Kubernetes in Action, Second Edition you own this product

Marko Lukša, Kevin Conner

MEAP began February 2020
Last updated September 2025
Publication in December 2025 (estimated)

ISBN 9781617297618
704 pages (estimated)

Included with a Manning Online subscription

printed in black & white

available in Korean, Simplified Chinese

catalog / Software Development / Cloud / Containerization / Kubernetes

table of content

PART 1: GETTING STARTED WITH KUBERNETES

1 Introducing Kubernetes

1.1 Introducing Kubernetes

1.1.1 Kubernetes in a nutshell

1.1.2 About the Kubernetes project

1.1.3 Understanding why Kubernetes is so popular

1.2 Understanding Kubernetes

1.2.1 Understanding how Kubernetes transforms a computer cluster

1.2.2 The benefits of using Kubernetes

1.2.3 The architecture of a Kubernetes cluster

1.2.4 How Kubernetes runs an application

1.3 Introducing Kubernetes into your organization

1.3.1 Running Kubernetes on-premises and in the cloud

1.3.2 To manage or not to manage Kubernetes yourself

1.3.3 Using vanilla or extended Kubernetes

1.3.4 Should you even use Kubernetes?

1.4 Summary

2 Understanding Containers and Containerized Applications

2.1 Introducing containers

2.1.1 Comparing containers to virtual machines

2.1.2 Introducing the Docker container platform

2.1.3 Installing Docker and running a Hello World container

2.1.4 Introducing the Open Container Initiative and Docker alternatives

2.2 Deploying the Kubernetes in Action Demo Application (Kiada)

2.2.1 Introducing the Kiada Application

2.2.2 Building the application

2.2.3 Running the container

2.2.4 Distributing the container image

2.2.5 Stopping, resuming, and deleting the container

2.3 Understanding containers

2.3.1 Customizing the process environment with Kernel Namespaces

2.3.2 Exploring the environment of a running container

2.3.3 Limiting the resources available to a process using cgroups

2.3.4 Strengthening isolation between containers

2.4 Summary

3 Deploying Your First Application on Kubernetes

3.1 Deploying a Kubernetes cluster

3.1.1 Using the built-in Kubernetes cluster in Docker Desktop

3.1.2 Running a local cluster using Minikube

3.1.3 Running a local cluster using kind (Kubernetes in Docker)

3.1.4 Creating a managed cluster with Google Kubernetes Engine

3.1.5 Creating a cluster using Amazon Elastic Kubernetes Service

3.1.6 Deploying a multi-node cluster from scratch

3.2 Interacting with Kubernetes

3.2.1 Setting up kubectl - the Kubernetes command-line client

3.2.2 Configuring kubectl to use a specific Kubernetes cluster

3.2.3 Using kubectl

3.2.4 Interacting with Kubernetes through web dashboards

3.3 Running your first application on Kubernetes

3.3.1 Deploying your application

3.3.2 Exposing your application to the world

3.3.3 Horizontally scaling the application

3.3.4 Understanding the deployed application

3.4 Summary

4 Navigating the Kubernetes API and Object Model

4.1 Getting familiar with the Kubernetes API

4.1.1 Introducing the API

4.1.2 Understanding the structure of an object manifest

4.2 Examining an object’s individual properties

4.2.1 Exploring the full manifest of a Node object

4.2.2 Understanding individual object fields

4.2.3 Understanding an object’s status conditions

4.2.4 Inspecting objects using the kubectl describe command

4.3 Observing cluster events via Event objects

4.3.1 Introducing the Event object

4.3.2 Examining the YAML of the Event object

4.4 Summary

PART 2: RUNNING APPLICATIONS ON KUBERNETES

5 Running Applications with Pods

5.1 Understanding pods

5.1.1 Understanding the purpose of pods

5.1.2 Organizing containers into pods

5.2 Creating pods from YAML or JSON files

5.2.1 Creating a YAML manifest for a pod

5.2.2 Creating the Pod object from the YAML file

5.2.3 Checking the newly created pod

5.3 Interacting with the application and the pod

5.3.1 Sending requests to the application in the pod

5.3.2 Viewing application logs

5.3.3 Attaching to a running container

5.3.4 Executing commands in running containers

5.3.5 Copying files to and from containers

5.3.6 Debugging pods using ephemeral containers

5.4 Running multiple containers in a pod

5.4.1 Extending the Kiada Node.js application using the Envoy proxy

