Cover image for Hands-on Kubernetes on Azure - Third Edition

Hands-on Kubernetes on Azure - Third Edition

Release Date: 2021/05/01
ISBN: 9781801079945
Topic:
0%
24
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Understand the fundamentals of Kubernetes deployment on Azure with a learn-by-doing approach

Key Features

  • Get to grips with the fundamentals of containers and Kubernetes
  • Deploy containerized applications using the Kubernetes platform
  • Learn how you can scale your workloads and secure your application running in Azure Kubernetes Service

Book Description

Containers and Kubernetes containers facilitate cloud deployments and application development by enabling efficient versioning with improved security and portability.

With updated chapters on role-based access control, pod identity, storing secrets, and network security in AKS, this third edition begins by introducing you to containers, Kubernetes, and Azure Kubernetes Service (AKS), and guides you through deploying an AKS cluster in different ways. You will then delve into the specifics of Kubernetes by deploying a sample guestbook application on AKS and installing complex Kubernetes apps using Helm. With the help of real-world examples, you'll also get to grips with scaling your applications and clusters.

As you advance, you'll learn how to overcome common challenges in AKS and secure your applications with HTTPS. You will also learn how to secure your clusters and applications in a dedicated section on security. In the final section, you'll learn about advanced integrations, which give you the ability to create Azure databases and run serverless functions on AKS as well as the ability to integrate AKS with a continuous integration and continuous delivery (CI/CD) pipeline using GitHub Actions.

By the end of this Kubernetes book, you will be proficient in deploying containerized workloads on Microsoft Azure with minimal management overhead.

What you will learn

  • Plan, configure, and run containerized applications in production.
  • Use Docker to build applications in containers and deploy them on Kubernetes.
  • Monitor the AKS cluster and the application.
  • Monitor your infrastructure and applications in Kubernetes using Azure Monitor.
  • Secure your cluster and applications using Azure-native security tools.
  • Connect an app to the Azure database.
  • Store your container images securely with Azure Container Registry.
  • Install complex Kubernetes applications using Helm.
  • Integrate Kubernetes with multiple Azure PaaS services, such as databases, Azure Security Center, and Functions.
  • Use GitHub Actions to perform continuous integration and continuous delivery to your cluster.

Who this book is for

If you are an aspiring DevOps professional, system administrator, developer, or site reliability engineer interested in learning how to get the most out of containers and Kubernetes, then this book is for you.

