Book Image

Hands-On Kubernetes on Azure

By : Shivakumar Gopalakrishnan, Gunther Lenz
Book Image

Hands-On Kubernetes on Azure

By: Shivakumar Gopalakrishnan, Gunther Lenz

Overview of this book

Microsoft is now one of the most significant contributors to Kubernetes open source projects. Kubernetes helps to create, configure, and manage a cluster of virtual machines that are preconfigured to run containerized applications. This book will be your guide to performing successful container orchestration and deployment of Kubernetes clusters on Azure. You will get started by learning how to deploy and manage highly scalable applications, along with understanding how to set up a production-ready Kubernetes cluster on Azure. As you advance, you will learn how to reduce the complexity and operational overheads of managing a Kubernetes cluster on Azure. By the end of this book, you will not only be capable of deploying and managing Kubernetes clusters on Azure with ease, but also have the knowledge of best practices for working with advanced AKS concepts for complex systems.

Related Content you might be interested in

Current Title:

Small book image
Hands-On Kubernetes on Azure
Shivakumar Gopalakrishnan | Gunther Lenz
Mar, 2019 | 258 pages
Small book image
Hands-on Kubernetes on Azure, Third Edition
Gunther Lenz | Shivakumar Gopalakrishnan | Nills Franssens
May, 2021 | 528 pages
Small book image
Kubernetes for Developers
Joseph Heck
Apr, 2018 | 374 pages
Small book image
The DevOps 2.3 Toolkit
Viktor Farcic
Sep, 2018 | 418 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Section 1: The Basics
Section 1: The Basics
2
Introduction to Docker and Kubernetes
Introduction to Docker and Kubernetes
Technical requirements
The foundational technologies that enable AKS
Summary
3
Kubernetes on Azure (AKS)
Kubernetes on Azure (AKS)
Technical requirements
Entering the Azure portal
Navigating the Azure portal
Summary
4
Section 2: Deploying on AKS
Section 2: Deploying on AKS
5
Application Deployment on AKS
Application Deployment on AKS
Technical requirements
Deploying the sample guestbook application
Fully deploying of the sample guestbook application
The helm way of installing complex applications
Summary
6
Scaling Your Application to Thousands of Deployments
Scaling Your Application to Thousands of Deployments
Technical requirements
Scaling your application
Handling failure in AKS
Upgrading your application
Summary
7
Single Sign-On with Azure AD
Single Sign-On with Azure AD
Technical requirements
HTTPS support
Authentication versus authorization
Deploying the oauth2_proxy side car
Summary
8
Monitoring the AKS Cluster and the Application
Monitoring the AKS Cluster and the Application
Technical requirements
Commands for monitoring applications
Debugging applications
Metrics reported by Kubernetes
Metrics reported from OMS
Summary
9
Operation and Maintenance of AKS Applications
Operation and Maintenance of AKS Applications
Technical requirements
Service roles in Kubernetes
Attaching service roles to AAD users
Verifying RBAC
Summary
10
Section 3: Leveraging Advanced Azure PaaS Services in Combination with AKS
Section 3: Leveraging Advanced Azure PaaS Services in Combination with AKS
11
Connecting an App to an Azure Database - Authorization
Connecting an App to an Azure Database - Authorization
Technical requirements
Extending an app to connect to an Azure Database
Restoring from backup
Reviewing audit logs
DR options
Summary
12
Connecting to Other Azure Services (Event Hub)
Connecting to Other Azure Services (Event Hub)
Technical requirements
Introducing to microservices
Deploying a set of microservices
Using Azure Event Hubs
Summary
13
Securing AKS Network Connections
Securing AKS Network Connections
Technical requirements
Setting up secrets management
The Istio service mesh at your service
Summary
14
Serverless Functions
Serverless Functions
Technical requirements
Kubeless services
Events and serverless functions
Summary
15
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

The Istio service mesh at your service

We have found a number of ways to secure our pods, but our network connections are still open. Any pod in the cluster can talk to any other pod in the same cluster. As a site reliability engineer, you will want to enforce both ingress and egress rules. As a developer, you don't want to be bothered by it as you won't have information on where your application will be deployed, as well as what is allowed and what is not. If only there was a way that we could run the applications as is, while still specifying network policies.

Enter service mesh—this is defined as the layer that controls service-to-service communication. Just as with microservices, service mesh implementation is not a free lunch. If you don't have hundreds of microservices running, you probably don't need a service mesh. If you decide that you really...

Previous Section
End of Section 4
Next Section