Book Image

DevSecOps in Practice with VMware Tanzu

By : Parth Pandit, Robert Hardt
Book Image

DevSecOps in Practice with VMware Tanzu

By: Parth Pandit, Robert Hardt

Overview of this book

As Kubernetes (or K8s) becomes more prolific, managing large clusters at scale in a multi-cloud environment becomes more challenging – especially from a developer productivity and operational efficiency point of view. DevSecOps in Practice with VMware Tanzu addresses these challenges by automating the delivery of containerized workloads and controlling multi-cloud Kubernetes operations using Tanzu tools. This comprehensive guide begins with an overview of the VMWare Tanzu platform and discusses its tools for building useful and secure applications using the App Accelerator, Build Service, Catalog service, and API portal. Next, you’ll delve into running those applications efficiently at scale with Tanzu Kubernetes Grid and Tanzu Application Platform. As you advance, you’ll find out how to manage these applications, and control, observe, and connect them using Tanzu Mission Control, Tanzu Observability, and Tanzu Service Mesh. Finally, you’ll explore the architecture, capabilities, features, installation, configuration, implementation, and benefits of these services with the help of examples. By the end of this VMware book, you’ll have gained a thorough understanding of the VMWare Tanzu platform and be able to efficiently articulate and solve real-world business problems.

Related Content you might be interested in

Current Title:

Small book image
DevSecOps in Practice with VMware Tanzu
Parth Pandit | Robert Hardt
Jan, 2023 | 436 pages
Small book image
VMware Cloud on AWS Blueprint
Michael Schwartzman | Oleg Ulyanov | Sreeharsha Sanku
Feb, 2024 | 388 pages
Small book image
Kubernetes in Production Best Practices
Murat Karslioglu | Aly Saleh
Mar, 2021 | 292 pages
Small book image
Achieving Digital Transformation Using Hybrid Cloud
Praveen Rajagopalan | Ishu Verma | Vikas Grover
Jul, 2023 | 234 pages
Table of Contents (19 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1 – Building Cloud-Native Applications on the Tanzu Platform
Part 1 – Building Cloud-Native Applications on the Tanzu Platform
Free Chapter
2
Chapter 1: Understanding the Need to Move to a Cloud Platform
Chapter 1: Understanding the Need to Move to a Cloud Platform
The challenges of running a software supply chain
The emergence of the cloud and containers
Kubernetes
Outcome-driven approach
The need for VMware Tanzu
Features, tools, benefits, and applications of VMware Tanzu
Prerequisites
Summary
3
Chapter 2: Developing Cloud-Native Applications
Chapter 2: Developing Cloud-Native Applications
The business needs addressed by App Accelerator
Technical requirements
Overview of App Accelerator
Getting started with App Accelerator
Advanced topics on App Accelerator
Day-2 operations with App Accelerator
Cloud-native development frameworks under the Tanzu umbrella
Summary
4
Chapter 3: Building Secure Container Images with Build Service
Chapter 3: Building Secure Container Images with Build Service
Technical requirements
Why Tanzu Build Service?
Unboxing Tanzu Build Service
Getting started with Tanzu Build Service
Common day-2 activities for Tanzu Build Service
Summary
5
Chapter 4: Provisioning Backing Services for Applications
Chapter 4: Provisioning Backing Services for Applications
Technical requirements
Why VMware Application Catalog?
What VMware Application Catalog is
Getting started with VMware Application Catalog
Common day-two activities with VAC
Summary
6
Chapter 5: Defining and Managing Business APIs
Chapter 5: Defining and Managing Business APIs
Spring Cloud Gateway for Kubernetes and API Portal for VMware Tanzu – overview
Why Spring Cloud Gateway for Kubernetes?
Why API Portal for VMware Tanzu?
Technical requirements
Spring Cloud Gateway for Kubernetes – getting started
API Portal for VMware Tanzu – getting started
Spring Cloud Gateway for Kubernetes and API Portal for VMware Tanzu – real-world use case
Common day-2 operations with Tanzu Application Accelerator
Summary
7
Part 2 – Running Cloud-Native Applications on Tanzu
Part 2 – Running Cloud-Native Applications on Tanzu
8
Chapter 6: Managing Container Images with Harbor
Chapter 6: Managing Container Images with Harbor
Why Harbor?
Unboxing Harbor
Getting started with Harbor
Common day-2 operations with Harbor
Summary
9
Chapter 7: Orchestrating Containers across Clouds with Tanzu Kubernetes Grid
Chapter 7: Orchestrating Containers across Clouds with Tanzu Kubernetes Grid
Why Tanzu Kubernetes Grid?
Unboxing Tanzu Kubernetes Grid
Getting started with Tanzu Kubernetes Grid
Common day-2 operations with Tanzu Kubernetes Grid
Summary
10
Chapter 8: Enhancing Developer Productivity with Tanzu Application Platform
Chapter 8: Enhancing Developer Productivity with Tanzu Application Platform
Why should I use Tanzu Application Platform?
The building blocks of Tanzu Application Platform
Day 1 – installing and configuring Tanzu Application Platform
Day 2 – deploying applications to Tanzu Application Platform
Day 3 – common operational activities on Tanzu Application Platform
Next steps
Summary
11
Part 3 – Managing Modern Applications on the Tanzu Platform
Part 3 – Managing Modern Applications on the Tanzu Platform
12
Chapter 9: Managing and Controlling Kubernetes Clusters with Tanzu Mission Control
Chapter 9: Managing and Controlling Kubernetes Clusters with Tanzu Mission Control
Why TMC?
Getting started with TMC
Protecting cluster data using TMC
Applying governance policies to clusters using TMC
Summary
13
Chapter 10: Realizing Full-Stack Visibility with VMware Aria Operations for Applications
Chapter 10: Realizing Full-Stack Visibility with VMware Aria Operations for Applications
Why Aria?
Unboxing Aria
Getting started with Aria
Working with charts and dashboards
Working with alerts
Summary
14
Chapter 11: Enabling Secure Inter-Service Communication with Tanzu Service Mesh
Chapter 11: Enabling Secure Inter-Service Communication with Tanzu Service Mesh
Why Tanzu Service Mesh?
Features and capabilities of Tanzu Service Mesh
How to get started with Tanzu Service Mesh
How to perform key day-2 operations on Tanzu Service Mesh
GSLB with NSX-T Advanced Load Balancer and Tanzu Service Mesh
Summary
15
Chapter 12: Bringing It All Together
Chapter 12: Bringing It All Together
Tanzu adoption options
Tanzu beyond this book
The end-to-end picture
Pros and cons of a single-vendor solution
The future of Kubernetes
What is next for Tanzu?
Summary
16
Index
Index
Why subscribe?
17
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book
Appendix
Appendix
Additional learning resources from VMware
Different ways to create a Kubernetes cluster

