Book Image

Hands-on Kubernetes on Azure, Third Edition - Third Edition

By : Nills Franssens, Shivakumar Gopalakrishnan, Gunther Lenz
Book Image

Hands-on Kubernetes on Azure, Third Edition - Third Edition

By: Nills Franssens, Shivakumar Gopalakrishnan, Gunther Lenz

Overview of this book

Containers and Kubernetes containers facilitate cloud deployments and application development by enabling efficient versioning with improved security and portability. With updated chapters on role-based access control, pod identity, storing secrets, and network security in AKS, this third edition begins by introducing you to containers, Kubernetes, and Azure Kubernetes Service (AKS), and guides you through deploying an AKS cluster in different ways. You will then delve into the specifics of Kubernetes by deploying a sample guestbook application on AKS and installing complex Kubernetes apps using Helm. With the help of real-world examples, you'll also get to grips with scaling your applications and clusters. As you advance, you'll learn how to overcome common challenges in AKS and secure your applications with HTTPS. You will also learn how to secure your clusters and applications in a dedicated section on security. In the final section, you’ll learn about advanced integrations, which give you the ability to create Azure databases and run serverless functions on AKS as well as the ability to integrate AKS with a continuous integration and continuous delivery (CI/CD) pipeline using GitHub Actions. By the end of this Kubernetes book, you will be proficient in deploying containerized workloads on Microsoft Azure with minimal management overhead.
Table of Contents (22 chapters)
1
Foreword
Free Chapter
2
Section 1: The Basics
5
Section 2: Deploying on AKS
11
Section 3: Securing your AKS cluster and workloads
16
Section 4: Integrating with Azure managed services
21
Index

Using the Azure Key Vault provider for Secrets Store CSI driver

Now that the CSI driver for Key Vault has been set up on your cluster, you are ready to start using it. In this section, you'll run through two examples of using the CSI driver for Key Vault. First, you will use it to mount a secret as a file in Kubernetes. Afterward, you will also use it to sync Key Vault secrets to Kubernetes secrets and use them as an environment variable.

Let's get started with the first example, how to mount Key Vault secrets as a file.

Mounting a Key Vault secret as a file

In this first example, you will create a new SecretProviderClass in your cluster. This object will allow you to link a secret in Key Vault to a pod in Kubernetes. After that, you'll create a pod that uses that SecretProviderClass and mounts the secrets in that pod. Let's get started:

  1. The SecretProviderClass requires you to know your Azure Active Directory tenant ID. To get this, run the...