting Started with Containerization
About Packt
Why subscribe?
Packt.com
Contributors
About the authors
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Get in touch
Reviews
What Are Containers and Why Should I Use Them?
Technical requirements
What are containers?
Why are containers important?
What's the benefit for me or for my company?
The Moby project
Docker products
Docker CE
Docker EE
The container ecosystem
Container architecture
Summary
Questions
Further reading
Setting up a Working Environment
Technical requirements
The Linux command shell
PowerShell for Windows
Using a package manager
Installing Homebrew on a Mac
Installing Chocolatey on Windows
Choosing a code editor
Docker Toolbox
Docker for Mac and Docker for Windows
Installing Docker for Mac
Installing Docker for Windows
Using docker-machine on Windows with Hyper-V
Minikube
Installing Minikube on Mac and Windows
Testing Minikube and kubectl
Summary
Questions
Further reading
Working with Containers
Technical requirements
Running the first container
Starting, stopping, and removing containers
Running a random quotes container
Listing containers
Stopping and starting containers
Removing containers
Inspecting containers
Exec into a running container
Attaching to a running container
Retrieving container logs
Logging drivers
Using a container-specific logging driver
Advanced topic – changing the default logging driver
Anatomy of containers
Architecture
Namespaces
Control groups (cgroups)
Union filesystem (UnionFS)
Container plumbing
Runc
Containerd
Summary
Questions
Further reading
Creating and Managing Container Images
What are images?
The layered filesystem
The writable container layer
Copy-on-write
Graph drivers
Creating images
Interactive image creation
Using Dockerfiles
The FROM keyword
The RUN keyword
The COPY and ADD keywords
The WORKDIR keyword
The CMD and ENTRYPOINT keywords
A complex Dockerfile
Building an image
Multistep builds
Dockerfile best practices
Saving and loading images
Sharing or shipping images
Tagging an image
Image namespaces
Official images
Pushing images to a registry
Summary
Questions
Further reading
Data Volumes and System Management
Technical requirements
Creating and mounting data volumes
Modifying the container layer
Creating volumes
Mounting a volume
Removing volumes
Sharing data between containers
Using host volumes
Defining volumes in images
Obtaining Docker system information
Listing resource consumption
Pruning unused resources
Pruning containers
Pruning images
Pruning volumes
Pruning networks
Pruning everything
Consuming Docker system events
Summary
Questions
Further reading
Distributed Application Architecture
What is a distributed application architecture?
Defining the terminology
Patterns and best practices
Loosely coupled components
Stateful versus stateless
Service discovery
Routing
Load balancing
Defensive programming
Retries
Logging
Error handling
Redundancy
Health checks
Circuit breaker pattern
Running in production
Logging
Tracing
Monitoring
Application updates
Rolling updates
Blue-green deployments
Canary releases
Irreversible data changes
Rollback
Summary
Questions
Further reading
Single-Host Networking
Technical requirements
The container network model
Network firewalling
The bridge network
The host network
The null network
Running in an existing network namespace
Port management
Summary
Questions
Further reading
Docker Compose
Demystifying declarative versus imperative
Running a multi-service app
Scaling a service
Building and pushing an application
Summary
Questions
Further reading
Orchestrators
What are orchestrators and why do we need them?
The tasks of an orchestrator
Reconciling the desired state
Replicated and global services
Service discovery
Routing
Load balancing
Scaling
Self-healing
Zero downtime deployments
Affinity and location awareness
Security
Secure communication and cryptographic node identity
Secure networks and network policies
Role-based access control (RBAC)
Secrets
Content trust
Reverse uptime
Introspection
Overview of popular orchestrators
Kubernetes
Docker Swarm
Apache Mesos and Marathon
Amazon ECS
Microsoft ACS
Summary
Questions
Further reading
Introduction to Docker Swarm
Architecture
Swarm nodes
Swarm managers
Swarm workers
Stacks, services, and tasks
Services
Task
Stack
Multi-host networking
Creating a Docker Swarm
Creating a local single node swarm
Creating a local swarm in VirtualBox or Hyper-V
Using Play with Docker (PWD) to generate a Swarm
Creating a Docker Swarm in the cloud
Deploying a first application
Creating a service
Inspecting the service and its tasks
Logs of a service
Reconciling the desired state
Deleting a service or a stack
Deploying a multi-service stack
The swarm routing mesh
Summary
Questions
Further reading
Zero Downtime Deployments and Secrets
Zero downtime deployment
Popular deployment strategies
Rolling updates
Health checks
Rollback
Blue–green deployments
Canary releases
Secrets
Creating secrets
Using a secret
Simulating secrets in a development environment
Secrets and legacy applications
Updating secrets
Summary
Questions
Further reading
Building Your Own Kubernetes Cluster
Introduction
Exploring the Kubernetes architecture
Getting ready
How to do it...
