Book Image

Hands-On Kubernetes on Azure - Second Edition

By : Nills Franssens, Shivakumar Gopalakrishnan, Gunther Lenz
Book Image

Hands-On Kubernetes on Azure - Second Edition

By: Nills Franssens, Shivakumar Gopalakrishnan, Gunther Lenz

Overview of this book

From managing versioning efficiently to improving security and portability, technologies such as Kubernetes and Docker have greatly helped cloud deployments and application development. Starting with an introduction to Docker, Kubernetes, and Azure Kubernetes Service (AKS), this book will guide you through deploying an AKS cluster in different ways. You’ll then explore the Azure portal by deploying a sample guestbook application on AKS and installing complex Kubernetes apps using Helm. With the help of real-world examples, you'll also get to grips with scaling your application and cluster. As you advance, you'll understand how to overcome common challenges in AKS and secure your application with HTTPS and Azure AD (Active Directory). Finally, you’ll explore serverless functions such as HTTP triggered Azure functions and queue triggered functions. By the end of this Kubernetes book, you’ll be well-versed with the fundamentals of Azure Kubernetes Service and be able to deploy containerized workloads on Microsoft Azure with minimal management overhead.
Table of Contents (16 chapters)
1
Section 1: The Basics
4
Section 2: Deploying on AKS
10
Section 3: Leveraging advanced Azure PaaS services
15
Index

Setting up secrets management

All production applications require some secret information to function. Kubernetes has a pluggable Secrets back end to manage these secrets. Kubernetes also provides multiple ways of using the secrets in your Deployment. The ability to manage secrets and properly use the Secrets back end will make your services resistant to attacks.

We have used secrets in some of our Deployments in previous chapters. Mostly, we passed the secrets as a string in some kind of variable, or Helm took care of creating the secrets for us. In Kubernetes, secrets are a resource, just like Pods and ReplicaSets. Secrets are always tied to a specific namespace. Secrets have to be created in all the namespaces where you want to use them. In this section, we'll learn how to create, decode, and use our own secrets. We will start by using the built-in secrets from Kubernetes, and finish by leveraging Azure Key Vault to store secrets.

Creating your own secrets

Kubernetes...