Index
As this ebook edition doesn't have fixed pagination, the page numbers below are hyperlinked for reference only, based on the printed edition of this book.
A
accessModes, PVC
ReadOnlyMany 117
ReadWriteMany 117
ReadWriteOnce 117
ReadWriteOncePod 117
aggregation layers 86
Alertmanager 203
Alpine 173
Amazon Elastic Block Store (EBS) 64
Amazon Elastic Container Registry
URL 39
Amazon Web Services (AWS) 147, 184
Anchore 66
API Gateway 188
AppArmor 65
application configuration 123
applications
Automotive Grade Linux 24
autoscaling 15, 183, 184, 186, 205
Autoscaling Groups 184
availability zones (AZs) 83, 147, 173, 189
AWS Lambda 188
B
Border Gateway Protocol (BGP) 161
Borgmon 200
Buildah project 23
C
Calico 61
capital expenditure or upfront costs (CAPEX) 26
Ceph 24
Certified Kubernetes Administrator (CKA) 28, 227
Certified Kubernetes Application Developer (CKAD) 28
Certified Kubernetes Security Specialist (CKS) 28, 227
cgroups 41
Chaos Monkey tool 189
Cilium 61
Clair 66
client libraries 84
evolution 6
hybrid 5
private 5
public 5
Cloud Architect 26
Cloud Engineer 27
CloudFormation 219
Cloud Native 182
architectures 182
benefits 183
Cloud Native applications
applications, delivering 211, 212
Cloud Native Computing Foundation (CNCF) 14, 21, 24, 170, 188, 227
community and governance 25
End User Community (EUC) 25
Governing Board (GB) 25
graduated 25
incubating 25
reference link 24
sandbox 24
Technical Oversight Committee (TOC) 25
cloud-native, roles and personas 26, 27
Cloud Architect 26
Cloud Engineer 27
Data Engineer 27
DevOps Engineer 26
DevSecOps Engineer 27
FinOps Engineer 27
Full Stack Developer 27
Site Reliability Engineer (SRE) 27
Cloud Native security
cloud service delivery models
comparison 7
FaaS 6
IaaS 6
PaaS 6
SaaS 6
Cloud Service Providers (CSPs) 8
Cluster Autoscaler 186
cluster-level logging 152
CNAME 130
Comprehensive Perl Archive Network (CPAN) 169
container deployment
versus virtualized deployment 10
container images 9
Container Network Interface (CNI) 61
container orchestration system 12
Container Runtime Interface (CRI) 56
Container Storage Interface (CSI) 64, 116
container technology
container to container communication 162
container types
namespaced 57
sandboxed 57
virtualized 57
Continuous Delivery (CD) 213
Continuous Deployment (CD) 213
Continuous Integration (CI) 213
continuous integration/continuous deployment (CI/CD) 26, 227
control plane nodes 80
API server 80
cloud controller manager 81
cluster data store 81
controller manager 81
scheduler 81
cost management
with FinOps 204
CRC project 90
Custom Resource Definitions (CRDs) 86
D
Daemon 115
use cases 116
Dagda 66
dashboard (kube-dashboard) 84
Data Engineer 27
debugging
applications 151
declarative API 84
Deployment 106
rolling updates, performing with 111-115
development (Dev) 26
DevOps Engineer 26
DevSecOps Engineer 27
direct instrumentation 203
Docker 38
architecture 40
command-line interface (CLI) 38
installing 42
Docker Compose 39
dockerd (Docker daemon) 38
Docker Desktop 39
Docker Engine 38
Dockerfile 47
Docker Hub 39
Docker Registry 39
Dockershim 39
Docker Swarm 39
Domain Name System (DNS) 126
E
East-West traffic 162
Elastic Stack (ELK) 152
ephemeral containers 61
F
feature gates 86
financial (Fin) 27
FinOps 204
cost management 204
FinOps Engineer 27
flannel 61
Fluent Bit 116
Full Stack Developer 27
Function-as-a-Service (FaaS) 6, 7
G
Git 211
IaC 216
merge requests 216
Golang 50
Google Cloud Functions 188
Google Container Registry
URL 39
Google’s Borg 200
Grafana 201
Grafana Loki 152
graphical user interface (GUI) 39
gRPC (Remote Procedure Call) 56
guest VMs 5
gVisor 57
H
v3 architecture 170
Helm chart 169
Helm release 169
Helm repository 169
helper containers 82
high availability (HA) 147
Homebrew formula 169
Horizontal Pod Autoscaler (HPA) 185
versus Vertical Pod Autoscaler (VPA) 186
horizontal scaling 185
HTTP REST calls 84
hybrid cloud 5
Hyper-V 51
I
Infrastructure as a Code (IaC) 218, 219
Infrastructure-as-a-Service (IaaS) 6
infrastructure drift 216
Init Containers 83
IP Address Management (IPAM) 163
IPtables 60
iSCSI 62
J
Jaeger 199
Java 50
K
Kaniko project 23
Kernel-based Virtual Machines (KVMs) 4
Kind 90
Kindnet 164
Knative 88
Kubeless 88
Kubelet 81
Kubernetes 13
architecture 79
automated rollouts and rollbacks 87
automatic bin packing 87
batch execution 87
clusters 15
components 80
control plane nodes 80
development workflow example 89
exploring, with minibuke 91-97
Helm 168
history 13
horizontal scaling 87
installing, with minibuke 90
namespaces 93
objects 89
pod 89
scheduling 141
secret and configuration management 87
