book

Cloud Native Infrastructure with Azure

by Nishant Singh, Michael Kehoe

February 2022

Intermediate to advanced

322 pages

8h 9m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
Who Should Read This BookGoals of This BookNavigating This BookConventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgments
1. Introduction: Why Cloud Native?
The Journey to the CloudChallenges in the CloudCloud Native Computing FoundationAdopting a Cloud Native Infrastructure with AzureSummary
2. Infrastructure as Code: Setting Up the Gateway
Infrastructure as Code and Its Importance in the Cloud Native WorldGetting Started with Azure and Setting Up the EnvironmentAzure Fundamentals and Preparing Your Azure EnvironmentCreating an Azure AccountInstalling the Azure CLIProminent IaC ToolsTerraformPackerAnsibleAzure DevOps and Infrastructure as CodeSummary
3. Containerizing Your Application: More Than Boxes
Why Containers?IsolationSecurityPackaging and DeploymentBasic Container PrimitivesCgroupsNamespacesCopy on WriteCapabilitiesSeccomp-BPFComponents of Running a ContainerContainer OrchestratorsContainer SoftwareContainer RuntimesContainersOperating SystemOpen Container Initiative (OCI) SpecificationOCI Image SpecificationOCI Runtime SpecificationDockerBuilding Your First Docker ImageBest Practices While Using DockerOther Container PlatformsKata ContainersLXC and LXDContainer RegistriesSecurely Storing Images with HarborSecurely Storing Images with Azure Container RegistryStoring Docker Images in a RegistryRunning Docker on AzureAzure Container InstancesDeploying an Azure Container InstanceRunning a Docker Container EngineSummary
4. Kubernetes: The Grand Orchestrator
Kubernetes ComponentsControl PlaneWorker NodesKubernetes API Server ObjectsPodsReplicaSetsDeploymentsServicesNamespacesLabels and SelectorsAnnotationsIngress ControllerStatefulSetsDaemonSetsJobsObserve, Operate, and Manage Kubernetes Clusters with kubectlGeneral Cluster Information and CommandsManaging PodsKubernetes in ProductionSummary
5. Creating a Kubernetes Cluster in Azure
Creating a Kubernetes Cluster from ScratchCreating the Resource GroupCreating the Machine Images for the Worker and Controller MachinesCreating a Storage Account BackendCreating an Azure Virtual NetworkCreating Public IPs for the Load BalancerCreating Worker and Controller InstancesUsing Ansible to Deploy and Configure the Kubernetes Controller NodesUsing Ansible to Deploy and Configure the Kubernetes Worker NodesSetting Up Pod Networking and RoutingGenerating the kubeconfig File for Remote Access and Cluster ValidationAzure Kubernetes ServiceDeploying Applications and Services Using Helm: A Package Manager for KubernetesHelm BasicsInstalling and Managing HelmManaging Helm ReleasesCreating Charts for Your ApplicationsSummary
6. Observability: Following the Breadcrumbs
Introduction to ObservabilityObservability: More Than Three PillarsObservability: A Superset of MonitoringObservability-Driven DevelopmentMonitoring Metrics with Prometheus in a Cloud Native WorldPrometheus Components and ArchitectureInstalling and Configuring Prometheusnode_exporterInstrumentation of ApplicationsFinding HostsPrometheus on KubernetesLogging in the Cloud Native WorldLogging with FluentdFluentd on KubernetesDistributed Tracing in the Cloud Native WorldTracing: Key ConceptsGeneral Tracing System Architecture and Trace AssemblyTracing Standards, Tools, and Code InstrumentationAzure MonitorSummary
7. Service Discovery and Service Mesh: Finding New Territories and Crossing Borders
Service DiscoveryIntroduction to CoreDNSInstalling and Configuring CoreDNSKubernetes Service Discovery with CoreDNSAzure DNSThe Service MeshIntroduction to IstioInstalling Istio on Azure Kubernetes ServiceAutomatically Injecting the Sidecar Proxy (Envoy Proxy)Managing Istio Service Meshes Using KialiSummary
8. Networking and Policy Management: Behold the Gatekeepers
The Container Network Interface (CNI)Why Would You Use a CNI?How Does CNI Work with Azure?Various CNI ProjectsCalicoWhy Would You Use Calico?Basic ArchitectureDeploying CalicoA Calico Deep DiveImplementing Calico Security PolicyCiliumDeploying CiliumIntegrating Cilium with Your CloudFlannelDeploying FlannelA Flannel Deep DiveAzure PolicyAzure Policy QuickstartCreating Your Own Azure PolicyAzure Policy for KubernetesOpen Policy AgentDeploying OPA on KubernetesDeploying Policy with OPASummary
9. Distributed Databases and Storage: The Central Bank
The Need for Distributed Databases in Cloud Native ArchitectureAzure Storage and Database OptionsIntroduction to Vitess: Distributed and Sharded MySQLWhy Run Vitess?The Vitess ArchitectureDeploying Vitess on KubernetesIntroduction to Rook: Storage Orchestrator for KubernetesThe Rook ArchitectureDeploying Rook on KubernetesIntroduction to TiKVWhy Use TiKV?The TiKV ArchitectureDeploying TiKV on KubernetesMore on etcdHardware PlatformAutoscaling and Auto-remediationAvailability and SecuritySummary

