Download or read book Learn Kubernetes Security written by Kaizhe Huang and published by Packt Publishing Ltd. This book was released on 2020-07-09 with total page 330 pages. Available in PDF, EPUB and Kindle. Book excerpt: Secure your container environment against cyberattacks and deliver robust deployments with this practical guide Key FeaturesExplore a variety of Kubernetes components that help you to prevent cyberattacksPerform effective resource management and monitoring with Prometheus and built-in Kubernetes toolsLearn techniques to prevent attackers from compromising applications and accessing resources for crypto-coin miningBook Description Kubernetes is an open source orchestration platform for managing containerized applications. Despite widespread adoption of the technology, DevOps engineers might be unaware of the pitfalls of containerized environments. With this comprehensive book, you'll learn how to use the different security integrations available on the Kubernetes platform to safeguard your deployments in a variety of scenarios. Learn Kubernetes Security starts by taking you through the Kubernetes architecture and the networking model. You'll then learn about the Kubernetes threat model and get to grips with securing clusters. Throughout the book, you'll cover various security aspects such as authentication, authorization, image scanning, and resource monitoring. As you advance, you'll learn about securing cluster components (the kube-apiserver, CoreDNS, and kubelet) and pods (hardening image, security context, and PodSecurityPolicy). With the help of hands-on examples, you'll also learn how to use open source tools such as Anchore, Prometheus, OPA, and Falco to protect your deployments. By the end of this Kubernetes book, you'll have gained a solid understanding of container security and be able to protect your clusters from cyberattacks and mitigate cybersecurity threats. What you will learnUnderstand the basics of Kubernetes architecture and networkingGain insights into different security integrations provided by the Kubernetes platformDelve into Kubernetes' threat modeling and security domainsExplore different security configurations from a variety of practical examplesGet to grips with using and deploying open source tools to protect your deploymentsDiscover techniques to mitigate or prevent known Kubernetes hacksWho this book is for This book is for security consultants, cloud administrators, system administrators, and DevOps engineers interested in securing their container deployments. If you're looking to secure your Kubernetes clusters and cloud-based deployments, you'll find this book useful. A basic understanding of cloud computing and containerization is necessary to make the most of this book.

Download or read book Kubernetes Security and Observability written by Brendan Creane and published by "O'Reilly Media, Inc.". This book was released on 2021-10-26 with total page 201 pages. Available in PDF, EPUB and Kindle. Book excerpt: Securing, observing, and troubleshooting containerized workloads on Kubernetes can be daunting. It requires a range of considerations, from infrastructure choices and cluster configuration to deployment controls and runtime and network security. With this practical book, you'll learn how to adopt a holistic security and observability strategy for building and securing cloud native applications running on Kubernetes. Whether you're already working on cloud native applications or are in the process of migrating to its architecture, this guide introduces key security and observability concepts and best practices to help you unleash the power of cloud native applications. Authors Brendan Creane and Amit Gupta from Tigera take you through the full breadth of new cloud native approaches for establishing security and observability for applications running on Kubernetes. Learn why you need a security and observability strategy for cloud native applications and determine your scope of coverage Understand key concepts behind the book's security and observability approach Explore the technology choices available to support this strategy Discover how to share security responsibilities across multiple teams or roles Learn how to architect Kubernetes security and observability for multicloud and hybrid environments

Download or read book Cloud Native DevOps with Kubernetes written by John Arundel and published by "O'Reilly Media, Inc.". This book was released on 2019-03-08 with total page 347 pages. Available in PDF, EPUB and Kindle. Book excerpt: Kubernetes is the operating system of the cloud native world, providing a reliable and scalable platform for running containerized workloads. In this friendly, pragmatic book, cloud experts John Arundel and Justin Domingus show you what Kubernetes can do—and what you can do with it. You’ll learn all about the Kubernetes ecosystem, and use battle-tested solutions to everyday problems. You’ll build, step by step, an example cloud native application and its supporting infrastructure, along with a development environment and continuous deployment pipeline that you can use for your own applications. Understand containers and Kubernetes from first principles; no experience necessary Run your own clusters or choose a managed Kubernetes service from Amazon, Google, and others Use Kubernetes to manage resource usage and the container lifecycle Optimize clusters for cost, performance, resilience, capacity, and scalability Learn the best tools for developing, testing, and deploying your applications Apply the latest industry practices for security, observability, and monitoring Adopt DevOps principles to help make your development teams lean, fast, and effective

