SlideShare a Scribd company logo
1 of 36
Download to read offline
Containers & Kubernetes on Azure
Global Azure Virtual Rosenheim, April 2020
Nico Meisenzahl
• Senior Cloud & DevOps Consultant at white duck
• Microsoft MVP, Docker Community Leader &
GitLab Hero
• loves Kubernetes, DevOps and Cloud
© white duck GmbH 2020
Phone: +49 8031 230159 0
Email: nico.meisenzahl@whiteduck.de
Twitter: @nmeisenzahl
LinkedIn: https://www.linkedin.com/in/nicomeisenzahl
Blog: https://meisenzahl.org
Agenda
• why Kubernetes?
• how Kubernetes works
• container services on Azure
• demo
© white duck GmbH 2020
WHY KUBERNETES?
© white duck GmbH 2020
Where containers can help
• isolation
• dependencies
• scalability
• immutability
© white duck GmbH 2020
But …
• containers itself are not production-ready
• we need to manage, scale and monitor them
• examples
• scaling container workload across multiple nodes
• service discovery and load balancing
• self-healing of applications
• secret, configuration and storage management
© white duck GmbH 2020
What is Kubernetes?
Kubernetes is an open source system for automating
deployment, scaling, and management of containerized
applications using a declarative approach.
© white duck GmbH 2020
Declarative and self healing
• Me: „I would like to run 3 instances of my app.“
• K8s: „Ok, I will run 3 instances and ensure they are always up.“
• K8s: „Oh, one instance died. Let me start another one instead.“
© white duck GmbH 2020
Kubernetes facts
• greek for helmsman/captain
• introduced by Google in June 2014
• hosted by Cloud Native Computing Foundation (CNCF)
– Microsoft, IBM, RedHat and Docker joined the project six weeks after the
first release
• third container management tool build by Google
– Borg
– Omega
• Kubernetes is the container orchestration tool
© white duck GmbH 2020
HOW KUBERNETES WORKS
© white duck GmbH 2020
A pod
© white duck GmbH 2020
A deployment
© white duck GmbH 2020
ClusterIP service
© white duck GmbH 2020
NodePort service
© white duck GmbH 2020
LoadBalancer service
© white duck GmbH 2020
Ingress
© white duck GmbH 2020
Big picture
© white duck GmbH 2020
Resource manifests
• are defined in YAML or JSON using a
declarative approach
• needs to be passed to the API server
• are verified and processed by the API
server
© white duck GmbH 2020
Working with Kubernetes
• kubectl
• CLI for Windows, MacOS & Linux
• get/create/delete resources
• get API resources/details
• attach to containers
• “port-forward” functionality
• extendable (Plugins)
• Dashboard
• Helm, Kustomize, …
© white duck GmbH 2020
CONTAINER SERVICES ON AZURE
© white duck GmbH 2020
Azure Container Registry (ACR)
• fully managed and scalable container registry
• integrated security
• Azure AD
• role-based access
• supports container builds à no need to build them locally
• supports OCI which allows to also store Helm charts
• pricing based on service tier and usage (storage, build-time)
• integrates with Azure DevOps
© white duck GmbH 2020
Container Image scanning
© white duck GmbH 2020
Geo-replication
© white duck GmbH 2020
Azure Container Instances (ACI)
• abstracts everything except your container
• Linux, Windows & GPU workload
• can be used for
• event-driven applications
• data processing jobs
• can be integrated with AKS via virtual nodes
• fast scaling
• isolated compute
• pay as you go pricing (CPU, memory)
© white duck GmbH 2020
Azure Kubernetes Service (AKS)
• fully managed Kubernetes Cluster
• scalable and secure by default
• runs Linux, Windows and GPU workload
• end-to-end developer experience
• Azure Dev Spaces, VS Code integration
• pricing is based on compute (VM size of worker nodes)
• free-of-charge master nodes
© white duck GmbH 2020
AKS integrates with
• Azure Monitor for monitoring
• Azure Policies for governance
• Azure Files & Azure Disks for persistent storage
• Azure AD for authentication and authorization
• Azure Virtual Network for advanced networking
• Azure Application Gateway for application ingress security
• Azure Key Vault for secret management
• Azure DevOps for CI/CD
• Azure Portal for easy administration
• …
© white duck GmbH 2020
RBAC via Azure AD
© white duck GmbH 2020
Cluster Autoscaler & virtual node
© white duck GmbH 2020
Private Cluster support
© white duck GmbH 2020
• expose API Server via Private Link into an internal subnet
• expose Services into an internal subnet using internal
Load Balancer
• access PaaS Services via Private Link Endpoints
• Container Registry
• Storage Services
Azure Monitor (Container Insights)
© white duck GmbH 2020
Governance with Azure Policies
© white duck GmbH 2020
Azure Key Vault integration
© white duck GmbH 2020
AAD Pod Identity
© white duck GmbH 2020
Node Managed Identity
Managed Service Identity
DEMO
© white duck GmbH 2020
Demo
• Azure Kubernetes Service
• Azure Container Registry
• build & deploy an application
© white duck GmbH 2020
Questions?
Slides: https://www.slideshare.net/nmeisenzahl
Demo: https://github.com/whiteducksoftware/sample-mvc
Nico Meisenzahl (Senior Cloud & DevOps Consultant)
Phone: +49 8031 230159 0
Email: nico.meisenzahl@whiteduck.de
Twitter: @nmeisenzahl
LinkedIn: https://www.linkedin.com/in/nicomeisenzahl
Blog: https://meisenzahl.org
© white duck GmbH 2020