5.4.2 Adding Envoy proxy to the pod

5.4.3 Interacting with the two-container pod

5.5 Running additional containers at pod startup

5.5.1 Introducing init containers

5.5.2 Adding init containers to a pod

5.5.3 Inspecting init containers

5.5.4 Kubernetes-native sidecar containers

5.6 Deleting pods and other objects

5.6.1 Deleting a pod by name

5.6.2 Deleting objects defined in manifest files

5.6.3 Deleting all pods

5.6.4 Deleting objects using the “all” keyword

5.7 Summary

6 Managing the Pod Lifecycle and Container Health

6.1 Understanding the pod’s status

6.1.1 Understanding the pod phase

6.1.2 Understanding pod conditions

6.1.3 Understanding the container status

6.2 Keeping containers healthy

6.2.1 Understanding container auto-restart

6.2.2 Checking the container’s health using liveness probes

6.2.3 Creating an HTTP GET liveness probe

6.2.4 Observing the liveness probe in action

6.2.5 Using the exec and the tcpSocket liveness probe types

6.2.6 Using a startup probe when an application is slow to start

6.2.7 Creating effective liveness probe handlers

6.3 Executing actions at container start-up and shutdown

6.3.1 Using post-start hooks to perform actions when the container starts

6.3.2 Using pre-stop hooks to run a process just before the container terminates

6.4 Understanding the pod lifecycle

6.4.1 Understanding the initialization stage

6.4.2 Understanding the run stage

6.4.3 Understanding the termination stage

6.4.4 Visualizing the full lifecycle of the pod’s containers

6.5 Summary

7 Organizing Pods and Other Resources using Namespaces and Labels

7.1 Organizing objects into Namespaces

7.1.1 Listing namespaces and the objects they contain

7.1.2 Creating namespaces

7.1.3 Managing objects in other namespaces

7.1.4 Understanding the (lack of) isolation between namespaces

7.1.5 Deleting namespaces

7.2 Organizing Pods with labels

7.2.1 Introducing labels

7.2.2 Adding labels to Pods

7.2.3 Label syntax rules

7.2.4 Using standard label keys

7.3 Filtering objects with label selectors

7.3.1 Using label selectors for object management with kubectl

7.3.2 Using label selectors in object manifests

7.4 Filtering objects with field selectors

7.4.1 Using a field selector in kubectl

7.4.2 Using field selectors in object manifests

7.5 Annotating objects

7.5.1 Introducing object annotations

7.5.2 Adding annotations to objects

7.5.3 Inspecting an object’s annotations

7.5.4 Updating and removing annotations

7.6 Summary

PART 3: MANAGING APPLICATION CONFIGURATION AND STORAGE

8 Configuring Applications with ConfigMaps and Secrets

8.1 Setting the command, arguments, and environment variables

8.1.1 Setting the command and arguments

8.1.2 Setting environment variables in a container

8.2 Using a ConfigMap to decouple configuration from the Pod manifest

8.2.1 Introducing ConfigMaps

8.2.2 Creating a ConfigMap object

8.2.3 Injecting ConfigMap values into environment variables

8.2.4 Updating and deleting ConfigMaps

8.3 Using Secrets to pass sensitive data to containers

8.3.1 Introducing Secrets

8.3.2 Creating a Secret

8.3.3 Using Secrets in containers

8.3.4 Understanding why Secrets aren’t always secure

8.4 Exposing metadata to containers via the Downward API

8.4.1 Introducing the Downward API

8.4.2 Injecting Pod metadata into environment variables

8.5 Summary

9 Adding Volumes for Storage, Configuration, and Metadata

9.1 Introducing volumes

9.1.1 Understanding when to use a volume

9.1.2 Understanding how volumes fit into pods

9.2 Using an emptyDir volume

9.2.1 Persisting files across container restarts

9.2.2 Initializing an emptyDir volume

9.2.3 Sharing files between containers

9.3 Mounting a container image as a volume

9.3.1 Introducing the image volume type

9.4 Accessing files on the worker node’s filesystem

9.4.1 Introducing the hostPath volume

9.4.2 Using a hostPath volume

9.5 ConfigMap, Secret, Downward API, and Projected volumes

9.5.1 Using a configMap volume to expose ConfigMap entries as files

9.5.2 How configMap volumes work

9.5.3 Using Secret volumes

9.5.4 Setting file permissions and ownership in a secret/configMap volume

9.5.5 Using a downwardAPI volume to expose pod metadata as files

