A
access control webhooks
authentication webhook, using
authorization webhook, using
custom metrics, providing for horizontal pod autoscaling
employing 573
Kubernetes, extending with custom storage
adapter pattern 15
admission control webhook
using
advanced scheduling 151
anti-affinity 155
node affinity 155
node selector 151
pod affinity 155
alerting 448
AlertManager
reference link 400
alerts
versus dashboards
Alibaba ACK
URL 579
Alibaba Cloud
Alibaba container service for Kubernetes (ACK)
Amazon EKS
URL 579
Amazon Virtual Private Cloud (Amazon VPC) 61
Amazon Web Services (AWS) 4
ambassador pattern 15
annotations 10
Anthos
reference link 582
anti-affinity 155
API builder alpha
reference link 557
APIs
deprecating 92
API server
accessing 106
admission control plugins, using 113, 114
requests, authorizing 110, 112
users, authenticating 107, 108
AppArmor
requisites 118
used, for protecting cluster 118
AppDash
reference link 478
Application Container Image (ACI) 30
application error reporting 447
Argo CD
URL 585
Attribute-Based Access Control (ABAC) 112
authentication webhook
using
authorization webhook
using
AutoContainerSource
reference link 425
autoscaling
used, for performing rolling updates 255, 256, 258
AWS App Mesh 490
URL 490
AWS Fargate 61
AWS PrivateLink 61
Azure 62
Azure Container Instances 409, 410
Azure Container Instances (ACI) 409, 584
Azure file storage 204
Azure Kubernetes Service (AKS) 4, 62, 277
benefits 62
B
bane tool
reference link 119
bare-metal 579
bare-metal cluster
building, with KRIB
building, with Kubespray
building, with RKE
creating, considerations
creating, from scratch
creating, process
use cases
virtual private cloud infrastructure, using
Bookinfo 495
installing 499, 500, 501, 503, 504
Bootkube
bridge plugin
bridges 325
broker 426
buildpacks
URL
build.sh script
exploring 233
built-in objects
embedding
Buoyant
URL 489
C
cAdvisor 456
Calico
reference link 582
Calico project 337
Candy 546
Cassandra 229
connecting 239
custom seed provider 240
headless service, creating 242
Cassandra cluster
executing, in Kubernetes 228
reference link 228
Cassandra Docker image 231, 232
build.sh script, exploring 232
run.sh script, exploring 234, 235, 236, 237, 239
cattle versus pets 6
cbr0 326
CD foundation
reference link 585
centralized logging 451
cluster-level central logging 453
remote central logging 453
sensitive log information, dealing with 454
Ceph
connecting, with CephFS 211
connecting, with RBD 209, 210, 211
using 209
CephFS
used, for connecting Ceph 211
Ceph volumes
in Kubernetes 205
Certified Kubernetes Administrator (CKA)
reference link 577
Certified Kubernetes Application Developer (CKAD)
reference link 577
channels 426
chart dependencies
managing 308
managing, with requirements.yaml 309
special fields, utilizing in requirements.yaml 310, 311
charts
creating 306
metadata files 308
templates and values, using 311
chart scope
chart values
Chart.yaml file 307
appVersion field 307
charts, deprecating 308
version field 307
CI/CD pipeline
deploying, for Kubernetes
Cillium
reference link 581
Citadel 494
workflow, in Kubernetes 494, 495
Classless Inter-Domain Routing (CIDR) 325
client IP addresses
preservation, specifying 347
preserving 347
cloud
clusters 58
cloud controller manager
used, for extending Kubernetes 543
Cloud Controller Manager (CCM) 543
URL 543
Cloud Native Buildpacks
URL 585
Cloud Native Computing Foundation (CNCF)
certification 577
community and education 578
significance 576
training 578
URL 576
cloud-provider interface 58
cloud providers 62
Chinese Alibaba Cloud
Huawei
IBM Kubernetes Service
Oracle Container Service
Tencent
Cloud Run
reference link 584
cluster
exploring, with Kubernetes dashboard 460
cluster autoscaler 408
cluster autoscaler (CA) 80
cluster capacity
container-native solutions, considering 277
elastic cloud resources, benefiting 274
managing 270
