Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Kubernetes in Production Best Practices
  • Toc
  • feedback
Kubernetes in Production Best Practices

Kubernetes in Production Best Practices

By : Saleh, Karslioglu
5 (9)
close
Kubernetes in Production Best Practices

Kubernetes in Production Best Practices

5 (9)
By: Saleh, Karslioglu

Overview of this book

Although out-of-the-box solutions can help you to get a cluster up and running quickly, running a Kubernetes cluster that is optimized for production workloads is a challenge, especially for users with basic or intermediate knowledge. With detailed coverage of cloud industry standards and best practices for achieving scalability, availability, operational excellence, and cost optimization, this Kubernetes book is a blueprint for managing applications and services in production. You'll discover the most common way to deploy and operate Kubernetes clusters, which is to use a public cloud-managed service from AWS, Azure, or Google Cloud Platform (GCP). This book explores Amazon Elastic Kubernetes Service (Amazon EKS), the AWS-managed version of Kubernetes, for working through practical exercises. As you get to grips with implementation details specific to AWS and EKS, you'll understand the design concepts, implementation best practices, and configuration applicable to other cloud-managed services. Throughout the book, you’ll also discover standard and cloud-agnostic tools, such as Terraform and Ansible, for provisioning and configuring infrastructure. By the end of this book, you’ll be able to leverage Kubernetes to operate and manage your production environments confidently.
Table of Contents (12 chapters)
close

Bonus security tips

These are some general security best practices and tips that did not fit under any of the previous sections. However, I find them to be useful:

  1. Always keep Kubernetes updated to the latest version.
  2. Update worker AMIs to the latest version. You have to be cautious because this change could introduce some downtime, especially if you are not using a managed node group.
  3. Do not run Docker in Docker or mount the socket in a container.
  4. Restrict the use of hostPath or, if hostPath is necessary, restrict which prefixes can be used and configure the volume as read-only.
  5. Set requests and limits for each container to avoid resource contention and Denial of Service (DoS) attacks.
  6. Whenever possible, use an optimized operating system for running containers.
  7. Use immutable infrastructure, and automate the rotation of the cluster worker nodes.
  8. You should not enable the Kubernetes dashboard.
  9. Enable AWS VPC Flow Logs to capture metadata about...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete