Learn Advanced Kubernetes for Your Enterprise

Learn what it takes to run Kubernetes in your enterprise. Written from the perspective of both development and operations you'll learn how to build a GitOps based platform while adding the important security and management systems enterprises need. Authentication with OpenID Connect, RBAC, policy enforcement and node security with GateKeeper, Falco, logging, Istio, and ArgoCD!

Available on Amazon

order Now

Now available for pre-order on Amazon

pre-order Now

Get 25% off through November 15th with code


Kubernetes - An Enterprise Guide 2nd Edition

Effectively containerize applications, integrate enterprise systems, and scale applications in your enterprise

After years of disappointment encountering "complete" guides to using Kubernetes in enterprise environments which ultimately fell short - we decided to write one ourselves!

The book begins by introducing you to Kubernetes fundamentals, including a review of basic Kubernetes objects. You'll then get to grips with containerization and understand its core functionalities, including how to create ephemeral multinode clusters using KinD. As you make progress, you'll learn about cluster architecture, Kubernetes cluster deployment, and cluster management, and get started with application deployment. Moving on, you'll find out how to integrate your container to a cloud platform and integrate tools including MetalLB, externalDNS, OpenID connect (OIDC), Open Policy Agent (OPA) and GateKeeper, Falco, and Velero. Finally, you will discover how to deploy an entire platform to the cloud using continuous integration and continuous delivery (CI/CD).

Level Up Your Cluster Skills

Kubernetes - An Enterprise Guide 2nd Edition is perfect for anyone looking to advance their knowledge of DevOps and containerization and apply new concepts across an enterprise. Lessons are designed to appeal to any level of expertise, from those just learning Kubernetes to experienced DevOps Engineers.

  • Find out how to add enterprise features to a Kubernetes cluster with theory and exercises to guide you

  • Understand advanced topics including load balancing, externalDNS, IDP integration, security, auditing, backup, and CI/CD

  • Create development clusters for unique testing requirements, including running multiple clusters on a single server to simulate an enterprise environment

Topics Covered

  • Create a multinode Kubernetes cluster using kind

  • Implement Ingress, MetalLB, and ExternalDNS

  • Configure a cluster OIDC using impersonation

  • Map enterprise authorization to Kubernetes

  • Secure clusters using OPA and GateKeeper

  • Enhance auditing using Falco and EFK

  • Back up your workload for disaster recovery and cluster migration

  • Deploy to a platform using Tekton, GitLab, and ArgoCD

Need a Cluster Refresher?

New to Kubernetes or need a refresher? Our enterprise guide includes a Kubernetes bootcamp to refresh your knowledge of Kuberntes and guide you through basic concepts which recur throughout the book.

Preorder on Amazon

About the Authors

Marc Boorshtein

Marc has been a software engineer and consultant for nearly twenty years and is currently the CTO of Tremolo Security, Inc. Marc has spent most of his career building identity management solutions for large enterprises, U.S. Government civilian agencies, and local government public safety systems. In recent years, Marc has focused on applying identity to DevOps and Kubernetes building open source tools for automating the security of infrastructure. Marc is a CKAD, and can often be found in the Kubernetes slack channels answering questions about authentication and authorization.

Scott Surovich

Scott is the Container engineering lead for a G-SIFI Global Bank where he has been focused on global design and standards for Kubernetes on-prem clusters. An evangilist for containers and Kubernetes, he has presented GKE networking in the enterprise at Google Next and Multi-tenant Kubernetes clusters in the enterprise at Kubecon. He is an active member of the CNCF's Financial services working group, worked with the Kubernetes multi-tenancy working group and has been a developer advocate for Tremolo Security's OpenUnison. Scott is also in the first group of Google Cloud Certified Fellow: Hybrid Multi-Cloud certification.