Download or read book Container Security written by Liz Rice and published by O'Reilly Media. This book was released on 2020-04-06 with total page 201 pages. Available in PDF, EPUB and Kindle. Book excerpt: To facilitate scalability and resilience, many organizations now run applications in cloud native environments using containers and orchestration. But how do you know if the deployment is secure? This practical book examines key underlying technologies to help developers, operators, and security professionals assess security risks and determine appropriate solutions. Author Liz Rice, Chief Open Source Officer at Isovalent, looks at how the building blocks commonly used in container-based systems are constructed in Linux. You'll understand what's happening when you deploy containers and learn how to assess potential security risks that could affect your deployments. If you run container applications with kubectl or docker and use Linux command-line tools such as ps and grep, you're ready to get started. Explore attack vectors that affect container deployments Dive into the Linux constructs that underpin containers Examine measures for hardening containers Understand how misconfigurations can compromise container isolation Learn best practices for building container images Identify container images that have known software vulnerabilities Leverage secure connections between containers Use security tooling to prevent attacks on your deployment

Download or read book Kubernetes and Docker An Enterprise Guide written by Scott Surovich and published by Packt Publishing Ltd. This book was released on 2020-11-06 with total page 526 pages. Available in PDF, EPUB and Kindle. Book excerpt: Apply Kubernetes beyond the basics of Kubernetes clusters by implementing IAM using OIDC and Active Directory, Layer 4 load balancing using MetalLB, advanced service integration, security, auditing, and CI/CD Key Features Find out how to add enterprise features to a Kubernetes cluster with theory and exercises to guide you Understand advanced topics including load balancing, externalDNS, IDP integration, security, auditing, backup, and CI/CD Create development clusters for unique testing requirements, including running multiple clusters on a single server to simulate an enterprise environment Book DescriptionContainerization has changed the DevOps game completely, with Docker and Kubernetes playing important roles in altering the flow of app creation and deployment. This book will help you acquire the knowledge and tools required to integrate Kubernetes clusters in an enterprise environment. The book begins by introducing you to Docker and Kubernetes fundamentals, including a review of basic Kubernetes objects. You’ll then get to grips with containerization and understand its core functionalities, including how to create ephemeral multinode clusters using kind. As you make progress, you’ll learn about cluster architecture, Kubernetes cluster deployment, and cluster management, and get started with application deployment. Moving on, you’ll find out how to integrate your container to a cloud platform and integrate tools including MetalLB, externalDNS, OpenID connect (OIDC), pod security policies (PSPs), Open Policy Agent (OPA), Falco, and Velero. Finally, you will discover how to deploy an entire platform to the cloud using continuous integration and continuous delivery (CI/CD). By the end of this Kubernetes book, you will have learned how to create development clusters for testing applications and Kubernetes components, and be able to secure and audit a cluster by implementing various open-source solutions including OpenUnison, OPA, Falco, Kibana, and Velero.What you will learn Create a multinode Kubernetes cluster using kind Implement Ingress, MetalLB, and ExternalDNS Configure a cluster OIDC using impersonation Map enterprise authorization to Kubernetes Secure clusters using PSPs and OPA Enhance auditing using Falco and EFK Back up your workload for disaster recovery and cluster migration Deploy to a platform using Tekton, GitLab, and ArgoCD Who this book is for This book is for anyone interested in DevOps, containerization, and going beyond basic Kubernetes cluster deployments. DevOps engineers, developers, and system administrators looking to enhance their IT career paths will also find this book helpful. Although some prior experience with Docker and Kubernetes is recommended, this book includes a Kubernetes bootcamp that provides a description of Kubernetes objects to help you if you are new to the topic or need a refresher.