multiple node configurations, using 274
node types, selecting 270, 271
off cost and response time, trading 272, 274
scalable storage solution, selecting 272
selecting 270
history, on Kubernetes 366
cluster federation, use cases 368
capacity overflow 368
Geo-distributing high availability 369
vendor lock-in, avoiding 369
cluster-level central logging 453
cluster management commands 136
clusters 7
CNCF landscape
reference link 576
CNCFs CloudEvents specification
reference link 424
skeleton, building 358, 359, 361
writing 354
compute resource quota 259
condition field 310
ConfigMap
consuming, as environment variable 224, 225
creating 224
containerd 28
container-native solutions
considering 277
container networking interface (CNI) 542
Container Networking Interface (CNI) 327
container runtime 328
third-party plugin 328
container orchestration 3
container runtime 328
container runtime interface (CRI) 25, 26, 27
containers
coupled connectivity, with data stores 323
coupled connectivity, with queues 323
in cloud 4
interacting 322
registration service 322
self-registration 322
ContainerSource
reference link 425
container storage interface (CSI) 542
Container Storage Interface (CSI) 12, 218, 219
continuous integration and deployment
Contiv 332
Contiv net plugin
capabilities 332
CoreV1API group
CRD components
admission plugin 83
recommender 83
updater 83
CRI-O 30
cron jobs
cross-cluster scheduling 376
curl 48
custimization commands 136
custom container runtimes
used, for extending Kubernetes 545
custom devices 582
custom hardware 582
custom metrics
providing, for horizontal pod autoscaling
custom metrics API
reference link 252
custom metrics API server
reference link
custom printer columns, adding 555, 556
finalizing 555
unknown fields, dealing with 551, 553
custom resources definitions (CRD) 546
custom resources definitions (CRDs) 493
custom scheduler
pod, assigning 566
preparing 565
custom storage
used, for extending Kubernetes
D
DaemonSet
using, for redundant persistent storage 226
DaemonSet pods
sharing
Dapper
reference link 478
dashboards
versus alerts
data
migrating 91
data-contract changes
managing 91
deployment
updating 143
deployment commands 136
device plugins 543
Digital Ocean
URL 579
Digital Rebar Provision (DRP)
directed acyclic graph (DAG) 446
direct logging approach 451
directory structure
distributed data-intensive apps 222
distributed hash table (DHT) 206, 229
distributed system design patterns 14
adapter pattern 15
ambassador pattern 15
multi-node patterns 16
sidecar pattern 15
distributed tracing 446
used, for detecting performance
used, for detecting root cause
DNS Provider 390
DNS records
versus shared environment variables 223
Docker networking
versus Kubernetes networking model 320, 321
Docker networking model
versus Kubernetes networking model 321
Domain Name System (DNS) 370
durable node storage
dynamic host path provisioner
reference link 294
E
eksctl
URL 61
Elastic Block Store (EBS) 199
elastic cloud resources
benefiting 274
cloud quotas 275
instance autoscaling 274
regions, managing 275
Elastic container instances (ECIs)
Elastic Container Service (ECS) 59
Elastic File System (EFS) 200
Elastic Kubernetes Service (EKS) 4, 59, 277
Elasticsearch, Kibana, and Fluentd (EFK) 523
emptyDir
using, for intra-pod communication 176, 177, 178
enterprise storage
integrating, into Kubernetes 214
URL 489
error reports
versus logs
versus metrics
etcd 21
etcd3 282
gRPC, using instead of REST 282
leases, using instead of TTLs 282
optimizations
state storage 282
watch implementation 282
etcd cluster
about 69
verifying 74
etcd operator
etcd-operator
reference link 544
event consumer 425
event consumer, types
Addressable consumer 425
Callable consumer 425
event delivery, modes
fan-out delivery 427
simple delivery 426
event registry 426
event source 425
event types 426
extended Berkeley Packet Filter (eBPF) 581