9.5.6 Using projected volumes to combine volumes into one

9.6 Other volume types at a glance

9.7 Summary

10 Persisting Data with PersistentVolumes

10.1 Introducing persistent storage in Kubernetes

10.1.1 Introducing PersistentVolumeClaims and PersistentVolumes

10.1.2 Dynamic vs. Static provisioning of PersistentVolumes

10.2 Dynamically provisioning a PersistentVolume

10.2.1 Creating a PersistentVolumeClaim

10.2.2 Using PersistentVolumeClaims

10.2.3 Deleting a PersistentVolumeClaim and PersistentVolume

10.2.4 Understanding access modes

10.2.5 Understanding StorageClasses

10.2.6 About CSI drivers

10.3 Statically provisioning a PersistentVolume

10.3.1 Creating a node-local PersistentVolume

10.3.2 Claiming a pre-provisioned PersistentVolume

10.3.3 Releasing and recycling a manually provisioned PersistentVolume

10.4 Managing PersistentVolumes

10.4.1 Resizing PersistentVolumeClaims

10.4.2 Creating a snapshot of a PersistentVolumeClaim

10.4.3 Restoring a PersistentVolume from a snapshot

10.5 Creating ephemeral PersistentVolumes for individual Pods

10.5.1 Introducing the ephemeral volume type

10.5.2 Understanding the benefits of using an ephemeral volume

10.6 Summary

PART 4: CONNECTING AND EXPOSING APPLICATIONS

11 Exposing Pods with Services

11.1 Exposing pods via services

11.1.1 Introducing services

11.1.2 Creating and updating services

11.1.3 Accessing cluster-internal services

11.2 Exposing services externally

11.2.1 Exposing pods through a NodePort service

11.2.2 Exposing a service through an external load balancer

11.2.3 Configuring the external traffic policy for a service

11.3 Managing service endpoints

11.3.1 Introducing the Endpoints object

11.3.2 Introducing the EndpointSlice object

11.3.3 Managing service endpoints manually

11.4 Understanding DNS records for Service objects

11.4.1 Inspecting a service’s A and SRV records in DNS

11.4.2 Using headless services to connect to pods directly

11.4.3 Creating a CNAME alias for an existing service

11.5 Configuring services to route traffic to nearby endpoints

11.5.1 Forwarding traffic only within the same node with internalTrafficPolicy

11.5.2 Topology-aware hints

11.6 Managing the inclusion of a pod in service endpoints

11.6.1 Introducing readiness probes

11.6.2 Adding a readiness probe to a pod

11.6.3 Implementing real-world readiness probes

11.7 Summary

12 Using Ingress to Route Traffic to Services

12.1 Introducing Ingresses

12.1.1 Introducing the Ingress object kind

12.1.2 Introducing the Ingress controller and the reverse proxy

12.1.3 Installing an ingress controller

12.2 Creating and using Ingress objects

12.2.1 Exposing a service through an Ingress

12.2.2 Path-based ingress traffic routing

12.2.3 Using multiple rules in an Ingress object

12.2.4 Setting the default backend

12.3 Configuring TLS for an Ingress

12.3.1 Configuring the Ingress for TLS passthrough

12.3.2 Terminating TLS at the ingress

12.4 Additional Ingress configuration options

12.4.1 Configuring the Ingress using annotations

12.4.2 Configuring the Ingress using additional API objects

12.5 Using multiple ingress controllers

12.5.1 Introducing the IngressClass object kind

12.5.2 Specifying the IngressClass in the Ingress object

12.5.3 Adding parameters to an IngressClass

12.6 Using custom resources instead of services as backends

12.6.1 Using a custom object to configure Ingress routing

12.7 Summary

13 Routing Traffic using the Gateway API

13.1 Introducing the Gateway API

13.1.1 Comparing Gateway API to Ingress

13.1.2 Understanding the Gateway API implementation

13.1.3 Deploying Istio as the Gateway API provider

13.2 Deploying a Gateway

13.2.1 Understanding gateway classes

13.2.2 Creating a Gateway object

13.2.3 Exploring the Gateway’s status

13.3 Exposing HTTP services using HTTPRoute

13.3.1 Creating a simple HTTPRoute

13.3.2 Splitting traffic between multiple backends

13.3.3 Routing HTTP requests to different backends

13.3.4 Augmenting HTTP traffic with filters

13.4 Configuring a gateway for TLS

13.4.1 Terminating TLS sessions at the Gateway

13.4.2 End-to-end encryption using TLSRoutes and pass-through TLS

13.5 Exposing other types of Services