Download or read book Cloud Native Security written by Chris Binnie and published by John Wiley & Sons. This book was released on 2021-06-18 with total page 365 pages. Available in PDF, EPUB and Kindle. Book excerpt: Explore the latest and most comprehensive guide to securing your Cloud Native technology stack Cloud Native Security delivers a detailed study into minimizing the attack surfaces found on today’s Cloud Native infrastructure. Throughout the work hands-on examples walk through mitigating threats and the areas of concern that need to be addressed. The book contains the information that professionals need in order to build a diverse mix of the niche knowledge required to harden Cloud Native estates. The book begins with more accessible content about understanding Linux containers and container runtime protection before moving on to more advanced subject matter like advanced attacks on Kubernetes. You’ll also learn about: Installing and configuring multiple types of DevSecOps tooling in CI/CD pipelines Building a forensic logging system that can provide exceptional levels of detail, suited to busy containerized estates Securing the most popular container orchestrator, Kubernetes Hardening cloud platforms and automating security enforcement in the cloud using sophisticated policies Perfect for DevOps engineers, platform engineers, security professionals and students, Cloud Native Security will earn a place in the libraries of all professionals who wish to improve their understanding of modern security challenges.

Download or read book The Kubernetes Book written by Nigel Poulton (Telecommunications engineer) and published by . This book was released on 2022 with total page 302 pages. Available in PDF, EPUB and Kindle. Book excerpt: Containers have revolutionised the way we package and run applications. However, like most things, containers come with a bunch of challenges. This is where Kubernetes comes into play. Kubernetes helps you deploy and manage containerised applications at scale. It also abstracts the underlying infrastructure so that you don't need to care if you're deploying applications to Amazon Web Services, Microsoft Azure, or your own on-premises datacenter. With Kubernetes, you can develop applications on your laptop, deploy to your favourite cloud platform, migrate to a different cloud platform, and even migrate to your on-premises datacenters. Finally, Kubernetes and cloud technologies are developing fast! That's why this book will be updated every year, meaning it's always up-to-date with the latest versions of Kubernetes and the latest trends in the cloud-native ecosystem. --

Download or read book Hacking Kubernetes written by Andrew Martin and published by "O'Reilly Media, Inc.". This book was released on 2021-10-13 with total page 331 pages. Available in PDF, EPUB and Kindle. Book excerpt: Want to run your Kubernetes workloads safely and securely? This practical book provides a threat-based guide to Kubernetes security. Each chapter examines a particular component's architecture and potential default settings and then reviews existing high-profile attacks and historical Common Vulnerabilities and Exposures (CVEs). Authors Andrew Martin and Michael Hausenblas share best-practice configuration to help you harden clusters from possible angles of attack. This book begins with a vanilla Kubernetes installation with built-in defaults. You'll examine an abstract threat model of a distributed system running arbitrary workloads, and then progress to a detailed assessment of each component of a secure Kubernetes system. Understand where your Kubernetes system is vulnerable with threat modelling techniques Focus on pods, from configurations to attacks and defenses Secure your cluster and workload traffic Define and enforce policy with RBAC, OPA, and Kyverno Dive deep into sandboxing and isolation techniques Learn how to detect and mitigate supply chain attacks Explore filesystems, volumes, and sensitive information at rest Discover what can go wrong when running multitenant workloads in a cluster Learn what you can do if someone breaks in despite you having controls in place

