DevSecOps in Practice with VMware Tanzu: Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio

Length: 439 pages
Edition: 1
Language: English
Publisher: Packt Publishing
Publication Date: 2023-02-09
ISBN-10: 1803241349
ISBN-13: 9781803241340
Sales Rank: #0 (See Top 100 Books)

Modernize your apps, run them in containers on Kubernetes, and understand the business value and the nitty-gritty of the VMware Tanzu portfolio with hands-on instructions

Key Features

Gain insights into the key features and capabilities of distinct VMWare Tanzu products
Learn how and when to use the different Tanzu products for common day-1 and day-2 operations
Modernize applications deployed on multi-cloud platforms using DevSecOps best practices

Book Description

As Kubernetes (or K8s) becomes more prolific, managing large clusters at scale in a multi-cloud environment becomes more challenging – especially from a developer productivity and operational efficiency point of view. DevSecOps in Practice with VMware Tanzu addresses these challenges by automating the delivery of containerized workloads and controlling multi-cloud Kubernetes operations using Tanzu tools.

This comprehensive guide begins with an overview of the VMWare Tanzu platform and discusses its tools for building useful and secure applications using the App Accelerator, Build Service, Catalog service, and API portal. Next, you’ll delve into running those applications efficiently at scale with Tanzu Kubernetes Grid and Tanzu Application Platform. As you advance, you’ll find out how to manage these applications, and control, observe, and connect them using Tanzu Mission Control, Tanzu Observability, and Tanzu Service Mesh. Finally, you’ll explore the architecture, capabilities, features, installation, configuration, implementation, and benefits of these services with the help of examples.

By the end of this VMware book, you’ll have gained a thorough understanding of the VMWare Tanzu platform and be able to efficiently articulate and solve real-world business problems.

What you will learn

Build apps to run as containers using predefined templates
Generate secure container images from application source code
Build secure open source backend services container images
Deploy and manage a Kubernetes-based private container registry
Manage a multi-cloud deployable Kubernetes platform
Define a secure path to production for Kubernetes-based applications
Streamline multi-cloud Kubernetes operations and observability
Connect containerized apps securely using service mesh

Who This Book Is For

This book is for cloud platform engineers and DevOps engineers who want to learn about the operations of tools under the VMware Tanzu umbrella. The book also serves as a useful reference for application developers and solutions architects as well as IT leaders who want to understand how business and security outcomes can be achieved using the tools covered in this book. Prior knowledge of containers and Kubernetes will help you get the most out of this book.