Table of Contents

  1. Hands-on Kubernetes on Azure, Third Edition
  2. Preface
    1. Hands-on Kubernetes on Azure – Third Edition
    2. About the authors
    3. About the reviewers
    4. Learning objectives
    5. Audience
    6. Approach
    7. Hardware and software requirements
    8. Conventions
    9. Downloading resources
  3. Foreword
  4. Section 1: The Basics
  5. 1. Introduction to containers and Kubernetes
    1. The software evolution that brought us here
    2. Microservices
    3. Advantages of running microservices
    4. Disadvantages of running microservices
    5. DevOps
    6. Fundamentals of containers
    7. Container images
    8. Kubernetes as a container orchestration platform
    9. Pods in Kubernetes
    10. Deployments in Kubernetes
    11. Services in Kubernetes
    12. Azure Kubernetes Service
    13. Summary
  6. 2. Getting started with Azure Kubernetes Service
    1. Different ways to create an AKS cluster
    2. Getting started with the Azure portal
    3. Creating your first AKS cluster
    4. A quick overview of your cluster in the Azure portal
    5. Accessing your cluster using Azure Cloud Shell
    6. Deploying and inspecting your first demo application
    7. Deploying the demo application
    8. Summary
  7. Section 2: Deploying on AKS
  8. 3. Application deployment on AKS
    1. Deploying the sample guestbook application step by step
    2. Introducing the application
    3. Deploying the Redis master
    4. Examining the deployment
    5. Redis master with a ConfigMap
    6. Complete deployment of the sample guestbook application
    7. Exposing the Redis master service
    8. Deploying the Redis replicas
    9. Deploying and exposing the front end
    10. The guestbook application in action
    11. Installing complex Kubernetes applications using Helm
    12. Installing WordPress using Helm
    13. Summary
  9. 4. Building scalable applications
    1. Scaling your application
    2. Manually scaling your application
    3. Scaling the guestbook front-end component
    4. Using the HPA
    5. Scaling your cluster
    6. Manually scaling your cluster
    7. Scaling your cluster using the cluster autoscaler
    8. Upgrading your application
    9. Upgrading by changing YAML files
    10. Upgrading an application using kubectl edit
    11. Upgrading an application using kubectl patch
    12. Upgrading applications using Helm
    13. Summary
  10. 5. Handling common failures in AKS
    1. Handling node failures
    2. Solving out-of-resource failures
    3. Fixing storage mount issues
    4. Starting the WordPress installation
    5. Using persistent volumes to avoid data loss
    6. Summary
  11. 6. Securing your application with HTTPS
    1. Setting up Azure Application Gateway as a Kubernetes ingress
    2. Creating a new application gateway
    3. Setting up the AGIC
    4. Adding an ingress rule for the guestbook application
    5. Adding TLS to an ingress
    6. Installing cert-manager
    7. Installing the certificate issuer
    8. Creating the TLS certificate and securing the ingress
    9. Summary
  12. 7. Monitoring the AKS cluster and the application
    1. Commands for monitoring applications
    2. The kubectl get command
    3. The kubectl describe command
    4. Debugging applications
    5. Readiness and liveness probes
    6. Building two web containers
    7. Experimenting with liveness and readiness probes
    8. Metrics reported by Kubernetes
    9. Node status and consumption
    10. Pod consumption
    11. Using AKS Diagnostics
    12. Azure Monitor metrics and logs
    13. AKS Insights
    14. Summary
  13. Section 3: Securing your AKS cluster and workloads
  14. 8. Role-based access control in AKS
    1. RBAC in Kubernetes explained
    2. Enabling Azure AD integration in your AKS cluster
    3. Creating a user and group in Azure AD
    4. Configuring RBAC in AKS
    5. Verifying RBAC for a user
    6. Summary
  15. 9. Azure Active Directory pod‑managed identities in AKS
    1. An overview of Azure AD pod-managed identities
    2. Setting up a new cluster with Azure AD pod-managed identities
    3. Linking an identity to your cluster
    4. Using a pod with managed identity
    5. Summary
  16. 10. Storing secrets in AKS
    1. Different secret types in Kubernetes
    2. Creating secrets in Kubernetes
    3. Creating Secrets from files
    4. Creating secrets manually using YAML files
    5. Creating generic secrets using literals in kubectl
    6. Using your secrets
    7. Secrets as environment variables
    8. Secrets as files
    9. Installing the Azure Key Vault provider for Secrets Store CSI driver
    10. Creating a managed identity
    11. Creating a key vault
    12. Installing the CSI driver for Key Vault
    13. Using the Azure Key Vault provider for Secrets Store CSI driver
    14. Mounting a Key Vault secret as a file
    15. Using a Key Vault secret as an environment variable
    16. Summary
  17. 11. Network security in AKS
    1. Networking and network security in AKS
    2. Control plane networking
    3. Workload networking
    4. Control plane network security
    5. Securing the control plane using authorized IP ranges
    6. Securing the control plane using a private cluster
    7. Workload network security
    8. Securing the workload network using an internal load balancer
    9. Securing the workload network using network security groups
    10. Securing the workload network using network policies
    11. Summary
  18. Section 4: Integrating with Azure managed services
  19. 12. Connecting an application to an Azure database
    1. Azure Service Operator
    2. What is ASO?
    3. Installing ASO on your cluster
    4. Creating a new AKS cluster
    5. Creating a managed identity
    6. Creating a key vault
    7. Setting up ASO on your cluster
    8. Deploying Azure Database for MySQL using ASO
    9. Creating an application using the MySQL database
    10. Summary
  20. 13. Azure Security Center for Kubernetes
    1. Setting up Azure Security Center for Kubernetes
    2. Deploying offending workloads
    3. Analyzing configuration using Azure Secure Score
    4. Neutralizing threats using Azure Defender
    5. Summary
  21. 14. Serverless functions
    1. Various functions platforms
    2. Setting up the prerequisites
    3. Azure Container Registry
    4. Creating a VM
    5. Creating an HTTP-triggered Azure function
    6. Creating a queue-triggered function
    7. Creating a queue
    8. Creating a queue-triggered function
    9. Scale testing functions
    10. Summary
  22. 15. Continuous integration and continuous deployment for AKS
    1. CI/CD process for containers and Kubernetes
    2. Setting up Azure and GitHub
    3. Setting up a CI pipeline
    4. Setting up a CD pipeline
    5. Summary
    6. Final thoughts
  23. Index
18.222.179.186