Kubernetes master
API server (kube-apiserver)
Scheduler (kube-scheduler)
Controller manager (kube-controller-manager)
Command-line interface (kubectl)
Kubernetes node
kubelet
Proxy (kube-proxy)
How it works...
etcd
Kubernetes network
See also
Setting up the Kubernetes cluster on macOS by minikube
Getting ready
How to do it...
How it works...
See also
Setting up the Kubernetes cluster on Windows by minikube
Getting ready
How to do it...
How it works...
See also
Setting up the Kubernetes cluster on Linux via kubeadm
Getting ready
How to do it...
Package installation
Ubuntu
CentOS
System configuration prerequisites
CentOS system settings
Booting up the service
Network configurations for containers
Getting a node involved
How it works...
See also
Setting up the Kubernetes cluster on Linux via Ansible (kubespray)
Getting ready
Installing pip
Installing Ansible
Installing python-netaddr
Setting up ssh public key authentication
How to do it...
Maintaining the Ansible inventory
Running the Ansible ad hoc command to test your environment
Ansible troubleshooting
Need to specify a sudo password
Need to specify different ssh logon user
Need to change ssh port
Common ansible issue
How it works...
See also
Running your first container in Kubernetes
Getting ready
How to do it...
Running a HTTP server (nginx)
Exposing the port for external access
Stopping the application
How it works…
See also
Walking through Kubernetes Concepts
Introduction
An overview of Kubernetes
Linking Pods and containers
Getting ready
How to do it...
How it works...
See also
Managing Pods with ReplicaSets
Getting ready
How to do it...
Creating a ReplicaSet
Getting the details of a ReplicaSet
Changing the configuration of a ReplicaSet
Deleting a ReplicaSet
How it works...
There's more...
See also
Deployment API
Getting ready
How to do it...
How it works...
Using kubectl set to update the container image
Updating the YAML and using kubectl apply
See also
Working with Services
Getting ready
How to do it...
Creating a Service for different resources
Creating a Service for a Pod
Creating a Service for a Deployment with an external IP
Creating a Service for an Endpoint without a selector
Creating a Service for another Service with session affinity
Deleting a Service
How it works...
There's more...
See also
Working with volumes
Getting ready
How to do it...
emptyDir
hostPath
NFS
glusterfs
downwardAPI
gitRepo
There's more...
PersistentVolumes
Using storage classes
gcePersistentDisk
awsElasticBlockStore
See also
Working with Secrets
Getting ready
How to do it...
Creating a Secret
Working with kubectl create command line
From a file
From a directory
From a literal value
Via configuration file
Using Secrets in Pods
By environment variables
By volumes
Deleting a Secret
How it works...
There's more...
Using ConfigMaps
Mounting Secrets and ConfigMap in the same volume
Working with names
Getting ready
How to do it...
How it works...
See also
Working with Namespaces
Getting ready
How to do it...
Creating a Namespace
Changing the default Namespace
Deleting a Namespace
How it works…
There's more...
Creating a LimitRange
Deleting a LimitRange
See also
Working with labels and selectors
Getting ready
How to do it...
How it works...
Equality-based label selector
Set-based label selector
There's more...
Linking Service to Pods or ReplicaSets using label selectors
Linking Deployment to ReplicaSet using the set-based selector
See also
Playing with Containers
Introduction
Scaling your containers
Getting ready
How to do it...
Scale up and down manually with the kubectl scale command
Horizontal Pod Autoscaler (HPA)
How it works...
There is more…
See also
Updating live containers
Getting ready
How to do it...
Deployment update strategy – rolling-update
Rollback the update
Deployment update strategy – recreate
How it works...
There's more...
See also
Forwarding container ports
Getting ready
How to do it...
Container-to-container communication
Pod-to-Pod communication
Working with NetworkPolicy
Pod-to-Service communication
External-to-internal communication
Working with Ingress
There's more...
See also
Ensuring flexible usage of your containers
Getting ready
How to do it...
Pod as DaemonSets
Running a stateful Pod
How it works...