Download or read book Microservices Security in Action written by Wajjakkara Kankanamge Anthony Nuwan Dias and published by Simon and Schuster. This book was released on 2020-07-11 with total page 614 pages. Available in PDF, EPUB and Kindle. Book excerpt: ”A complete guide to the challenges and solutions in securing microservices architectures.” —Massimo Siani, FinDynamic Key Features Secure microservices infrastructure and code Monitoring, access control, and microservice-to-microservice communications Deploy securely using Kubernetes, Docker, and the Istio service mesh. Hands-on examples and exercises using Java and Spring Boot Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. Microservices Security in Action teaches you how to address microservices-specific security challenges throughout the system. This practical guide includes plentiful hands-on exercises using industry-leading open-source tools and examples using Java and Spring Boot. About The Book Design and implement security into your microservices from the start. Microservices Security in Action teaches you to assess and address security challenges at every level of a Microservices application, from APIs to infrastructure. You’ll find effective solutions to common security problems, including throttling and monitoring, access control at the API gateway, and microservice-to-microservice communication. Detailed Java code samples, exercises, and real-world business use cases ensure you can put what you’ve learned into action immediately. What You Will Learn Microservice security concepts Edge services with an API gateway Deployments with Docker, Kubernetes, and Istio Security testing at the code level Communications with HTTP, gRPC, and Kafka This Book Is Written For For experienced microservices developers with intermediate Java skills. About The Author Prabath Siriwardena is the vice president of security architecture at WSO2. Nuwan Dias is the director of API architecture at WSO2. They have designed secure systems for many Fortune 500 companies. Table of Contents PART 1 OVERVIEW 1 Microservices security landscape 2 First steps in securing microservices PART 2 EDGE SECURITY 3 Securing north/south traffic with an API gateway 4 Accessing a secured microservice via a single-page application 5 Engaging throttling, monitoring, and access control PART 3 SERVICE-TO-SERVICE COMMUNICATIONS 6 Securing east/west traffic with certificates 7 Securing east/west traffic with JWT 8 Securing east/west traffic over gRPC 9 Securing reactive microservices PART 4 SECURE DEPLOYMENT 10 Conquering container security with Docker 11 Securing microservices on Kubernetes 12 Securing microservices with Istio service mesh PART 5 SECURE DEVELOPMENT 13 Secure coding practices and automation

Download or read book Mastering Kubernetes written by Gigi Sayfan and published by Packt Publishing Ltd. This book was released on 2017-05-25 with total page 426 pages. Available in PDF, EPUB and Kindle. Book excerpt: Master the art of container management utilizing the power of Kubernetes. About This Book This practical guide demystifies Kubernetes and ensures that your clusters are always available, scalable, and up to date Discover new features such as autoscaling, rolling updates, resource quotas, and cluster size Master the skills of designing and deploying large clusters on various cloud platforms Who This Book Is For The book is for system administrators and developers who have intermediate level of knowledge with Kubernetes and are now waiting to master its advanced features. You should also have basic networking knowledge. This advanced-level book provides a pathway to master Kubernetes. What You Will Learn Architect a robust Kubernetes cluster for long-time operation Discover the advantages of running Kubernetes on GCE, AWS, Azure, and bare metal See the identity model of Kubernetes and options for cluster federation Monitor and troubleshoot Kubernetes clusters and run a highly available Kubernetes Create and configure custom Kubernetes resources and use third-party resources in your automation workflows Discover the art of running complex stateful applications in your container environment Deliver applications as standard packages In Detail Kubernetes is an open source system to automate the deployment, scaling, and management of containerized applications. If you are running more than just a few containers or want automated management of your containers, you need Kubernetes. This book mainly focuses on the advanced management of Kubernetes clusters. It covers problems that arise when you start using container orchestration in production. We start by giving you an overview of the guiding principles in Kubernetes design and show you the best practises in the fields of security, high availability, and cluster federation. You will discover how to run complex stateful microservices on Kubernetes including advanced features as horizontal pod autoscaling, rolling updates, resource quotas, and persistent storage back ends. Using real-world use cases, we explain the options for network configuration and provides guidelines on how to set up, operate, and troubleshoot various Kubernetes networking plugins. Finally, we cover custom resource development and utilization in automation and maintenance workflows. By the end of this book, you'll know everything you need to know to go from intermediate to advanced level. Style and approach Delving into the design of the Kubernetes platform, the reader will be exposed to the advanced features and best practices of Kubernetes. This book will be an advanced level book which will provide a pathway to master Kubernetes