applications 581
external data stores
accessing, via DNS 223
accessing, via environment variables 223
External DNS Controller 390
external load balancer 345, 348
client IP addresses, preserving 347
configuring 346
configuring, via kubectl command 346
configuring, via service configuration file 346
IP addresses, finding 346
external service
separating 144
external services
F
fan-out delivery 427
limitations 414
reference link 410
federation API server 373
federation controller manager 373
Fiber Channel (FC) 189
FireCracker
reference link 581
firecracker-containerd
reference link 581
URL 435
backends 336
FlexVolume
out-of-tree volume plugins, using 217, 218
FlexVolume approach
advantages 218
Flocker
as clustered container data volume manager 212, 214
Fluentbit
URL 456
Fluentd
URL 454
using, for log collection 454
Frakti
Function as a Service (FaaS) 585
functions
using 312
Functions as a Service (FaaS)
characteristics 408
executing, on serverless computing 407
G
Galley 495
Gardener
Gardener architecture 398
clusters, networking 399
cluster state, managing 398
control plane, managing 399
gardenctl CLI 400
infrastructure, preparing 399
machine controller manager, using 399
Gardener project
terminology 396
URL 396
Gardener ring
generic commands 136
Giant Swarm
reference link 580
gibibyte (GiB) 183
GlusterFS
endpoints, creating 206
pods, creating 208
using 206
GlusterFS Kubernetes service
adding 207
GlusterFS volumes
in Kubernetes 205
Google Anthos for GKE
reference link 579
Google Cloud Platform (GCP) 4, 59
Google Cloud Run 414
reference link 580
Google GKE
URL 579
Google Kubernetes Engine (GKE) 59, 277
Google Kubernetes Engine on Coursera
reference link 578
Grafana
reference link 400
URL 472
Grafana Loki
reference link 475
gvisor-containerd-shim
reference link 581
H
HAProxy
executing, in Kubernetes cluster 352
NodePort, utilizing 351
using, in load balancer provider 351
Helm 283
chart, creating 306
chart, customizing 298, 299, 300
charts, managing 304
installation link 71
installation options 301
installation status, checking 293, 294, 295, 296, 298
installing 286
package, installing on Kubernetes cluster 291
release, deleting 303
release, rolling back 301, 302
repositories, adding 288, 289, 290
repositories, working with 303, 304
use cases 284
using 285
Helm 2
Tiller server, installing 286
used, for installing riff
Helm 2 architecture 284
Helm 2 components 284
Helm client 285
Tiller server 284
Helm 3 285
Helm client
installing 286
hierarchical cluster structures
with kustomization 158
high availability, best practices
about 66
data, protecting 75
etcd cluster 69
Kubernetes cluster, creating 67, 68
Kubernetes cluster state, protecting 69
leader election, executing with Kubernetes 76, 77
nodes performance, creating 68, 69
staging environment, creating 77
high availability, concepts
about 64
hot swapping 64
idempotency 66
leader election 65
redundancy 64
self-healing 66
smart load balancing 65
High-Availability Proxy (HAProxy) 351
reference link 351
Higher-Order Behavior
employing 390
highly available (HA) clusters 45
horizontal pod autoscaler (HPA) 80, 248
autoscaling, with Kubectl 252, 253, 254
custom metrics 252
host cluster
registering, with Kubernetes federation 383
HostPath
using, for intra-node communication 178, 179, 180
hot swapping 64
httpie
URL 530
used, for filtering output 529, 531
using 530
Httpie
installation link 48
Huawei
Hue
advanced science
utilizing, for education
utilizing, in enterprise
Hue components
about 131
authorizer 132
external service 132
generic actuator 132
generic sensor 132
identity 132
user graph 131
user learner 133
user profile 131
Hue microservices
about 133
data stores 134
plugins 133
queue-based interactions 134, 135
serverless functions 134
stateless microservices 134
Hue platform
designing 129
evolving, with Kubernetes
managing, with Kubernetes 171
