May 2020
Beginner to intermediate
215 pages
3h 58m
Chinese
Content preview from 云原生:运用容器、函数计算和数据构建下一代应用
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
云原生应用的设计
|
35
多测试框架可以帮助你模拟故障,使你知道相应的故障会带来什么影响以及如何减
轻这种影响。
3.1.2 安全性
所有的主流云服务供应商都聘请了大量安全领域的专家,确保它们的环境非常安全。现在,
云环境比本地环境更安全这个说法已经得到了公认。但是云环境虽然相对安全,这并不意
味着你就可以忽视自身应用的安全性了。由于云原生应用常常由很多服务组成,纵深防御
的策略被证明是最合适保护云原生应用的一种方法。纵深防御的意思是安全控制贯穿整个
应用架构。虽然云原生应用的安全不是本书重点,但是花一点时间来了解纵深防御对于你
的云原生应用而言很重要。我们先来看一个简单的云原生应用的例子,如图 3-1 所示。
本章稍后将详细介绍这个应用的功能,对于纵深防御的讨论,理解这个投票应用使用容
器化的服务,通过编排服务来管理,有一个事件处理系统,用到了函数计算和数据库服
务这几点就够了。
投票应用
投票应用
结果展示应用
事件
函数
数据
图 3-1:一个简单的投票应用
以下是容器化服务的纵深防御列表,假设你使用的编排工具是 Kubernetes。
源代码
你需要确保使用了一个安全的代码仓库,可以追踪和审计所发生的改动。可以把检
查代码漏洞,特别是检查所使用的 Linux 容器的内核漏洞,作为持续集成任务中的
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.