self-healing 87
service discovery and load balancing 87
storage orchestration 87
worker nodes 80
Kubernetes and Cloud Native Associate (KCNA) 28
Kubernetes and Cloud Native Associate (KCNA) exam 227
tips 228
Kubernetes API 84
control loops 85
declarative 84
feature life cycle 86
Kubernetes certification path 28, 29
Kubernetes Enhancement Proposal (KEP) 86
Kubernetes event 154
kube-scheduler 142
filtering stage 142
scoring stage 142
KubeVirt 88
Kustomize 170
L
labels 127
least privilege principle 164
Lens 84
Linkerd mesh
automatic retry and timeouts 69
fault injection 69
load balancing 69
traffic splitting 69
Linux DEB package 169
Linux kernel namespaces 41
Linuxkit virtual machine 51
liveness probe 131
M
main container 82
Mercurial 211
microservices 182
minikube
reference link 90
requirements 90
used, for K8s installation 90, 91
modern application lifecycle
benefits 212
modified nginx deployment
creating 120
monolith applications
versus microservices application 10-12
Multus 61
mutually-authenticated Transport Layer Security (mTLS) 68
N
namespaced container 57
namespaces
interprocess communication (IPC) 41
mount namespace 41
network namespace 41
Process ID (PID) namespace 41
UNIX Time-Sharing (UTS) 41
user namespace 41
NetApp Trident 64
Network Address Translation (NAT) 60
Network File System (NFS) 62
network types
bridge 60
host 60
none 60
nodeAffinity 146
nodeAntiAffinity 146
Node.js 50
node logging agents 152
nodes 79
North-South traffic 162
O
observability 196
Octant 84
on-demand capacity model 204
OpenAPI Initiative (OAI) 24
Open Container Initiative (OCI) 22, 39, 57
distribution specification 23
image specification 23
runtime specification 23
OpenFaas 88
open source projects
open source software (OSS) 21, 22
Open Systems Interconnection (OSI) model 70
OpenTelemetry (OTel) 199
operational expenditures or simply speaking running costs (OPEX) 26
operations (Ops) 26
OS-level virtualization 8
Out Of Memory (OOM) error 149
outside world communication 162
overlay network 60
P
PersistentVolumeClaim (PVC) 117
accessModes 117
PersistentVolume (PV) 116, 154
Platform-as-a-Service (PaaS) 6
pod 82
shared memory 83
shared networking 83
shared storage 83
podAffinity 146
podAntiAffinity 146
Podman project 23
pod network 162
pod to pod communication 162
port forwarding 155
POSIX shared memory 83
PostgreSQL 116
preemptible instances 204
private cloud 5
probes 131
liveness 131
readiness 131
startup 131
architecture 202
for alerting 203
Prometheus Exporter 201
public cloud 5
public cloud providers
Amazon Web Services (AWS) 5
Google Cloud Platform (GCP) 5
Microsoft Azure 5
Python 50
Python Package Index (PyPI) 169
Q
Quay
URL 39
R
readiness probe 131
Real-Time Linux 24
ReplicaSet 106
reserved instances 204
resource limit 148
resource request 148
Rightsizing strategy 205
role-based access control (RBAC) 164
ClusterRole 165
ClusterRoleBinding 165
examples 164
Redis instances 169
role 165
RoleBinding 165
ServiceAccount 165
RPM package 169
Ruby 50
S
sandboxed container 57
scaling down 185
scaling in 185
scaling out 185
scaling up 185
scheduling 141
Secure Shell (SSH) protocol 115, 156
Security-Enchanced Linux (SELinux) 65
selectors 127
semantic versioning 212
Service 127
ClusterIP 130
ExternalName 130
LoadBalancer 130
NodePort 130
service abstraction 128
Service concept 96
service-level agreements (SLAs) 27
service-level objectives (SLOs) 27
control plane 69
data plane 69
examples 67
Service Mesh Interface (SMI) 69
shared responsibility model 7
sidecar containers 68
sidecars 82
Site Reliability Engineer (SRE) 27
Software-as-a-Service (SaaS) 6, 7
Special Interest Groups (SIGs) 86
spot instances 204
standard output (stdout) 153
startup probe 132
stateful applications 62
StatefulSet 121
stateful workloads
stateless containers 61
stderr (standard error) 153
storage classes 117
Subversion 211
systemd 82
SystemV semaphores 83
T
telemetry signals
Terraform 218
Time Series Database (TSDB) 200
topology spread constraints 146
Transport Layer Security (TLS) 172
U
unique identifier (UUID) 47
user ID (UID) 49
user interface (UI) 27
V
Version Control System (VCS) 211
Vertical Pod Autoscaler (VPA) 186
versus Horizontal Pod Autoscaler (HPA) 186
vertical scaling 185
virtual CPU (vCPU) core 149
Virtual Extensible LAN (VXLAN) 161
virtualization 4
benefits 5
virtualized container 57
virtual machine (VM) 149
volumeMounts 120
volumes 62
W
Weave 61
worker nodes 80
container runtime 81
Kubelet 81
proxy 81
WSL 2 51
X
XEN 24
Y
YAML formatted file 39
YTT 170
Z
zero downtime 111
Zero Trust security approach 67
Zipkin 199