Book Image

DevSecOps in Practice with VMware Tanzu

By : Parth Pandit, Robert Hardt
Book Image

DevSecOps in Practice with VMware Tanzu

By: Parth Pandit, Robert Hardt

Overview of this book

As Kubernetes (or K8s) becomes more prolific, managing large clusters at scale in a multi-cloud environment becomes more challenging – especially from a developer productivity and operational efficiency point of view. DevSecOps in Practice with VMware Tanzu addresses these challenges by automating the delivery of containerized workloads and controlling multi-cloud Kubernetes operations using Tanzu tools. This comprehensive guide begins with an overview of the VMWare Tanzu platform and discusses its tools for building useful and secure applications using the App Accelerator, Build Service, Catalog service, and API portal. Next, you’ll delve into running those applications efficiently at scale with Tanzu Kubernetes Grid and Tanzu Application Platform. As you advance, you’ll find out how to manage these applications, and control, observe, and connect them using Tanzu Mission Control, Tanzu Observability, and Tanzu Service Mesh. Finally, you’ll explore the architecture, capabilities, features, installation, configuration, implementation, and benefits of these services with the help of examples. By the end of this VMware book, you’ll have gained a thorough understanding of the VMWare Tanzu platform and be able to efficiently articulate and solve real-world business problems.
Table of Contents (19 chapters)
Part 1 – Building Cloud-Native Applications on the Tanzu Platform
Part 2 – Running Cloud-Native Applications on Tanzu
Part 3 – Managing Modern Applications on the Tanzu Platform

Day 3 – common operational activities on Tanzu Application Platform

Thus far, we’ve installed a fully functional application platform, but in some ways, it still may feel like a toy. For instance, no enterprise is going to allow workloads to be deployed without TLS. Also, the platform is a bit of a black box that takes our source code and turns it into a running application. How can we know that what’s running on the platform is the exact code we checked in? Going in depth into these topics is a bit beyond the scope of this book, but what I will do is describe some additional operational tasks and the problems they solve, and point you to some useful in-depth resources for more information.

Securing running workloads with TAP GUI with TLS

For an application platform in the enterprise, securing all web endpoints with TLS is non-negotiable. There are a few options that I’ll list here. Some involve procuring the certificate outside of Kubernetes and supplying...