Download or read book Software Engineering at Google written by Titus Winters and published by O'Reilly Media. This book was released on 2020-02-28 with total page 602 pages. Available in PDF, EPUB and Kindle. Book excerpt: Today, software engineers need to know not only how to program effectively but also how to develop proper engineering practices to make their codebase sustainable and healthy. This book emphasizes this difference between programming and software engineering. How can software engineers manage a living codebase that evolves and responds to changing requirements and demands over the length of its life? Based on their experience at Google, software engineers Titus Winters and Hyrum Wright, along with technical writer Tom Manshreck, present a candid and insightful look at how some of the world’s leading practitioners construct and maintain software. This book covers Google’s unique engineering culture, processes, and tools and how these aspects contribute to the effectiveness of an engineering organization. You’ll explore three fundamental principles that software organizations should keep in mind when designing, architecting, writing, and maintaining code: How time affects the sustainability of software and how to make your code resilient over time How scale affects the viability of software practices within an engineering organization What trade-offs a typical engineer needs to make when evaluating design and development decisions

Download or read book Kubernetes Patterns written by Bilgin Ibryam and published by O'Reilly Media. This book was released on 2019-04-09 with total page 267 pages. Available in PDF, EPUB and Kindle. Book excerpt: The way developers design, build, and run software has changed significantly with the evolution of microservices and containers. These modern architectures use new primitives that require a different set of practices than most developers, tech leads, and architects are accustomed to. With this focused guide, Bilgin Ibryam and Roland Huß from Red Hat provide common reusable elements, patterns, principles, and practices for designing and implementing cloud-native applications on Kubernetes. Each pattern includes a description of the problem and a proposed solution with Kubernetes specifics. Many patterns are also backed by concrete code examples. This book is ideal for developers already familiar with basic Kubernetes concepts who want to learn common cloud native patterns. You’ll learn about the following pattern categories: Foundational patterns cover the core principles and practices for building container-based cloud-native applications. Behavioral patterns explore finer-grained concepts for managing various types of container and platform interactions. Structural patterns help you organize containers within a pod, the atom of the Kubernetes platform. Configuration patterns provide insight into how application configurations can be handled in Kubernetes. Advanced patterns covers more advanced topics such as extending the platform with operators.

Download or read book Security Automation with Ansible 2 written by Madhu Akula and published by Packt Publishing Ltd. This book was released on 2017-12-13 with total page 359 pages. Available in PDF, EPUB and Kindle. Book excerpt: Automate security-related tasks in a structured, modular fashion using the best open source automation tool available About This Book Leverage the agentless, push-based power of Ansible 2 to automate security tasks Learn to write playbooks that apply security to any part of your system This recipe-based guide will teach you to use Ansible 2 for various use cases such as fraud detection, network security, governance, and more Who This Book Is For If you are a system administrator or a DevOps engineer with responsibility for finding loop holes in your system or application, then this book is for you. It's also useful for security consultants looking to automate their infrastructure's security model. What You Will Learn Use Ansible playbooks, roles, modules, and templating to build generic, testable playbooks Manage Linux and Windows hosts remotely in a repeatable and predictable manner See how to perform security patch management, and security hardening with scheduling and automation Set up AWS Lambda for a serverless automated defense Run continuous security scans against your hosts and automatically fix and harden the gaps Extend Ansible to write your custom modules and use them as part of your already existing security automation programs Perform automation security audit checks for applications using Ansible Manage secrets in Ansible using Ansible Vault In Detail Security automation is one of the most interesting skills to have nowadays. Ansible allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat. We'll start by covering various popular modules and writing simple playbooks to showcase those modules. You'll see how this can be applied over a variety of platforms and operating systems, whether they are Windows/Linux bare metal servers or containers on a cloud platform. Once the bare bones automation is in place, you'll learn how to leverage tools such as Ansible Tower or even Jenkins to create scheduled repeatable processes around security patching, security hardening, compliance reports, monitoring of systems, and so on. Moving on, you'll delve into useful security automation techniques and approaches, and learn how to extend Ansible for enhanced security. While on the way, we will tackle topics like how to manage secrets, how to manage all the playbooks that we will create and how to enable collaboration using Ansible Galaxy. In the final stretch, we'll tackle how to extend the modules of Ansible for our use, and do all the previous tasks in a programmatic manner to get even more powerful automation frameworks and rigs. Style and approach This comprehensive guide will teach you to manage Linux and Windows hosts remotely in a repeatable and predictable manner. The book takes an in-depth approach and helps you understand how to set up complicated stacks of software with codified and easy-to-share best practices.