notifications 130
scope, defining 130
smart reminders 130
Hue-reminders service
Hue workflows
automatic workflows 135
budget-aware workflows 135
human workflows 135
planning 135
Hyper Containers
Frakti
Stackube
I
IBM Cloud Kubernetes service
URL 579
IBM Kubernetes Service
idempotency 66
ingress 349
Ingress 150
Ingress DNS controller 390
IngressDNSRecord 390
init containers
employing, for orderly pod bring-up 173
inside-the-cluster-network components 171
internal service
separating 144
Internet of Things (IoT) 584
intra-node communication
intra-pod communication
IP addresses 324
IP Address Management (IPAM) 329
Istio 490
distributed tracing
incorporating, into Kubernetes cluster 491
metrics
minikube cluster, preparing 495
monitoring and observability 519
traffic management 504, 505, 507, 508
URL 490
Citadel 494
Envoy 493
Galley 495
Mixer 494
Pilot 493
Istio authentication 510
origin authentication 511
transport authentication 510
Istio authorization 511, 512, 513, 514
istio-certs 510
Istio identity 509
Istio PKI 510
J
Jaeger 477
URL 477
Jaeger agent 479
Jaeger client 479
Jaeger collector 479
Jaeger Query 479
Java Management Extensions (JMX) 238
Jenkins
URL 585
Jenkins X
URL 585
jobs
cleaning up 168
executing, in parallelism 167, 168
launching 166
jq
URL 530
used, for filtering output 529, 531
using 530
jsonpatch
URL 388
JSON Web Tokens (JWTs) 511
K
k3d 52
installing 52
used, for creating cluster 53, 55, 56
used, for creating multi-node cluster 51
k3s 52
k9s tools
reference link 568
Keepalived Virtual IP (Keepalived VIP) 353
Kiali
used, for visualizing service mesh
KinD
about 43
echo service, deploying with 48
installing 43
used, for creating multi-node cluster 43, 44, 45, 46
versus k3d 57
versus Minikube 57
Knative, components
Knative Eventing 415
Knative Serving 415
Knative Configuration object 420, 422
Knative Eventing terminology
broker 426
channel 426
defining 424
event consumer 425
event registry 426
event source 425
event types 426
subscriptions 426
trigger 426
Knative, installing
reference link 428
Knative Revision object 424
Knative Route object 419
Knative service
deploying 430
scale-to-zero option, checking in 432, 434
Knative Service object 416, 419
Knative Serving 415
Krew
reference link 570
used, for managing Kubectl plugins 570
krew-plugin-template
reference link 572
KRIB
reference link
used, for building bare-metal cluster
kubeadm
reference link
kubebuilder
Kube controller manager 21
kubectl 32
reference link 33
Kubectl
executing, with Python subprocesses 538, 540, 541
used, for autoscaling HPA 252, 254
Kubectl commands
overriding 572
Kubectl effectively
using 136
Kubectl plugins 572
implementing 568
managing, with Krew 570
namespace, for Krew plugins 573
naming 572
shebangs 572
writing 568
Kubectl programmatically
invoking 538
kubectl resource, configuration files
about 137
ApiVersion 138
kind 138
metadata 138
spec 138
KubeEdge
KubeFed control plane 373
federation API server 373
federation controller manager 373
kubefedctl
Kubeless 441
implementing with 442
working, with serverless framework
Kubeless architecture 441
Kubeless function 441
Kubeless runtime 441
Kubeless triggers 442
Kubeless function 441
Kubeless runtime 441
Kubeless triggers 442
Kubeless UI
using
kubelet 24
Kubemark cluster
comparing, to real-world cluster
reference link
setting up
Kubemark tool
MTU, setting 327
kubens tool
reference link
kube-prometheus
reference link 464
Kubernetes 576
API objects, serializing with protocol buffers 282
API responsiveness, measuring
capabilities 2
centralized logging 451
Ceph volumes in 205
CI/CD pipeline, deploying for
cluster federation, history 366
component logs 449
configuration and deployment challenges 100
connecting 239
cultural challenges 102
end-to-end pod startup time, measuring
enterprise storage, integrating 214
etcd3 282
extending, with cloud controller manager 543
