Book Image

Hands-On Kubernetes on Azure

By : Shivakumar Gopalakrishnan, Gunther Lenz
Book Image

Hands-On Kubernetes on Azure

By: Shivakumar Gopalakrishnan, Gunther Lenz

Overview of this book

Microsoft is now one of the most significant contributors to Kubernetes open source projects. Kubernetes helps to create, configure, and manage a cluster of virtual machines that are preconfigured to run containerized applications. This book will be your guide to performing successful container orchestration and deployment of Kubernetes clusters on Azure. You will get started by learning how to deploy and manage highly scalable applications, along with understanding how to set up a production-ready Kubernetes cluster on Azure. As you advance, you will learn how to reduce the complexity and operational overheads of managing a Kubernetes cluster on Azure. By the end of this book, you will not only be capable of deploying and managing Kubernetes clusters on Azure with ease, but also have the knowledge of best practices for working with advanced AKS concepts for complex systems.
Table of Contents (16 chapters)
Free Chapter
Section 1: The Basics
Section 2: Deploying on AKS
Section 3: Leveraging Advanced Azure PaaS Services in Combination with AKS

Single Sign-On with Azure AD

HTTPs has become a necessity for any public-facing website, given phishing attacks. Luckily, with the LetsEncrypt service and helpers in Kubernetes, it is very easy to set verified SSL certificates. In this chapter, we will see how to set up Ingress services and certificate managers to interface with LetsEncrypt.

Different approaches for authentication to the guestbook app will be explored in this chapter. We will look at the oauth2_proxy side car for adding authentication to the sample guest app using Azure AD. The reader will be able to secure apps with no built-in authentication easily. The authentication scheme can be extended to use GitHub, Google, GitLab, LinkedIn, or Facebook.

The following topics will be covered in this chapter:

  • Authentication and common authentication providers
  • Authentication versus authorization (AuthN versus AuthZ)
  • Deploying...