Cover
Title Page
Copyright and Credits
Dedication
Contributors
Table of Contents
Preface
Part 1 – Building Cloud-Native Applications on the Tanzu Platform
Chapter 1: Understanding the Need to Move to a Cloud Platform
	The challenges of running a software supply chain
	The emergence of the cloud and containers
		Containers
	Kubernetes
	Outcome-driven approach
	The need for VMware Tanzu
	Features, tools, benefits, and applications of VMware Tanzu
		Build and develop
		Run
		Manage
	Prerequisites
		The Linux console and tools
		Docker
		Kubernetes
		Workstation requirements and public cloud resources
	Summary
Chapter 2: Developing Cloud-Native Applications
	The business needs addressed by App Accelerator
	Technical requirements
	Overview of App Accelerator
	Getting started with App Accelerator
		Exploring App Accelerator
		Downloading, configuring, and running App Accelerator
	Advanced topics on App Accelerator
	Day-2 operations with App Accelerator
	Cloud-native development frameworks under the Tanzu umbrella
		The Spring Framework and Spring Boot
		Steeltoe framework
	Summary
Chapter 3: Building Secure Container Images with Build Service
	Technical requirements
	Why Tanzu Build Service?
		Increasing developer productivity
		Reduction of bespoke automation
		Standardization of container build process
		Stronger security posture
		Optimized network bandwidth and storage utilization
	Unboxing Tanzu Build Service
		Cloud-native buildpacks
		kpack
		VMware-provided components and features
	Getting started with Tanzu Build Service
		Prerequisites
		Installation procedure
		Verifying the installation
	Common day-2 activities for Tanzu Build Service
		Building application container images
		Upgrading buildpacks and stacks
		Managing images and builds
		Configuring role-based access controls
		Upgrading TBS to a newer version
		Uninstalling TBS
		Customizing buildpacks
	Summary
Chapter 4: Provisioning Backing Services for Applications
	Technical requirements
	Why VMware Application Catalog?
		Using the right tool for the right purpose with the flexibility of choice
		Enhanced security and transparency
	What VMware Application Catalog is
		The history of VMware Application Catalog
		Components of VMware Application Catalog
		The VAC management and consumption process
	Getting started with VMware Application Catalog
		Prerequisites
		Creating a catalog on the VAC portal
		Consuming VAC using Kubeapps
	Common day-two activities with VAC
		Inspecting catalog deliverables
		Using the application catalog
		Updating the application catalog
	Summary
Chapter 5: Defining and Managing Business APIs
	Spring Cloud Gateway for Kubernetes and API Portal for VMware Tanzu – overview
	Why Spring Cloud Gateway for Kubernetes?
	Why API Portal for VMware Tanzu?
	Technical requirements
	Spring Cloud Gateway for Kubernetes – getting started
	API Portal for VMware Tanzu – getting started
	Spring Cloud Gateway for Kubernetes and API Portal for VMware Tanzu – real-world use case
		Step 1 – cloning this book’s Git repository and navigating to the Animal Rescue application
		Step 2 – configuring your Okta developer account to provide SSO for Animal Rescue
		Step 3 – deploying the Animal Rescue application
		Step 4 – (optional) viewing the Animal Rescue API’s OpenAPI 3.0 specification
		Step 5 – (optional) connecting API Portal for VMware Tanzu with the Spring Cloud Gateway for Kubernetes OpenAPI endpoint
	Common day-2 operations with Tanzu Application Accelerator
		Updating an API’s route definition
		Updating the API Portal package
	Summary
Part 2 – Running Cloud-Native Applications on Tanzu
Chapter 6: Managing Container Images with Harbor
	Why Harbor?
		Using Harbor for security
		Using Harbor for operational control
		Using Harbor for its extensibility
	Unboxing Harbor
		Architecture overview
	Getting started with Harbor
		Prerequisites
		Installing Harbor
		Validating the setup
	Common day-2 operations with Harbor
		Configuring a project in Harbor
		Configuring image scanning for a project in Harbor
		Preventing insecure images from being used in Harbor
		Replicating images in Harbor
		Configuring rule-based tag retention policies in Harbor
	Summary
Chapter 7: Orchestrating Containers across Clouds with Tanzu Kubernetes Grid
	Why Tanzu Kubernetes Grid?
		Multi-cloud application deployments
		Open source alignment
	Unboxing Tanzu Kubernetes Grid
		Building blocks of Tanzu Kubernetes Grid
		Important concepts of Tanzu Kubernetes Grid
	Getting started with Tanzu Kubernetes Grid
		Prerequisites
		Configuring the bootstrap machine
		Installing the management cluster
		Creating a workload cluster
	Common day-2 operations with Tanzu Kubernetes Grid