extending, with controller pattern 544
extending, with custom container runtimes 545
extending, with custom storage
extending, with operator pattern 544
extending, with plugins 542
features 60
Fluentd, using for log collection 454
GlusterFS in 205
logging with 448
monitoring, with metrics server 457, 458
network policies, managing 122
on EC2 60
organizational challenges 102
overview 104
performance and scalability, improving 279
performance and scalability, measuring
Platform as a Service (PaaS) 580
pod and container challenges 101
pod lifecycle event generator (PLEG) 279, 280
pods security 116
process challenges 102
reads, caching in API server 279
scheduling, extention 545
secrets, storing in 126
security challenges 96
service accounts, managing 106
SLOs
stateful applications 221
stateless applications 221
state, managing in 222
state, managing outside 222, 223
testing, at scale
upcoming trends 580
used, for collecting metrics 456, 457
used, for evolving Hue platform
used, for managing Hue platform 171
using, to build Hue platform 136
Kubernetes API
accessing, via Python client 532, 533
CoreV1API group, dissecting 533, 534
exploring, with Postman 528
objects, listing 536
objects, watching 537
Python subprocesses, used for executing Kubectl 538, 540, 541
used, for creating pod 531, 532
working with 525
Kubernetes APIs 16
Resource Categories 17
Kubernetes API server
distributed system design patterns 14
Kubernetes Certified Service Provider (KCSP)
reference link 577
Kubernetes cli-runtime
reference link 572
Kubernetes cluster
APIs, deprecating 92
availability requisites 93
bare-metal cluster
best effort 93
cost 92
data consistency
data-contract changes, managing 91
data, migrating 91
design trade-offs 92
HAProxy, executing in 352
Helm package, installing on 291
Istio, incorporating into 491
live updates 83
maintenance windows 94
multi-node cluster 43
overview 31
performance 92
quick recovery 94
single-node cluster 32
Site reliability engineering (SRE)
zero downtime
Kubernetes cluster federation
creating 380
Higher-Order Behavior, employing 390
managing 378
overrides, using 388
placement field, using to control 388, 389
propagation failures, debugging 390
Kubernetes, components
master components 20
node components 23
Kubernetes, concepts 6
annotations 10
cluster 7
labels 10
label selectors 11
master 9
names 13
nodes 7
pods 9
replica sets 12
replication controllers 12
secrets 13
services 11
volume 12
Kubernetes contrib
reference link 353
Kubernetes dashboard
used, for exploring cluster 460
Kubernetes extensions patterns 542
Kubernetes extensions points 542
Kubernetes FaaS frameworks 434, 435
Knative
Kubeless 441
riff
Kubernetes federation
API types, working with 385
basic concepts, defining 370
basics, learning 370
building blocks 370
data access 377
features 373
namespace 387
overview 374
resources status, checking 387
unit of work 375
used, for registering host cluster 383
Kubernetes federation, elements
policy 371
scheduling 371
status 371
Kubernetes GitHub repository
reference link 576
Kubernetes incubator project
reference link 182
Kubernetes ingress 324
Kubernetes networking model 318
external access 319
inter-pod communication (pod to pod) 318
intra-pod communication (container to container) 318
pod to service communication 319
versus Docker networking 320, 321
versus Docker networking model 321, 322
Kubernetes networking solutions 332
bridging, on bare metal clusters 332
Calico project 337
Open vSwitch (OVS) 333, 334, 335
Weave net 341
Kubernetes network plugin 324
bridges 325
CIDRs 325
Container Networking Interface (CNI) 327
IP addresses 324
Kubenet 326
Linux networking 324
maximum transmission unit (MTU) 326
netmasks 325
network namespaces 325
pod networking 326
ports 324
routing 325
subnets 325
Virtual Ethernet (veth) devices 325
Kubernetes network policy 342
CNI plugin 342
configuring 342
design 341
implementing 343
using 341
Kubernetes on Raspberry PI
reference link 580
Kubernetes plugins
custom scheduler, writing 559
writing 559
Kubernetes runtimes 24
container runtime interface (CRI) 25, 27
CRI-O 30
Hyper Containers
rkt 30
Kubernetes scheduler
Kubernetes services
accessing, locally though proxy 48, 50
kube scheduler 23
Kubespray 67
used, for building bare-metal cluster
kube-state-metrics
reference link 400
Kuma 490
URL 490
kustomization
patching 163
staging namespace, kustomizing 163, 164
using, for hierarchical cluster structures 158
kustomize
basics 158
URL 158
L
labels 10
label selectors 11
leader election 65
limit ranges
using, for default compute quotas 269, 270
Linen CNI plugin
reference link 333
Linkerd 489
Linkerd 2 489
URL 489
Linux networking 324
liveness probe
using, to ensure containers 171
using, to manage dependencies 172
load balancer provider
with HAProxy 351
load balancing options 343, 345
external load balancer 345
ingress 349
local volumes
using, for durable node storage 180, 181
location affinity 375
location affinity, requirements
loosely coupled 376
preferentially coupled 376
strictly coupled 375
strictly decoupled 376
uniformly spread 376
log collection strategy
direct logging approach 451
node agent approach 452
selecting 451
sidecar container 452
log format 445
logging 444
with Kubernetes 448
logs
versus error reports
versus metrics
logs, key attributes
log aggregation 445
log format 445
log storage 445
log storage 445
long-running microservices
deploying, in pods 139
long-running processes
deploying, with deployments 142
long-running services
characteristics 407
executing, on serverless computing 406
loopback plugin 354, 355, 357, 358
reference link 355
M
macOS
single-node cluster, creating 34, 35
Maesh
URL 490
managed Kubernetes platforms 579
master 9
master components
API server 449
controller manager 449
scheduler 449
master components, Kubernetes
API server 20
cloud controller managers 21, 22
DNS 23
etcd 21
Kube controller manager 21
kube scheduler 23
maximum transmission unit (MTU) 326
MetalLB 353
reference link 353
metrics 445
collecting, with Kubernetes 456, 457
types
versus error reports
versus logs
Microsoft AKS
URL 579
Minikube 33
reference link 33
used, for creating single-node cluster 32
versus k3d 58
versus KinD 57
minikube cluster
preparing, for Istio 495
minions 7
misc commands 136
Mixer 494
multi-cluster Ingress DNS
utilizing 390
multi-cluster scheduling
multi-cluster Service DNS
multi-container pod challenges 101
multi-node cluster
creating, with k3d 51, 53, 55, 56
creating, with KinD 43, 44, 45, 46
multi-node patterns 16
multiple node configurations
using 274
multi-user cluster
executing
namespace pitfalls, avoiding
namespace, using for safe multi-tenancy
use cases
N
names 13
using, to limit access 156, 158
namespace-specific context
using 263
native CI/CD 585
Network Address Translation (NAT) 318
networking 581
network namespaces 325
network policies
cross-namespace policies 126
egress network policy, limiting to external networks 125
managing 122
networking solution, selecting 123
secrets, using 126
node affinity 155
advantages 155
node agent approach 452
node components, Kubernetes
kubelet 24
proxy 23
node-exporter
reference link 400
NodePort
utilizing 351
node-problem-detector
reference link
nodes 7
node selector 151
node types
non-cluster components
inside-the-cluster-network components 171
mixing 170
outside-the-cluster-network components 170
Nuage networks VCS 335
O
object count quota 261
objects
Kubectl programmatically, invoking 538
listing 536
watching 537
observability 444
alerting 448
application error reporting 447
dashboards 447
distributed tracing 446
logging 444
metrics 445
visualization 447
octant tools
reference link 568
off cost and response time
OpenAPI 526
OpenAPI V3
reference link 547
