售 价:¥
温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印
为你推荐
Dedication
About Packt
Why subscribe?
Packt.com
Contributors
About the authors
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Get in touch
Reviews
Section 1: The Basics
Introduction to Docker and Kubernetes
Technical requirements
The foundational technologies that enable AKS
You build it, you run it
Everything is a file
Orchestration
Summary
Kubernetes on Azure (AKS)
Technical requirements
Entering the Azure portal
Creating an Azure portal account
Navigating the Azure portal
Creating your first AKS
Using Azure Cloud Shell
Summary
Section 2: Deploying on AKS
Application Deployment on AKS
Technical requirements
Deploying the sample guestbook application
Introducing the application
Deploying the first master
Examining the deployment
Redis master
Fully deploying of the sample guestbook application
Exposing the Redis master service
Deploying the Redis slaves
Deploying and exposing the frontend
Exposing the frontend service
The guestbook application in action
The helm way of installing complex applications
The helm init command
Installing WordPress
Persistent Volume Claims
Your own WordPress site
Summary
Scaling Your Application to Thousands of Deployments
Technical requirements
Scaling your application
Implementing independent scaling
Scaling the guestbook frontend component
Handling failure in AKS
Node failures
Diagnosing out-of-resource errors
Reducing the number of replicas to the bare minimum
Reducing CPU requirements
Cleanup of the guestbook deployment
Fixing storage mount issues
Starting the WordPress install
Persistent volumes
Handling node failure with PVC involvement
Upgrading your application
kubectl edit
Helm upgrade
Summary
Single Sign-On with Azure AD
Technical requirements
HTTPS support
Installing Ingress
Launching the Guestbook application
Adding Lets Ingress
Adding LetsEncrypt
Installing the certificate manager
Mapping the Azure FQDN to the nginx ingress public IP
Installing the certificate issuer
Creating the SSL certificate
Securing the frontend service connection
Authentication versus authorization
Authentication and common authN providers
Deploying the oauth2_proxy side car
Summary
Monitoring the AKS Cluster and the Application
Technical requirements
Commands for monitoring applications
kubectl get command
kubectl describe command
Debugging applications
Image Pull errors
Application errors
Scaling down the frontend
Introducing an app "error"
Logs
Metrics reported by Kubernetes
Node status and consumption
Metrics reported from OMS
AKS Insights
Cluster metrics
Container metrics, logs, and environmental variables
Logs
Summary
Operation and Maintenance of AKS Applications
Technical requirements
Service roles in Kubernetes
Deleting any AKS cluster without RBAC
Creating an AKS cluster with the Azure AD RBAC support
Creating the Azure AD server application
Setting the permissions for the application to access user info
Granting the permissions and noting the application ID
Creating the client application
Getting the AAD tenant ID
Deploying the cluster
Attaching service roles to AAD users
Creating users in your Active Directory
Creating a read-only group and adding the user to it
Verifying RBAC
Creating the read-only user role
Creating the cluster-wide, read-only role
Binding the role to the AAD group
The access test
Summary
Section 3: Leveraging Advanced Azure PaaS Services in Combination with AKS
Connecting an App to an Azure Database - Authorization
Technical requirements
Extending an app to connect to an Azure Database
WordPress backed by Azure MySQL
Prerequisites
Helm with RBAC
Deploying the service catalog on the cluster
Deploying Open Service Broker for Azure
Deploying WordPress
Securing MySQL
Running the WordPress sample with MySQL Database
Restoring from backup
Performing a restore
Connecting WordPress to the restored database
Modifying the host setting in WordPress deployment
Reviewing audit logs
Azure Database audits
DR options
Azure SQL HADR options
Summary
Connecting to Other Azure Services (Event Hub)
Technical requirements
Introducing to microservices
Microservices are no free lunch
Kubernetes and microservices
Deploying a set of microservices
Deploying Helm
Using Azure Event Hubs
Creating the Azure Event Hub
Updating the Helm files
Summary
Securing AKS Network Connections
Technical requirements
Setting up secrets management
Creating your own secrets
Creating secrets from files
Creating secrets manually using files
Creating generic secrets using literals
Creating the Docker registry key
Creating the tls secret
Using your secrets
Secrets as environment variables
Secrets as files
The Istio service mesh at your service
Installing Istio
Injecting Istio as a sidecar automatically
Enforcing mutual TLS
Deploying sample services
Globally enabling mutual TLS
Summary
Serverless Functions
Technical requirements
Kubeless services
Installing Kubeless
Install Kubeless binary
The hello world serverless function
Events and serverless functions
Creating and configuring Azure Functions
Integrating Kubeless with Azure Event Hubs via Azure Functions
Summary
Other Books You May Enjoy
Leave a review - let other readers know what you think
买过这本书的人还买过
读了这本书的人还在读
同类图书排行榜