The challenges of running a software supply chain

VMware Tanzu is a modular software application platform that runs natively on multiple clouds and is geared toward important business outcomes such as developer productivity, operator efficiency, and security by default. If you are looking for a hands-on detailed treatment of VMware Tanzu, you won’t be disappointed.

However, before diving into the platform’s components, it may help to understand some history and background. If you’re reading this, there’s a good chance you participate in the coding, designing, architecting, operating, monitoring, or managing of software. However, you may not have considered that you are participating in a supply chain.

According to Adam Hayes in his Investopedia article, The Supply Chain: From Raw Materials to Order Fulfillment, a supply chain “refers to the network of organizations, people, activities, information and resources involved in delivering a product or service to a consumer.”

When a piece of software makes the journey from a developer’s workstation to an end user, that’s as much of a supply chain as when Red Bull and ramen noodles make the trek from raw ingredients to a production facility to a warehouse to the neighborhood grocery store.

Every supply chain has its own set of challenges, and software supply chains are no exception. Most software written today consists of libraries and frameworks containing millions of lines of open source software developed by people who are essentially anonymous and whose motivations are not entirely clear.

Much of that software changes hands many times as it moves from an open source repository to the developer, to source control, to building and packaging, to testing, to staging, and finally, to running in production. Furthermore, the infrastructure on which that software runs is often open source as well, with a worldwide community of hackers working to identify vulnerabilities in the operating systems, network protocol implementations, and utilities that make up the dial tone that your software runs on. This ecosystem presents an enormous surface area for bad things to happen.

For further reading on real-world examples of what can go wrong with software supply chains, I’d recommend a quick search of the web for the 2020 SolarWinds incident or the 2021 emergence of Log4Shell (CVE-2021-44228). The authors of this book, in their capacity as Tanzu solution engineers, have seen first-hand the impact software supply chain issues can have across the financial, government, telecom, retail, and entertainment sectors.

Previous Section
End of Section 2
Next Section