Open Container Initiative (OCI) 28
Open Service Broker API
reference link 557
OpenShift
reference link 580
OpenStack
reference link 579
OpenTracing 476
URL 476
OpenTracing, concepts 477
Span 477
Trace 477
Open Virtualization Network (OVN) 333
Open Virtual Networking (OVN) 328
reference link 333
operator framework
reference link 544
operator pattern
used, for extending Kubernetes 544
Operator pattern 585
Oracle Cloud
URL 579
Oracle Container Service
origin authentication 511
out-of-tree volume plugins
using, with FlexVolume 217, 218
outside-the-cluster-network components 170
overrides
using 388
P
performance
detecting, with distributed tracing
Persistent Volume Claim (PVC) 190
persistent volume claims
applying 226
persistent volumes
access mode 183
capacity 183
claims, mouting 188
creating 182
dynamically, provisioning 182
externally, provisioning 182
mount options 185
provisioning 181
reclaim policy 184
statically, provisioning 182
storage classes 192
storage, demonstrating end to end 192, 194, 195, 196, 198, 199
volume mode 183
volume type 185
personally identifiable information (PII) 454
physical machines 3
Pilot 493
pipelines
using 312
placement field
using, to control Kubernetes cluster federation 388, 389
Platform 9 PMK
reference link 580
Platform as a Service (PaaS) 2
plugins
used, for extending Kubernetes 542
pod
assigning, to custom scheduler 566
creating, via Kubernetes API 531, 532
scheduling 563
verifying, with correct scheduler 567
pod affinity 155
pod lifecycle event generator (PLEG) 280
pod networking 326
pod readiness 174
pods 9
decorating, with labels 141
endpoints 322
interacting 322
long-running microservices, deploying 139
pod security
pod security policies (PSPs) 120, 121
authorizing, via RBAC 121, 122
pods security 116
cluster, protecting with AppArmor 118
ImagePullSecrets 116
private image repository, using 116
security context, specifying 117
ports 324
Postman
output, filtering with httpie and jq 529, 531
URL 528
using, to explore Kubernetes API 528
priority classes 262
private clouds 579
Prometheus 461
custom metrics, incorporating 469
features 461
interacting 465
kube-state-metrics, incorporating 465, 467
Loki, considering 475
metrics, visualizing with Grafana 472, 475
node exporter, utilizing 467
reference link 399
URL 461
Prometheus operator
reference link 463
propagation failures
debugging 390
protected health information (PHI) 454
proxy
setting up 526
public cloud Kubernetes platforms 579
public cloud storage, volume types 199
Azure file storage 205
public key infrastructure (PKI) 510
Python client
used, for accessing Kubernetes API 532, 533
Python client library
reference link 532
Python subprocesses
used, for executing Kubectl 538, 540, 541
Q
queues
benefits 323
downsides 323
quotas
creating 263, 265, 266, 268, 269
limit ranges, using for default compute quotas 269, 270
namespace-specific context, using 263
scopes 262
working with 263
R
Rados Block Device (RBD) 209
used, for connecting Ceph 209, 210, 211
Rancher k3S
reference link 580
Rancher Kubernetes Engine (RKE)
reference link
used, for building bare metal cluster
Rancher RKE
reference link 580
raw block volumes 189
defining, with FC provider 189
readiness gates 174
ReadOnlyMany (ROX) 193
ReadWriteMany (RWX) 193
ReadWriteOnce (RWO) 193
real routable IP addresses, benefits
performance 337
scalability 337
visibility 338
reclaim policy
delete 184
recycle 184
retain 184
redundancy 64
redundant in-memory state
using 225
redundant persistent storage
DaemonSet, using 226
remote central logging 453
replica sets 12
replication controllers 12
Resource Categories 17
clusters 20
config and storage 19
Discovery and Load Balancing 18, 19
metadata 19
workloads API 18
resource quotas 262
enabling 259
requests and limits 263
resource quotas, types 259
compute resource quota 259
object count quota 261
storage resource quota 260
riff