10. Getting the Message
The Need for MessagingA Sample Messaging Use Case: Log Ingestion and AnalyticsGeneration 1: Without QueuesGeneration 2: With Cloud Queues and Object StorageGeneration 3: With Memory-Based Pub/Sub QueuingThe Basics of Messaging PlatformsMessaging Versus StreamingMessaging FundamentalsProducers and ConsumersBrokers and ClusteringDurability and PersistenceMessage DeliverySecurityCommon Messaging PatternsSimple QueuePublish and SubscribeDurable QueueAn Overview of Popular Cloud Native Messaging PlatformsRabbitMQApache KafkaCNCF CloudEventsCloud Messaging Deep Dive with NATSNATS Protocol ArchitectureNATS Persistence with JetStreamNATS SecurityDeploying NATS on KubernetesAzure Messaging ServicesAzure Service BusAzure Event HubsAzure Event GridSummary
11. Serverless
Introduction to Serverless ComputingWhat Is Serverless?What Is a Serverless Function?The Serverless LandscapeBenefits of ServerlessPotential Downsides of ServerlessAzure Function AppsFunction App ArchitectureCreating a Function AppKnativeKnative ArchitectureInstalling and Running Knative Serving on KubernetesInstalling and Running Knative Eventing on KubernetesKEDAKEDA ArchitectureInstalling KEDA on KubernetesOpenFaaSOpenFaaS ArchitectureInstalling OpenFaaSWriting Your First OpenFaaS FunctionSummary
12. Conclusion
What’s Next?
Index
About the Authors

Overview

The cloud is becoming the de facto home for companies ranging from enterprises to startups. Moving to the cloud means moving your applications from monolith to microservices. But once you do, running and maintaining these services brings its own level of complexity. The answer? Modularity, deployability, observability, and self-healing capacity through cloud native development.

With this practical book, Nishant Singh and Michael Kehoe show you how to build a true cloud native infrastructure using Microsoft Azure or another cloud computing solution by following guidelines from the Cloud Native Computing Foundation (CNCF). DevOps and site reliability engineers will learn how adapting applications to cloud native early in the design phase helps you fully utilize the elasticity and distributed nature of the cloud.

This book helps you explore:

Why go cloud native?
How to use infrastructure as code
What it takes to containerize an application
Why and how Kubernetes is the "grand orchestrator"
How to create a Kubernetes cluster on Azure
How observability complements monitoring
How to use service discovery and a service mesh to find new territories
How networking and policy management serve as gatekeepers
How distributed databases and storage work

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

The Azure Cloud Native Architecture Mapbook

Publisher Resources

ISBN: 9781492090953Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills