Ebook details

Hands-on Kubernetes on Azure

Hands-on Kubernetes on Azure

Nills Franssens, Shivakumar Gopalakrishnan, Gunther Lenz

EBOOK
Buy a title on ebookpoint.pl

Understand the fundamentals of Kubernetes deployment on Azure with a learn-by-doing approach

Key Features

  • Get to grips with the fundamentals of containers and Kubernetes
  • Deploy containerized applications using the Kubernetes platform
  • Learn how you can scale your workloads and secure your application running in Azure Kubernetes Service

Book Description

Containers and Kubernetes containers facilitate cloud deployments and application development by enabling efficient versioning with improved security and portability.

With updated chapters on role-based access control, pod identity, storing secrets, and network security in AKS, this third edition begins by introducing you to containers, Kubernetes, and Azure Kubernetes Service (AKS), and guides you through deploying an AKS cluster in different ways. You will then delve into the specifics of Kubernetes by deploying a sample guestbook application on AKS and installing complex Kubernetes apps using Helm. With the help of real-world examples, you'll also get to grips with scaling your applications and clusters.

As you advance, you'll learn how to overcome common challenges in AKS and secure your applications with HTTPS. You will also learn how to secure your clusters and applications in a dedicated section on security. In the final section, you'll learn about advanced integrations, which give you the ability to create Azure databases and run serverless functions on AKS as well as the ability to integrate AKS with a continuous integration and continuous delivery (CI/CD) pipeline using GitHub Actions.

By the end of this Kubernetes book, you will be proficient in deploying containerized workloads on Microsoft Azure with minimal management overhead.

What you will learn

  • Plan, configure, and run containerized applications in production.
  • Use Docker to build applications in containers and deploy them on Kubernetes.
  • Monitor the AKS cluster and the application.
  • Monitor your infrastructure and applications in Kubernetes using Azure Monitor.
  • Secure your cluster and applications using Azure-native security tools.
  • Connect an app to the Azure database.
  • Store your container images securely with Azure Container Registry.
  • Install complex Kubernetes applications using Helm.
  • Integrate Kubernetes with multiple Azure PaaS services, such as databases, Azure Security Center, and Functions.
  • Use GitHub Actions to perform continuous integration and continuous delivery to your cluster.

Who this book is for

If you are an aspiring DevOps professional, system administrator, developer, or site reliability engineer interested in learning how to get the most out of containers and Kubernetes, then this book is for you.