installing, with Helm 2
riff runtimes
core runtime
Knative runtime
streaming runtime
rkt 30
app container 30
role-based access control (RBAC) 61
Role-Based Access Control (RBAC) 112
rolling updates
complex deployments 87
performing, with autoscaling 255, 256, 258
root cause
detecting, with distributed tracing
routing 325
runC 28
run.sh script
exploring 234, 235, 236, 237, 238
S
scalable storage solution
categories 272
selecting 272
scarce resources
handling, with limits and quotas 258, 259
Screwdriver.cd
URL 585
seccomp
reference link 581
secrets 13
creating 127
decoding 128
storing, in Kubernetes 126
using 126
using, in container 128
security 580
self-healing 66
sensitive log information
dealing with 454
sentry chart
reference link
serverless computing 584
FaaS, executing 407
long-running services, executing 406
serverless framework
used, for working with Kubeless
serverless Kubernetes
Azure Container Instances 409, 410
cluster autoscaler 408
Google Cloud Run 414
in cloud 408
service catalog
reference link 557
service-level agreements (SLAs)
service-level indicators (SLIs)
service-level objectives (SLOs)
Service Level Objectives (SLOs)
service load balancer 348
service mesh 483, 484, 486, 487, 582
AWS App Mesh 490
control plane 489
data plane 489
Envoy 489
Istio 490
Kuma 490
Linkerd 2 489
Maesh 490
selecting 489
visualizing, with Kiali
services 11
settings commands 136
shared environment variables
versus DNS records 223
sidecar container 452
sidecar container KEP
reference link 582
sidecar pattern 15
simple delivery 427
single-node cluster
creating, requisites 33
creating, with Minikube 32
examining, with dashboard 40, 43
troubleshooting 36
single point of failure (SPOF) 323
Site reliability engineering (SRE)
smart load balancing 65
software-defined networking (SDN) 98
Software-Defined Networking (SDN) 335
Span 477
SPIFEE
URL 510
Spinnaker
URL 585
Stackube
reference link
starter packs
advantage 306
stateful applications
in Kubernetes 221
used, to create Cassandra cluster 242
using 226
utilizing 226
StatefulSet YAML file
dissecting 242, 243, 244, 245, 246
stateless applications
in Kubernetes 221
Storage Area Network (SAN) 214
storage classes 192
storage resource quota 260
subprocess 538
subscriptions 426
T
tags field 310
Tekton
reference link 415
URL 585
templates files
pipelines and functions, using 312
Tencent
Tencent Kubernetes engine (TKE)
Tencent TKE
URL 579
Terraform 399
Tiller server
installing, for Helm 2 286
installing, in cluster 287
Time to Live (TTL) 282
Token Controller 106
tooling 578
top-of-rack (ToR) 339
Trace 477
Traefik
URL 490
transport authentication 510
trigger 426
triggers
HTTP trigger 435
Kubernetes watch trigger 435
Message queue trigger 435
Timer trigger 435
troubleshooting commands 136
troubleshooting problems
daemons
detecting, at node level
staging environments, advantage
U
unique ID (UID) 9
users
impersonating 110
V
values
feeding, from file
Velero 76
reference link 76
vertical pod autoscaler (VPA) 83
considering 83
limitations 83
veth0 326
VirtualBox
reference link 33
Virtual Ethernet (veth) devices 325
Virtualized Cloud Services (VCS) 335
virtual kubelet
URL 410
virtual machines 3
virtual machines (VMs) 408
virtual machine (VM) 78
Virtual Redundancy Router Protocol (VRRP) 353
VMware Kubernetes academy
reference link 578
VMware PKS
reference link 580
volume 12
volume cloning 219
volumes 176
emptyDir, using for intra-pod communication 176, 177, 178
HostPath, using for intra-node communication 178, 179, 180
local volumes, using for durable node storage 180
projecting 216
volume snapshots 219
W
WdeaveScope
reference link 581
Weave net 341
webhook admission controller
configuring
webhooks
used, for extending Kubernetes 544
Windows
single-node cluster, creating 33, 34
worker node components
Kubelet 449
Kube proxy 451
workloads API 18
Z
zero downtime
planning
Zipkin
URL 478