Download or read book Kubernetes Up and Running written by Kelsey Hightower and published by "O'Reilly Media, Inc.". This book was released on 2017-09-07 with total page 275 pages. Available in PDF, EPUB and Kindle. Book excerpt: Legend has it that Google deploys over two billion application containers a week. How’s that possible? Google revealed the secret through a project called Kubernetes, an open source cluster orchestrator (based on its internal Borg system) that radically simplifies the task of building, deploying, and maintaining scalable distributed systems in the cloud. This practical guide shows you how Kubernetes and container technology can help you achieve new levels of velocity, agility, reliability, and efficiency. Authors Kelsey Hightower, Brendan Burns, and Joe Beda—who’ve worked on Kubernetes at Google and other organizatons—explain how this system fits into the lifecycle of a distributed application. You will learn how to use tools and APIs to automate scalable distributed systems, whether it is for online services, machine-learning applications, or a cluster of Raspberry Pi computers. Explore the distributed system challenges that Kubernetes addresses Dive into containerized application development, using containers such as Docker Create and run containers on Kubernetes, using the docker image format and container runtime Explore specialized objects essential for running applications in production Reliably roll out new software versions without downtime or errors Get examples of how to develop and deploy real-world applications in Kubernetes

Download or read book Certified Kubernetes Application Developer CKAD Study Guide written by Benjamin Muschko and published by "O'Reilly Media, Inc.". This book was released on 2021-02-02 with total page 199 pages. Available in PDF, EPUB and Kindle. Book excerpt: Developers with the ability to operate, troubleshoot, and monitor applications in Kubernetes are in high demand today. To meet this need, the Cloud Native Computing Foundation created a certification exam to establish a developer's credibility and value in the job market to work in a Kubernetes environment. The Certified Kubernetes Application Developer (CKAD) exam is different from the typical multiple-choice format of other certifications. Instead, the CKAD is a performance-based exam that requires deep knowledge of the tasks under immense time pressure. This study guide walks you through all the topics you need to fully prepare for the exam. Author Benjamin Muschko also shares his personal experience with preparing for all aspects of the exam. Learn when and how to apply Kubernetes concepts to manage an application Understand the objectives, abilities, tips, and tricks needed to pass the CKAD exam Explore the ins and outs of the kubectl command-line tool Demonstrate competency for performing the responsibilities of a Kubernetes application developer Solve real-world Kubernetes problems in a hands-on command-line environment Navigate and solve questions during the CKAD exam

