πŸ‘¨β€πŸ’» Kubernetes Advanced: Production-Ready Deployments

Kubernetes Advanced: Production-Ready Deployments

Welcome to the final part of our Kubernetes tutorial series! In this advanced guide, we’ll explore production-grade features and best practices for enterprise deployments.

What We’ll Cover

  1. StatefulSets and Persistent Storage
  2. Service Mesh with Istio
  3. Advanced Monitoring and Logging
  4. High Availability Patterns

Prerequisites

StatefulSets and Persistent Storage

Creating a StatefulSet

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: web
spec:
  serviceName: "nginx"
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.2
        ports:
        - containerPort: 80
          name: web
        volumeMounts:
        - name: www
          mountPath: /usr/share/nginx/html
  volumeClaimTemplates:
  - metadata:
      name: www
    spec:
      accessModes: [ "ReadWriteOnce" ]
      resources:
        requests:
          storage: 1Gi

Service Mesh with Istio

Installing Istio

istioctl install --set profile=demo -y

Enabling Istio Injection

kubectl label namespace default istio-injection=enabled

Virtual Service Configuration

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews-route
spec:
  hosts:
  - reviews
  http:
  - match:
    - headers:
        end-user:
          exact: jason
    route:
    - destination:
        host: reviews
        subset: v2
  - route:
    - destination:
        host: reviews
        subset: v1

Advanced Monitoring

Prometheus Setup

apiVersion: monitoring.coreos.com/v1
kind: Prometheus
metadata:
  name: prometheus
spec:
  serviceAccountName: prometheus
  serviceMonitorSelector:
    matchLabels:
      team: frontend
  resources:
    requests:
      memory: 400Mi
  enableAdminAPI: false

Grafana Dashboard Configuration

apiVersion: integreatly.org/v1alpha1
kind: GrafanaDashboard
metadata:
  name: golang-dashboard
spec:
  json: >
    {
      "dashboard": {
        "id": null,
        "title": "Golang Dashboard",
        ...
      }
    }

High Availability Patterns

Pod Disruption Budget

apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
  name: app-pdb
spec:
  minAvailable: 2
  selector:
    matchLabels:
      app: critical-app

Anti-Affinity Rules

apiVersion: apps/v1
kind: Deployment
metadata:
  name: high-availability-app
spec:
  replicas: 3
  template:
    spec:
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - high-availability-app
            topologyKey: "kubernetes.io/hostname"

Production Checklist

  1. Security:
    • Network Policies
    • RBAC configuration
    • Pod Security Policies
  2. Monitoring:
    • Prometheus metrics
    • Grafana dashboards
    • Alert management
  3. Backup:
    • etcd backup
    • PV snapshots
    • Disaster recovery plan
  4. Scaling:
    • HPA configuration
    • VPA setup
    • Cluster autoscaling

What’s Next?

Consider exploring:

  • GitOps workflows with Flux/ArgoCD
  • Custom Resource Definitions (CRDs)
  • Operator pattern implementation
  • Cloud-native security practices

Additional Resources

Written on