DevSecOps in Practice with VMware Tanzu: Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio
- Length: 439 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2023-02-09
- ISBN-10: 1803241349
- ISBN-13: 9781803241340
- Sales Rank: #0 (See Top 100 Books)
Modernize your apps, run them in containers on Kubernetes, and understand the business value and the nitty-gritty of the VMware Tanzu portfolio with hands-on instructions
Key Features
- Gain insights into the key features and capabilities of distinct VMWare Tanzu products
- Learn how and when to use the different Tanzu products for common day-1 and day-2 operations
- Modernize applications deployed on multi-cloud platforms using DevSecOps best practices
Book Description
As Kubernetes (or K8s) becomes more prolific, managing large clusters at scale in a multi-cloud environment becomes more challenging – especially from a developer productivity and operational efficiency point of view. DevSecOps in Practice with VMware Tanzu addresses these challenges by automating the delivery of containerized workloads and controlling multi-cloud Kubernetes operations using Tanzu tools.
This comprehensive guide begins with an overview of the VMWare Tanzu platform and discusses its tools for building useful and secure applications using the App Accelerator, Build Service, Catalog service, and API portal. Next, you’ll delve into running those applications efficiently at scale with Tanzu Kubernetes Grid and Tanzu Application Platform. As you advance, you’ll find out how to manage these applications, and control, observe, and connect them using Tanzu Mission Control, Tanzu Observability, and Tanzu Service Mesh. Finally, you’ll explore the architecture, capabilities, features, installation, configuration, implementation, and benefits of these services with the help of examples.
By the end of this VMware book, you’ll have gained a thorough understanding of the VMWare Tanzu platform and be able to efficiently articulate and solve real-world business problems.
What you will learn
- Build apps to run as containers using predefined templates
- Generate secure container images from application source code
- Build secure open source backend services container images
- Deploy and manage a Kubernetes-based private container registry
- Manage a multi-cloud deployable Kubernetes platform
- Define a secure path to production for Kubernetes-based applications
- Streamline multi-cloud Kubernetes operations and observability
- Connect containerized apps securely using service mesh
Who This Book Is For
This book is for cloud platform engineers and DevOps engineers who want to learn about the operations of tools under the VMware Tanzu umbrella. The book also serves as a useful reference for application developers and solutions architects as well as IT leaders who want to understand how business and security outcomes can be achieved using the tools covered in this book. Prior knowledge of containers and Kubernetes will help you get the most out of this book.
Cover Title Page Copyright and Credits Dedication Contributors Table of Contents Preface Part 1 – Building Cloud-Native Applications on the Tanzu Platform Chapter 1: Understanding the Need to Move to a Cloud Platform The challenges of running a software supply chain The emergence of the cloud and containers Containers Kubernetes Outcome-driven approach The need for VMware Tanzu Features, tools, benefits, and applications of VMware Tanzu Build and develop Run Manage Prerequisites The Linux console and tools Docker Kubernetes Workstation requirements and public cloud resources Summary Chapter 2: Developing Cloud-Native Applications The business needs addressed by App Accelerator Technical requirements Overview of App Accelerator Getting started with App Accelerator Exploring App Accelerator Downloading, configuring, and running App Accelerator Advanced topics on App Accelerator Day-2 operations with App Accelerator Cloud-native development frameworks under the Tanzu umbrella The Spring Framework and Spring Boot Steeltoe framework Summary Chapter 3: Building Secure Container Images with Build Service Technical requirements Why Tanzu Build Service? Increasing developer productivity Reduction of bespoke automation Standardization of container build process Stronger security posture Optimized network bandwidth and storage utilization Unboxing Tanzu Build Service Cloud-native buildpacks kpack VMware-provided components and features Getting started with Tanzu Build Service Prerequisites Installation procedure Verifying the installation Common day-2 activities for Tanzu Build Service Building application container images Upgrading buildpacks and stacks Managing images and builds Configuring role-based access controls Upgrading TBS to a newer version Uninstalling TBS Customizing buildpacks Summary Chapter 4: Provisioning Backing Services for Applications Technical requirements Why VMware Application Catalog? Using the right tool for the right purpose with the flexibility of choice Enhanced security and transparency What VMware Application Catalog is The history of VMware Application Catalog Components of VMware Application Catalog The VAC management and consumption process Getting started with VMware Application Catalog Prerequisites Creating a catalog on the VAC portal Consuming VAC using Kubeapps Common day-two activities with VAC Inspecting catalog deliverables Using the application catalog Updating the application catalog Summary Chapter 5: Defining and Managing Business APIs Spring Cloud Gateway for Kubernetes and API Portal for VMware Tanzu – overview Why Spring Cloud Gateway for Kubernetes? Why API Portal for VMware Tanzu? Technical requirements Spring Cloud Gateway for Kubernetes – getting started API Portal for VMware Tanzu – getting started Spring Cloud Gateway for Kubernetes and API Portal for VMware Tanzu – real-world use case Step 1 – cloning this book’s Git repository and navigating to the Animal Rescue application Step 2 – configuring your Okta developer account to provide SSO for Animal Rescue Step 3 – deploying the Animal Rescue application Step 4 – (optional) viewing the Animal Rescue API’s OpenAPI 3.0 specification Step 5 – (optional) connecting API Portal for VMware Tanzu with the Spring Cloud Gateway for Kubernetes OpenAPI endpoint Common day-2 operations with Tanzu Application Accelerator Updating an API’s route definition Updating the API Portal package Summary Part 2 – Running Cloud-Native Applications on Tanzu Chapter 6: Managing Container Images with Harbor Why Harbor? Using Harbor for security Using Harbor for operational control Using Harbor for its extensibility Unboxing Harbor Architecture overview Getting started with Harbor Prerequisites Installing Harbor Validating the setup Common day-2 operations with Harbor Configuring a project in Harbor Configuring image scanning for a project in Harbor Preventing insecure images from being used in Harbor Replicating images in Harbor Configuring rule-based tag retention policies in Harbor Summary Chapter 7: Orchestrating Containers across Clouds with Tanzu Kubernetes Grid Why Tanzu Kubernetes Grid? Multi-cloud application deployments Open source alignment Unboxing Tanzu Kubernetes Grid Building blocks of Tanzu Kubernetes Grid Important concepts of Tanzu Kubernetes Grid Getting started with Tanzu Kubernetes Grid Prerequisites Configuring the bootstrap machine Installing the management cluster Creating a workload cluster Common day-2 operations with Tanzu Kubernetes Grid Scaling a Tanzu Kubernetes Grid cluster Upgrading a Tanzu Kubernetes Grid cluster Deleting a Tanzu Kubernetes Grid workload cluster Deleting a Tanzu Kubernetes Grid foundation Summary Chapter 8: Enhancing Developer Productivity with Tanzu Application Platform Why should I use Tanzu Application Platform? The building blocks of Tanzu Application Platform Day 1 – installing and configuring Tanzu Application Platform Prerequisites and technical requirements Accepting end user license agreements Relocating Tanzu Application Platform packages Installing the Tanzu CLI and Tanzu Application Platform plugins Installing Cluster Essentials Setting up a developer namespace Installing a package repository Pulling down and formatting tap-values.yaml Creating DNS records Installing the VS Code developer tools Day 2 – deploying applications to Tanzu Application Platform Deploying workloads directly Day 3 – common operational activities on Tanzu Application Platform Securing running workloads with TAP GUI with TLS Enabling testing and scanning Next steps Summary Part 3 – Managing Modern Applications on the Tanzu Platform Chapter 9: Managing and Controlling Kubernetes Clusters with Tanzu Mission Control Why TMC? Challenges with Kubernetes Getting started with TMC Accessing the TMC portal Registering a TKG management cluster on TMC Registering a TKG management cluster on TMC Creating a new workload cluster under a management cluster Attaching an existing Kubernetes cluster with TMC Creating a cluster group on TMC Understanding Workspaces in TMC Protecting cluster data using TMC Applying governance policies to clusters using TMC Configuring a security policy for a cluster group Configuring an image registry policy for a Workspace Configuring a deployment governance policy for a cluster group Checking policy violation statuses across all clusters Inspecting clusters for CIS benchmark compliance Summary Chapter 10: Realizing Full-Stack Visibility with VMware Aria Operations for Applications Why Aria? Integrating (almost) anything Getting full-stack visibility Ingesting high-volume data in real time Retaining full-fidelity data for a long time Writing powerful data extraction queries Getting SaaS benefits Unboxing Aria Supported data formats in Aria Data integration architecture of Aria Getting started with Aria Setting up a trial account Integrating a Kubernetes cluster for monitoring Accessing the default Kubernetes dashboards Accessing default Kubernetes alerts Working with charts and dashboards Creating new custom charts Creating new custom dashboards Customizing a default dashboard Working with alerts Creating alert targets Defining a maintenance window Creating new alerts Inspecting firing alerts Summary Chapter 11: Enabling Secure Inter-Service Communication with Tanzu Service Mesh Why Tanzu Service Mesh? Features and capabilities of Tanzu Service Mesh How to get started with Tanzu Service Mesh Onboarding Kubernetes clusters Creating a Tanzu Service Mesh Global Namespace Installing services Accessing the application Generating application traffic How to perform key day-2 operations on Tanzu Service Mesh Enabling service high availability Defining and measuring SLOs Other day-2 operations for further research GSLB with NSX-T Advanced Load Balancer and Tanzu Service Mesh NSX Advanced Load Balancer Detour – GSLB without Tanzu Service Mesh GSLB with NSX-ALB and Tanzu Service Mesh Summary Chapter 12: Bringing It All Together Tanzu adoption options Tanzu Standard Tanzu Application Platform (TAP) VMware Tanzu for Kubernetes Operations Tanzu Data Solutions VMware Spring Runtime Tanzu beyond this book Tanzu Labs Tanzu Application Service Azure Spring Apps Concourse The end-to-end picture Pros and cons of a single-vendor solution Pros Cons The future of Kubernetes What is next for Tanzu? Summary Appendix Additional learning resources from VMware Different ways to create a Kubernetes cluster Creating Tanzu Kubernetes Grid clusters Creating non-Tanzu Kubernetes clusters Index About Packt Other Books You May Enjoy
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: DevSecOps in Practice with VMware Tanzu: Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.