13.5.1 Exposing a TCP service with a TCPRoute

13.5.2 UDPRoute

13.5.3 GRPCRoute

13.6 Using Gateway API resources across Namespaces

13.6.1 Sharing a Gateway across Namespaces

13.6.2 Routing to a Service in a different Namespace

13.7 From ingress gateways to service mesh

13.8 Summary

PART 5: MANAGING APPLICATIONS WITH CONTROLLERS

14 Scaling and Maintaining Pods with ReplicaSets

14.1 Introducing ReplicaSets

14.1.1 Creating a ReplicaSet

14.1.2 Inspecting a ReplicaSet and its Pods

14.1.3 Understanding Pod ownership

14.2 Updating a ReplicaSet

14.2.1 Scaling a ReplicaSet

14.2.2 Updating the Pod template

14.3 Understanding the operation of the ReplicaSet controller

14.3.1 Introducing the reconciliation control loop

14.3.2 Understanding how the ReplicaSet controller reacts to Pod changes

14.3.3 Removing a Pod from the ReplicaSet’s control

14.4 Deleting a ReplicaSet

14.4.1 Deleting a ReplicaSet and all associated Pods

14.4.2 Deleting a ReplicaSet while preserving the Pods

14.5 Summary

15 Automating Application Updates with Deployments

15.1 Introducing Deployments

15.1.1 Creating a Deployment

15.1.2 Scaling a Deployment

15.1.3 Deleting a Deployment

15.2 Updating a Deployment

15.2.1 The Recreate strategy

15.2.2 The RollingUpdate strategy

15.2.3 Configuring how many Pods are replaced at a time

15.2.4 Pausing the rollout process

15.2.5 Updating to a faulty version

15.2.6 Rolling back a Deployment

15.3 Implementing other deployment strategies

15.3.1 The Canary deployment strategy

15.3.2 The A/B strategy

15.3.3 The Blue/Green strategy

15.3.4 Traffic shadowing

15.4 Summary

16 Handling Stateful Applications with StatefulSets

16.1 Introducing StatefulSets

16.1.1 Understanding stateful workload requirements

16.1.2 Comparing StatefulSets with Deployments

16.1.3 Creating a StatefulSet

16.1.4 Inspecting the StatefulSet, Pods, and PersistentVolumeClaims

16.1.5 Understanding the role of the headless Service

16.2 Understanding StatefulSet behavior

16.2.1 Understanding how a StatefulSet replaces missing Pods

16.2.2 Understanding how a StatefulSet handles node failures

16.2.3 Scaling a StatefulSet

16.2.4 Changing the PersistentVolumeClaim retention policy

16.2.5 Using the OrderedReady Pod management policy

16.3 Updating a StatefulSet

16.3.1 Using the RollingUpdate strategy

16.3.2 RollingUpdate with partition

16.3.3 OnDelete strategy

16.4 Managing stateful applications with Kubernetes Operators

16.4.1 Deploying the MongoDB community operator

16.4.2 Deploying MongoDB via the operator

16.4.3 Cleaning up

16.5 Summary

17 Deploying Per-Node Workloads with DaemonSets

17.1 Introducing DaemonSets

17.1.1 Understanding the DaemonSet object

17.1.2 Deploying Pods with a DaemonSet

17.1.3 Deploying to a subset of Nodes with a node selector

17.1.4 Updating a DaemonSet

17.1.5 Deleting the DaemonSet

17.2 Special features in Pods running node agents and daemons

17.2.1 Giving containers access to the OS kernel

17.2.2 Accessing the node’s filesystem

17.2.3 Using the node’s network and other namespaces

17.2.4 Marking daemon Pods as critical

17.3 Communicating with the local daemon Pod

17.3.1 Binding directly to a host port

17.3.2 Using the node’s network stack

17.3.3 Using a local Service

17.4 Summary

18 Batch Processing with Jobs and CronJobs

18.1 Running tasks with the Job resource

18.1.1 Introducing the Job resource

18.1.2 Running a task multiple times

18.1.3 Understanding how Job failures are handled

18.1.4 Parameterizing Pods in a Job

18.1.5 Running Jobs with a work queue

18.1.6 Communication between Job Pods

18.1.7 Sidecar containers in Job pods

18.2 Scheduling Jobs with CronJobs

18.2.1 Creating a CronJob

18.2.2 Configuring the schedule

18.2.3 Suspending and resuming a CronJob

18.2.4 Automatically removing finished Jobs

18.2.5 Setting a start deadline

18.2.6 Handling Job concurrency

18.2.7 Deleting a CronJob and its Jobs

18.3 Summary

Overview

17 Deploying Per-Node Workloads with DaemonSets