Pod recovery by DaemonSets
Pod recovery by StatefulSet
There's more...
See also
Submitting Jobs on Kubernetes
Getting ready
How to do it...
Pod as a single Job
Create a repeatable Job
Create a parallel Job
Schedule to run Job using CronJob
How it works...
See also
Working with configuration files
Getting ready
YAML
JSON
How to do it...
How it works...
Pod
Deployment
Service
See also
Building High-Availability Clusters
Introduction
Clustering etcd
Getting ready
How to do it...
Static mechanism
Discovery mechanism
kubeadm
kubespray
Kops
Building multiple masters
Getting ready
How to do it...
Setting up the first master
Setting up the other master with existing certifications
Adding nodes in a HA cluster
How it works...
See also
Building Continuous Delivery Pipelines
Introduction
Moving monolithic to microservices
Getting ready
How to do it...
Microservices
Frontend WebUI
How it works...
Microservices
Frontend WebUI
Working with the private Docker registry
Getting ready
Using Kubernetes to run a Docker registry server
Using Amazon elastic container registry
Using Google cloud registry
How to do it...
Launching a private registry server using Kubernetes
Creating a self-signed SSL certificate
Creating HTTP secret
Creating the HTTP basic authentication file
Creating a Kubernetes secret to store security files
Configuring a private registry to load a Kubernetes secret
Create a repository on the AWS elastic container registry
Determining your repository URL on Google container registry
How it works...
Push and pull an image from your private registry
Push and pull an image from Amazon ECR
Push and pull an image from Google cloud registry
Using gcloud to wrap the Docker command
Using the GCP service account to grant a long-lived credential
Integrating with Jenkins
Getting ready
How to do it...
Setting up a custom Jenkins image
Setting up Kubernetes service account and ClusterRole
Launching the Jenkins server via Kubernetes deployment
How it works...
Using Jenkins to build a Docker image
Deploying the latest container image to Kubernetes
Building Kubernetes on AWS
Introduction
Playing with Amazon Web Services
Getting ready
Creating an IAM user
Installing AWS CLI on macOS
Installing AWS CLI on Windows
How to do it...
How it works...
Creating VPC and Subnets
Internet gateway
NAT-GW
Security group
EC2
Setting up Kubernetes with kops
Getting ready
How to do it...
How it works...
Working with kops-built AWS cluster
Deleting kops-built AWS cluster
See also
Using AWS as Kubernetes Cloud Provider
Getting ready
How to do it...
Elastic load balancer as LoadBalancer service
Elastic Block Store as StorageClass
There's more...
Managing Kubernetes cluster on AWS by kops
Getting ready
How to do it...
Modifying and resizing instance groups
Updating nodes
Updating masters
Upgrading a cluster
There's more...
See also
Advanced Cluster Administration
Introduction
Advanced settings in kubeconfig
Getting ready
How to do it...
Setting new credentials
Setting new clusters
Setting contexts and changing current-context
Cleaning up kubeconfig
There's more...
See also
Setting resources in nodes
Getting ready
How to do it...
Configuring a BestEffort pod
Configuring a Guaranteed pod
Configuring a Burstable pod
How it works...
See also
Playing with WebUI
Getting ready
How to do it...
Relying on the dashboard created by minikube
Creating a dashboard manually on a system using other booting tools
How it works...
Browsing your resource by dashboard
Deploying resources by dashboard
Removing resources by dashboard
See also
Working with the RESTful API
Getting ready
How to do it...
How it works...
There's more...
See also
Working with Kubernetes DNS
Getting ready
How to do it...
DNS for pod
DNS for Kubernetes Service
DNS for StatefulSet
How it works...
Headless service when pods scale out
See also
Authentication and authorization
Getting ready
How to do it...
Authentication
Service account token authentication
X509 client certs
OpenID connect tokens
Authorization
Role and RoleBinding
ClusterRole and ClusterRoleBinding
Role-based access control (RBAC)
Admission control
NamespaceLifecycle
LimitRanger
ServiceAccount
PersistentVolumeLabel (deprecated from v1.8)
DefaultStorageClass
DefaultTolerationSeconds
ResourceQuota
DenyEscalatingExec
AlwaysPullImages
There's more…
Initializers (alpha)
Webhook admission controllers (beta in v1.9)
See also
Other Books You May Enjoy
Leave a review - let other readers know what you think
← Prev
Back
Next →
← Prev
Back
Next →