Download or read book OpenShift in Action written by John Osborne and published by Simon and Schuster. This book was released on 2018-05-04 with total page 457 pages. Available in PDF, EPUB and Kindle. Book excerpt: Summary OpenShift in Action is a full reference to Red Hat OpenShift that breaks down this robust container platform so you can use it day-to-day. Combining Docker and Kubernetes, OpenShift is a powerful platform for cluster management, scaling, and upgrading your enterprise apps. It doesn't matter why you use OpenShift—by the end of this book you'll be able to handle every aspect of it, inside and out! Foreword by Jim Whitehurst, Red Hat. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology Containers let you package everything into one neat place, and with Red Hat OpenShift you can build, deploy, and run those packages all in one place! Combining Docker and Kubernetes, OpenShift is a powerful platform for cluster management, scaling, and upgrading your enterprise apps. About the Book OpenShift in Action is a full reference to Red Hat OpenShift that breaks down this robust container platform so you can use it day-to-day. Starting with how to deploy and run your first application, you'll go deep into OpenShift. You'll discover crystal-clear explanations of namespaces, cgroups, and SELinux, learn to prepare a cluster, and even tackle advanced details like software-defined networks and security, with real-world examples you can take to your own work. It doesn't matter why you use OpenShift—by the end of this book you'll be able to handle every aspect of it, inside and out! What's Inside Written by lead OpenShift architects Rock-solid fundamentals of Docker and Kubernetes Keep mission-critical applications up and running Manage persistent storage About the Reader For DevOps engineers and administrators working in a Linux-based distributed environment. About the Authors Jamie Duncan is a cloud solutions architect for Red Hat, focusing on large-scale OpenShift deployments. John Osborne is a principal OpenShift architect for Red Hat. Table of Contents PART 1 - FUNDAMENTALS Getting to know OpenShift Getting started Containers are Linux PART 2 - CLOUD-NATIVE APPLICATIONS Working with services Autoscaling with metrics Continuous integration and continuous deployment PART 3 - STATEFUL APPLICATIONS Creating and managing persistent storage Stateful applications PART 4 - OPERATIONS AND SECURITY Authentication and resource access Networking Security

Download or read book Core Kubernetes written by Jay Vyas and published by Simon and Schuster. This book was released on 2022-07-26 with total page 334 pages. Available in PDF, EPUB and Kindle. Book excerpt: Take a deep dive into Kubernetes inner components and discover what really powers a Kubernetes cluster. This in-depth guide shines a light on Kubernetes' murky internals, to help you better plan cloud native architectures and ensure the reliability of your systems. In Core Kubernetes you will learn about: Kubernetes base components Kubernetes networking Storage and the Container Storage Interface External load balancing and ingress Kubernetes security Different ways of creating a Kubernetes cluster Configuring Kubernetes to use a GPU To build and operate reliable Kubernetes-based systems, you need to understand what’s going on below the surface. Core Kubernetes is an in-depth guide to Kubernetes’ internal workings written by Kubernetes contributors Chris Love and Jay Vyas. It’s packed with experience-driven insights and advanced techniques you won’t find anywhere else. You’ll understand the unique security concerns of container-based applications, minimize costly unused capacity, and get pro tips for maximizing performance. Diagrams, labs, and hands-on examples ensure that the complex ideas are easy to understand and practical to apply. About the technology Real-world Kubernetes deployments are messy. Even small configuration errors or design problems can bring your system to its knees. In the real world, it pays to know how each component works so you can quickly troubleshoot, reset, and get on to the next challenge. This one-of-a-kind book includes the details, hard-won advice, and pro tips to keep your Kubernetes apps up and running. About the book This book is a tour of Kubernetes under the hood, from managing iptables to setting up dynamically scaled clusters that respond to changes in load. Every page will give you new insights on setting up and managing Kubernetes and dealing with inevitable curveballs. Core Kubernetes is a comprehensive reference guide to maintaining Kubernetes deployments in production. What's inside Kubernetes base components Storage and the Container Storage Interface Kubernetes security Different ways of creating a Kubernetes cluster Details about the control plane, networking, and other core components About the reader For intermediate Kubernetes developers and administrators. About the author Jay Vyas and Chris Love are seasoned Kubernetes developers. Table of Contents 1 Why Kubernetes exists 2 Why the Pod? 3 Let’s build a Pod 4 Using cgroups for processes in our Pods 5 CNIS and providing the Pod with a network 6 Troubleshooting large-scale network errors 7 Pod storage and the CSI 8 Storage implementation and modeling 9 Running Pods: How the kubelet works 10 DNS in Kubernetes 11 The core of the control plane 12 etcd and the control plane 13 Container and Pod security 14 Nodes and Kubernetes security 15 Installing applications