  • Hands-on Kubernetes on Azure, Third Edition
  • Preface
    • Hands-on Kubernetes on Azure Third Edition
      • About the authors
      • About the reviewers
      • Learning objectives
      • Audience
      • Approach
      • Hardware and software requirements
      • Conventions
      • Downloading resources
  • Foreword
  • Section 1: The Basics
  • 1. Introduction to containers and Kubernetes
    • The software evolution that brought us here
      • Microservices
      • Advantages of running microservices
      • Disadvantages of running microservices
      • DevOps
      • Fundamentals of containers
      • Container images
    • Kubernetes as a container orchestration platform
      • Pods in Kubernetes
      • Deployments in Kubernetes
      • Services in Kubernetes
      • Azure Kubernetes Service
    • Summary
  • 2. Getting started with Azure Kubernetes Service
    • Different ways to create an AKS cluster
    • Getting started with the Azure portal
      • Creating your first AKS cluster
      • A quick overview of your cluster in the Azure portal
      • Accessing your cluster using Azure Cloud Shell
      • Deploying and inspecting your first demo application
      • Deploying the demo application
    • Summary
  • Section 2: Deploying on AKS
  • 3. Application deployment on AKS
    • Deploying the sample guestbook application step by step
      • Introducing the application
      • Deploying the Redis master
      • Examining the deployment
      • Redis master with a ConfigMap
    • Complete deployment of the sample guestbook application
      • Exposing the Redis master service
      • Deploying the Redis replicas
      • Deploying and exposing the front end
      • The guestbook application in action
    • Installing complex Kubernetes applications using Helm
      • Installing WordPress using Helm
    • Summary
  • 4. Building scalable applications
    • Scaling your application
      • Manually scaling your application
      • Scaling the guestbook front-end component
      • Using the HPA
    • Scaling your cluster
      • Manually scaling your cluster
      • Scaling your cluster using the cluster autoscaler
    • Upgrading your application
      • Upgrading by changing YAML files
      • Upgrading an application using kubectl edit
      • Upgrading an application using kubectl patch
      • Upgrading applications using Helm
    • Summary
  • 5. Handling common failures in AKS
    • Handling node failures
    • Solving out-of-resource failures
    • Fixing storage mount issues
      • Starting the WordPress installation
      • Using persistent volumes to avoid data loss
    • Summary
  • 6. Securing your application with HTTPS
    • Setting up Azure Application Gateway as a Kubernetes ingress
      • Creating a new application gateway
      • Setting up the AGIC
      • Adding an ingress rule for the guestbook application
    • Adding TLS to an ingress
      • Installing cert-manager
      • Installing the certificate issuer
      • Creating the TLS certificate and securing the ingress
    • Summary
  • 7. Monitoring the AKS cluster and the application
    • Commands for monitoring applications
      • The kubectl get command
      • The kubectl describe command
      • Debugging applications
    • Readiness and liveness probes
      • Building two web containers
      • Experimenting with liveness and readiness probes
    • Metrics reported by Kubernetes
      • Node status and consumption
      • Pod consumption
    • Using AKS Diagnostics
    • Azure Monitor metrics and logs
      • AKS Insights
    • Summary
  • Section 3: Securing your AKS cluster and workloads
  • 8. Role-based access control in AKS
    • RBAC in Kubernetes explained
    • Enabling Azure AD integration in your AKS cluster
    • Creating a user and group in Azure AD
    • Configuring RBAC in AKS
    • Verifying RBAC for a user
    • Summary
  • 9. Azure Active Directory pod-managed identities in AKS
    • An overview of Azure AD pod-managed identities
    • Setting up a new cluster with Azure AD pod-managed identities
    • Linking an identity to your cluster
    • Using a pod with managed identity
    • Summary
  • 10. Storing secrets in AKS
    • Different secret types in Kubernetes
    • Creating secrets in Kubernetes
      • Creating Secrets from files
      • Creating secrets manually using YAML files
      • Creating generic secrets using literals in kubectl
    • Using your secrets
      • Secrets as environment variables
      • Secrets as files
    • Installing the Azure Key Vault provider for Secrets Store CSI driver
      • Creating a managed identity
      • Creating a key vault
      • Installing the CSI driver for Key Vault
    • Using the Azure Key Vault provider for Secrets Store CSI driver
      • Mounting a Key Vault secret as a file
      • Using a Key Vault secret as an environment variable
    • Summary
  • 11. Network security in AKS
    • Networking and network security in AKS
      • Control plane networking
      • Workload networking
    • Control plane network security
      • Securing the control plane using authorized IP ranges
      • Securing the control plane using a private cluster
    • Workload network security
      • Securing the workload network using an internal load balancer
      • Securing the workload network using network security groups
      • Securing the workload network using network policies
    • Summary
  • Section 4: Integrating with Azure managed services
  • 12. Connecting an application to an Azure database
    • Azure Service Operator
      • What is ASO?
    • Installing ASO on your cluster
      • Creating a new AKS cluster
      • Creating a managed identity
      • Creating a key vault
      • Setting up ASO on your cluster
    • Deploying Azure Database for MySQL using ASO
    • Creating an application using the MySQL database
    • Summary
  • 13. Azure Security Center for Kubernetes
    • Setting up Azure Security Center for Kubernetes
    • Deploying offending workloads
    • Analyzing configuration using Azure Secure Score
    • Neutralizing threats using Azure Defender
    • Summary
  • 14. Serverless functions
    • Various functions platforms
    • Setting up the prerequisites
      • Azure Container Registry
      • Creating a VM
    • Creating an HTTP-triggered Azure function
    • Creating a queue-triggered function
      • Creating a queue
      • Creating a queue-triggered function
      • Scale testing functions
    • Summary
  • 15. Continuous integration and continuous deployment for AKS
    • CI/CD process for containers and Kubernetes
    • Setting up Azure and GitHub
    • Setting up a CI pipeline
    • Setting up a CD pipeline
    • Summary
    • Final thoughts
  • Index
  • Title:Hands-on Kubernetes on Azure
  • Author:Nills Franssens, Shivakumar Gopalakrishnan, Gunther Lenz
  • Original title:Hands-on Kubernetes on Azure
  • ISBN:9781801078917, 9781801078917
  • Date of issue:2021-05-17
  • Format:Ebook
  • Item ID: e_2a4u
  • Publisher: Packt Publishing