DaemonSets run exactly one Pod replica on each eligible node, making them ideal for per-node infrastructure such as log collectors, metrics agents, kube-proxy, and CNI plugins. Unlike Deployments, you don’t specify a replica count; the controller reconciles against the node list, creating one Pod per node and reacting to node joins/leaves and stray Pods. You can scope placement to certain nodes with a node selector, and, because control-plane nodes are usually tainted, add tolerations if the daemon must run there. This unified, Kubernetes-native approach replaces ad hoc node-level installation methods so you manage system daemons the same way as application workloads.

A DaemonSet defines a label selector and a Pod template; the controller injects nodeAffinity into each Pod so the scheduler targets a specific node. Its status reports node-oriented counts (desired, current, ready, available, updated, misscheduled), reflecting that updates may briefly run old/new Pods side-by-side on a node. You can dynamically move nodes into or out of scope by changing node labels, use standard labels (kubernetes.io/arch, kubernetes.io/os) for heterogeneous clusters, or split multi-arch images across multiple DaemonSets. Updates support RollingUpdate (defaults maxSurge=0, maxUnavailable=1, governed by minReadySeconds) for safe, one-node-at-a-time replacement, or OnDelete for manual, high-control rollouts of cluster-critical daemons; deleting the DaemonSet removes its Pods.

Node agents often need elevated host access. You can grant full privileges (privileged: true) or minimal kernel access via Linux capabilities, mount hostPath volumes to reach host files (for example, kernel modules or locks), and optionally share host namespaces (hostNetwork, and if required hostIPC/hostPID). Critical daemons should use PriorityClasses (for example, system-node-critical) so they preempt lower-priority workloads when resources are tight. For node-local client communication, three patterns are shown: bind a container port to a hostPort and let clients discover the node IP via the Downward API; run with hostNetwork and bind directly to a host port; or, preferably, expose the daemon through a ClusterIP Service configured with internalTrafficPolicy=Local, which routes each client Pod to the agent on its own node without opening node ports to the outside.

DaemonSets run a Pod replica on each node, whereas ReplicaSets scatter them around the cluster.

The DaemonSet controller’s reconciliation loop

A node selector is used to deploy DaemonSet Pods on a subset of cluster nodes.

How do we get client pods to only talk to the locally-running daemon Pod?

Exposing a daemon Pod via a host port

Exposing a daemon Pod by using the host node’s network namespace

Exposing daemon Pods via a Service with internal traffic policy set to Local

Summary

A DaemonSet object represents a set of daemon Pods distributed across the cluster Nodes so that exactly one daemon Pod instance runs on each node.
A DaemonSet is used to deploy daemons and agents that provide system-level services such as log collection, process monitoring, node configuration, and other services required by each cluster Node.
When you add a node selector to a DaemonSet, the daemon Pods are deployed only on a subset of all cluster Nodes.
A DaemonSet doesn't deploy Pods to control plane Nodes unless you configure the Pod to tolerate the Nodes' taints.
The DaemonSet controller ensures that a new daemon Pod is created when a new Node is added to the cluster, and that it’s removed when a Node is removed.
Daemon Pods are updated according to the update strategy specified in the DaemonSet. The RollingUpdate strategy updates Pods automatically and in a rolling fashion, whereas the OnDelete strategy requires you to manually delete each Pod for it to be updated.
If Pods deployed through a DaemonSet require extended access to the Node's resources, such as the file system, network environment, or privileged system calls, you configure this in the Pod template in the DaemonSet.
Daemon Pods should generally have a higher priority than Pods deployed via Deployments. This is achieved by setting a higher PriorityClass for the Pod.
Client Pods can communicate with local daemon Pods through a Service with internalTrafficPolicy set to Local, or through the Node's IP address if the daemon Pod is configured to use the node's network environment (hostNetwork) or a host port is forwarded to the Pod (hostPort).

