Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Get in touch

1. Docker and Container Essentials FREE CHAPTER

• Technical requirements
• Understanding the need for containerization
• Understanding Docker
• Installing Docker
• Using the Docker CLI
• Summary
• Questions

2. Deploying Kubernetes Using KinD

• Technical requirements
• Introducing Kubernetes components and objects
• Using development clusters
• Installing KinD
• Creating a KinD cluster
• Reviewing your KinD cluster
• Adding a custom load balancer for Ingress
• Summary
• Questions

3. Kubernetes Bootcamp

• Technical requirements
• An overview of Kubernetes components
• Exploring the control plane
• Understanding the worker node components
• Interacting with the API server
• Introducing Kubernetes resources
• Summary
• Questions

4. Services, Load Balancing, ExternalDNS, and Global Balancing

• Technical requirements
• Exposing workloads to requests
• Introduction to load balancers
• Layer 7 load balancers
• Layer 4 load balancers
• Enhancing load balancers for the enterprise
• Making service names available externally
• Load balancing between multiple clusters
• Summary
• Questions

5. Integrating Authentication into Your Cluster

• Technical requirements
• Understanding how Kubernetes knows who you are
• Understanding OpenID Connect
• Configuring KinD for OpenID Connect
• Introducing impersonation to integrate authentication with cloud-managed clusters
• Configuring your cluster for impersonation
• Configuring Impersonation without OpenUnison
• Authenticating from pipelines
• Summary
• Questions

6. RBAC Policies and Auditing

• Technical requirements
• Introduction to RBAC
• What's a Role?
• Mapping enterprise identities to Kubernetes to authorize access to resources
• Implementing namespace multi-tenancy
• Kubernetes auditing
• Using audit2rbac to debug policies
• Summary
• Questions

7. Deploying a Secured Kubernetes Dashboard

• Technical requirements
• How does the dashboard know who you are?
• Understanding dashboard security risks
• Deploying the dashboard with a reverse proxy
• Integrating the dashboard with OpenUnison
• Summary
• Questions

8. Extending Security Using Open Policy Agent

• Technical requirements
• Introduction to dynamic admission controllers
• What is OPA and how does it work?
• Using Rego to write policies
• Enforcing memory constraints
• Mutating objects and default values
• Summary
• Questions

9. Node Security with GateKeeper

• Technical requirements
• What is node security?
• Enforcing node security with GateKeeper
• Summary
• Questions

10. Auditing Using Falco, DevOps AI, and ECK

• Technical requirements
• Exploring auditing
• Introducing Falco
• Exploring Falco's configuration files
• Deploying Falco
• Introducing DevOPs AI
• Summary
• Questions

11. Backing Up Workloads

• Technical requirements
• Understanding Kubernetes backups
• Performing an etcd backup
• Introducing and setting up VMware's Velero
• Using Velero to back up workloads
• Managing Velero using the CLI
• Restoring from a backup
• Summary
• Questions

12. An Introduction to Istio

• Technical requirements
• Why should you care about a service mesh?
• Introduction to Istio concepts
• Understanding the Istio components
• Installing Istio
• Introducing Istio resources
• Deploying add-on components to provide observability
• Deploying an application into the service mesh
• Summary
• Questions

13. Building and Deploying Applications on Istio

• Technical requirements
• Comparing microservices and monoliths
• Deploying a monolith
• Building a microservice
• Do I need an API gateway?
• Summary
• Questions

14. Provisioning a Platform

• Technical requirements
• Designing a pipeline
• Preparing our cluster
• Deploying GitLab
• Deploying Tekton
• Deploying ArgoCD
• Automating project onboarding using OpenUnison
• Deploying an application
• Summary
• Questions

15. Other Books You May Enjoy

16. Index