Book Image

Docker and Kubernetes for Java Developers

By : Jarosław Krochmalski
Book Image

Docker and Kubernetes for Java Developers

By: Jarosław Krochmalski

Overview of this book

Imagine creating and testing Java EE applications on Apache Tomcat Server or Wildfly Application server in minutes along with deploying and managing Java applications swiftly. Sounds too good to be true? But you have a reason to cheer as such scenarios are only possible by leveraging Docker and Kubernetes. This book will start by introducing Docker and delve deep into its networking and persistent storage concepts. You will then proceed to learn how to refactor monolith application into separate services by building an application and then packaging it into Docker containers. Next, you will create an image containing Java Enterprise Application and later run it using Docker. Moving on, the book will focus on Kubernetes and its features and you will learn to deploy a Java application to Kubernetes using Maven and monitor a Java application in production. By the end of the book, you will get hands-on with some more advanced topics to further extend your knowledge about Docker and Kubernetes.
Table of Contents (12 chapters)
11
More Resources

Authorization

The next step after the successful authentication is to check what operations are allowed for the authenticated user. Kubernetes supports four types of authorization policy schemes as of today. To utilize the specific authorization schema, use the --authorization-mode switch when starting api-server. The syntax is:

$ kube-apiserver --authorization-mode <mode>  

The <mode> parameter contains an ordered list of authorization plugins that Kubernetes is supposed to authenticate users with. When multiple authentication plugins are enabled, the first one that will successfully authenticate the request will make Kubernetes skip executing all remaining plugins.

The default authorization mode is AlwaysAllow, which allows all requests.

The following authorization schemes are supported:

  • Attribute-based control
  • Role-based control
  • Webhook
  • AlwaysDeny
  • AlwaysAllow
...