FAQ

What is a DaemonSet and when should I use one?

A DaemonSet ensures exactly one Pod replica runs on each (eligible) node. It’s ideal for per-node system services such as log/metrics collectors, network/storage plugins, kube-proxy, or any agent that must run locally on every node or on a selected subset of nodes.

How does a DaemonSet decide where to run Pods and how is scheduling handled?

The DaemonSet controller reconciles nodes and Pods so that each eligible node has one matching Pod. It creates Pods with nodeAffinity targeting specific nodes and lets the Kubernetes Scheduler place them (instead of hard-setting nodeName). When nodes are added/removed, Pods are created/deleted accordingly; missing Pods are recreated and extra matching Pods are removed.

Why might I see fewer daemon Pods than the total number of nodes?

Control-plane nodes are typically tainted so normal workloads aren’t scheduled there. DaemonSets follow the same rule, so your controller might place Pods only on worker nodes. To include control-plane nodes, add tolerations (for example, a toleration with operator: Exists) to the Pod template so Pods can tolerate those node taints.

What’s the difference between a DaemonSet’s label selector and its node selector?

The label selector matches Pods to the DaemonSet and is immutable; it must match labels in the Pod template. The node selector filters which nodes are eligible to run the Pods and is mutable; you can change it to move nodes in or out of scope. Don’t confuse Pod label selectors with node selectors—they serve different purposes.

How can I run daemon Pods only on specific nodes?

Set spec.template.spec.nodeSelector in the DaemonSet to match desired node labels (for example, gpu: cuda or standard labels like kubernetes.io/arch=amd64, kubernetes.io/os=linux). You can dynamically include/exclude nodes by adding/removing labels. For heterogeneous architectures, either create multiple DaemonSets targeting different arch labels or use a single DaemonSet with a multi-arch image.

How do I inspect a DaemonSet and interpret its status?

Use kubectl get ds (optionally -o wide) for a quick view and kubectl describe ds for details and events. In the status: desiredNumberScheduled is how many nodes should run a Pod; currentNumberScheduled is how many do; numberReady/numberAvailable indicate readiness/availability; updatedNumberScheduled shows how many nodes have Pods matching the current template; numberMisscheduled counts nodes running a Pod that shouldn’t be.

How are DaemonSets updated and what strategies exist?

DaemonSets support RollingUpdate (default) and OnDelete. RollingUpdate typically uses maxSurge=0 and maxUnavailable=1, replacing Pods one node at a time after readiness and minReadySeconds. Many daemons shouldn’t run two instances per node, so maxSurge stays 0. OnDelete is semi-automatic: you delete Pods manually, and the controller recreates them with the new template—useful for careful, stepwise updates of critical agents.

What special privileges or host access do daemon Pods often require?

Node agents may need elevated kernel or host access. Options include: running privileged (broad kernel access), adding specific Linux capabilities (e.g., NET_ADMIN, NET_RAW) instead of full privilege, mounting hostPath volumes for files like /run/xtables.lock or /lib/modules, and using host namespaces such as hostNetwork (and optionally hostPID/hostIPC) when needed. Grant only the minimum required privileges.

How can client Pods reliably talk to the local daemon on the same node?

Three common approaches: 1) hostPort: map a node port to the container’s port and have clients connect to the node’s IP (clients can discover the node IP via the Downward API). 2) hostNetwork: run the agent on the node’s network and bind to a known port. 3) A Service with internalTrafficPolicy=Local: exposes Pods via cluster networking but routes only to Pods on the same node—cleanest and least invasive; prefer this unless you need external node-level access.

How do I make daemon Pods higher priority and ensure they aren’t evicted first?

Assign a PriorityClass via spec.template.spec.priorityClassName (for example, system-node-critical or system-cluster-critical, or your own). Higher-priority Pods can preempt lower-priority ones on a full node, ensuring critical agents like kube-proxy keep running.

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

eBook

pdf, ePub, online

$55.99 $27.99

you save $28.00 (50%)

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

eBook

$55.99 $27.99

you save $28.00 (50%)

eBook

pdf, ePub, online

$55.99 $27.99

you save $28.00 (50%)

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases
renews monthly, pause or cancel renewal anytime

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more