		Scaling a Tanzu Kubernetes Grid cluster
		Upgrading a Tanzu Kubernetes Grid cluster
		Deleting a Tanzu Kubernetes Grid workload cluster
		Deleting a Tanzu Kubernetes Grid foundation
	Summary
Chapter 8: Enhancing Developer Productivity with Tanzu Application Platform
	Why should I use Tanzu Application Platform?
	The building blocks of Tanzu Application Platform
	Day 1 – installing and configuring Tanzu Application Platform
		Prerequisites and technical requirements
		Accepting end user license agreements
		Relocating Tanzu Application Platform packages
		Installing the Tanzu CLI and Tanzu Application Platform plugins
		Installing Cluster Essentials
		Setting up a developer namespace
		Installing a package repository
		Pulling down and formatting tap-values.yaml
		Creating DNS records
		Installing the VS Code developer tools
	Day 2 – deploying applications to Tanzu Application Platform
		Deploying workloads directly
	Day 3 – common operational activities on Tanzu Application Platform
		Securing running workloads with TAP GUI with TLS
		Enabling testing and scanning
	Next steps
	Summary
Part 3 – Managing Modern Applications on the Tanzu Platform
Chapter 9: Managing and Controlling Kubernetes Clusters with Tanzu Mission Control
	Why TMC?
		Challenges with Kubernetes
	Getting started with TMC
		Accessing the TMC portal
		Registering a TKG management cluster on TMC
		Registering a TKG management cluster on TMC
		Creating a new workload cluster under a management cluster
		Attaching an existing Kubernetes cluster with TMC
		Creating a cluster group on TMC
		Understanding Workspaces in TMC
	Protecting cluster data using TMC
	Applying governance policies to clusters using TMC
		Configuring a security policy for a cluster group
		Configuring an image registry policy for a Workspace
		Configuring a deployment governance policy for a cluster group
		Checking policy violation statuses across all clusters
		Inspecting clusters for CIS benchmark compliance
	Summary
Chapter 10: Realizing Full-Stack Visibility with VMware Aria Operations for Applications
	Why Aria?
		Integrating (almost) anything
		Getting full-stack visibility
		Ingesting high-volume data in real time
		Retaining full-fidelity data for a long time
		Writing powerful data extraction queries
		Getting SaaS benefits
	Unboxing Aria
		Supported data formats in Aria
		Data integration architecture of Aria
	Getting started with Aria
		Setting up a trial account
		Integrating a Kubernetes cluster for monitoring
		Accessing the default Kubernetes dashboards
		Accessing default Kubernetes alerts
	Working with charts and dashboards
		Creating new custom charts
		Creating new custom dashboards
		Customizing a default dashboard
	Working with alerts
		Creating alert targets
		Defining a maintenance window
		Creating new alerts
		Inspecting firing alerts
	Summary
Chapter 11: Enabling Secure Inter-Service Communication with Tanzu Service Mesh
	Why Tanzu Service Mesh?
	Features and capabilities of Tanzu Service Mesh
	How to get started with Tanzu Service Mesh
		Onboarding Kubernetes clusters
		Creating a Tanzu Service Mesh Global Namespace
		Installing services
		Accessing the application
		Generating application traffic
	How to perform key day-2 operations on Tanzu Service Mesh
		Enabling service high availability
		Defining and measuring SLOs
		Other day-2 operations for further research
	GSLB with NSX-T Advanced Load Balancer and Tanzu Service Mesh
		NSX Advanced Load Balancer
		Detour – GSLB without Tanzu Service Mesh
		GSLB with NSX-ALB and Tanzu Service Mesh
	Summary
Chapter 12: Bringing It All Together
	Tanzu adoption options
		Tanzu Standard
		Tanzu Application Platform (TAP)
		VMware Tanzu for Kubernetes Operations
		Tanzu Data Solutions
		VMware Spring Runtime
	Tanzu beyond this book
		Tanzu Labs
		Tanzu Application Service
		Azure Spring Apps
		Concourse
	The end-to-end picture
	Pros and cons of a single-vendor solution
		Pros
		Cons
	The future of Kubernetes
	What is next for Tanzu?
	Summary
Appendix
	Additional learning resources from VMware
	Different ways to create a Kubernetes cluster
		Creating Tanzu Kubernetes Grid clusters
		Creating non-Tanzu Kubernetes clusters
Index
About Packt
Other Books You May Enjoy

Client-Server Systems Cloud Computing Data in the Enterprise Network Security Networking

Donate to keep this site alive

To access the Link, solve the captcha.

How to download source code?

1. Go to: https://github.com/PacktPublishing

2. In the Find a repository… box, search the book title: DevSecOps in Practice with VMware Tanzu: Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio, sometime you may not get the results, please search the main title.