More Related Content

What's hot

DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?Nico Meisenzahl
 
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Nico Meisenzahl
 
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Nico Meisenzahl
 
Azure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorAzure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorNico Meisenzahl
 
All Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service BasicsAll Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service BasicsNico Meisenzahl
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureNico Meisenzahl
 
Distributed Storage in the Cloud
Distributed Storage in the CloudDistributed Storage in the Cloud
Distributed Storage in the CloudAll Things Open
 
Journey from on prem to the cloud with kubernetes
Journey from on prem to the cloud with kubernetesJourney from on prem to the cloud with kubernetes
Journey from on prem to the cloud with kubernetesLibbySchulze
 
Event sourcing your React-Redux applications
Event sourcing your React-Redux applicationsEvent sourcing your React-Redux applications
Event sourcing your React-Redux applicationsMaurice De Beijer [MVP]
 
Building Cloud Native Applications Using Azure Kubernetes Service
Building Cloud Native Applications Using Azure Kubernetes ServiceBuilding Cloud Native Applications Using Azure Kubernetes Service
Building Cloud Native Applications Using Azure Kubernetes ServiceDennis Moon
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl
 
Manage your kubernetes cluster with cluster api, azure and git ops
Manage your kubernetes cluster with cluster api, azure and git opsManage your kubernetes cluster with cluster api, azure and git ops
Manage your kubernetes cluster with cluster api, azure and git opsJorge Arteiro
 
Publishing containerized micro services with Azure API management
Publishing containerized micro services with Azure API managementPublishing containerized micro services with Azure API management
Publishing containerized micro services with Azure API managementJorge Arteiro
 
Fundamentos do containerd docker con live 2021 jorge arteiro
Fundamentos do containerd docker con live 2021 jorge arteiroFundamentos do containerd docker con live 2021 jorge arteiro
Fundamentos do containerd docker con live 2021 jorge arteiroJorge Arteiro
 
Managing add-ons across clusters
Managing add-ons across clustersManaging add-ons across clusters
Managing add-ons across clustersLibbySchulze
 
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...Bitnami
 
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)Red Hat Developers
 
Kubestr browse2021.pptx
Kubestr browse2021.pptxKubestr browse2021.pptx
Kubestr browse2021.pptxLibbySchulze
 
Running Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using KubernetesRunning Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using KubernetesJorge Arteiro
 
Building Resilient Cloud Native Apps in GKE
Building Resilient Cloud Native Apps in GKEBuilding Resilient Cloud Native Apps in GKE
Building Resilient Cloud Native Apps in GKEJerry Jalava
 

What's hot (20)

DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
 
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
 
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
 
Azure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorAzure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service Operator
 
All Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service BasicsAll Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service Basics
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
 
Distributed Storage in the Cloud
Distributed Storage in the CloudDistributed Storage in the Cloud
Distributed Storage in the Cloud
 
Journey from on prem to the cloud with kubernetes
Journey from on prem to the cloud with kubernetesJourney from on prem to the cloud with kubernetes
Journey from on prem to the cloud with kubernetes
 
Event sourcing your React-Redux applications
Event sourcing your React-Redux applicationsEvent sourcing your React-Redux applications
Event sourcing your React-Redux applications
 
Building Cloud Native Applications Using Azure Kubernetes Service
Building Cloud Native Applications Using Azure Kubernetes ServiceBuilding Cloud Native Applications Using Azure Kubernetes Service
Building Cloud Native Applications Using Azure Kubernetes Service
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
 
Manage your kubernetes cluster with cluster api, azure and git ops
Manage your kubernetes cluster with cluster api, azure and git opsManage your kubernetes cluster with cluster api, azure and git ops
Manage your kubernetes cluster with cluster api, azure and git ops
 
Publishing containerized micro services with Azure API management
Publishing containerized micro services with Azure API managementPublishing containerized micro services with Azure API management
Publishing containerized micro services with Azure API management
 
Fundamentos do containerd docker con live 2021 jorge arteiro
Fundamentos do containerd docker con live 2021 jorge arteiroFundamentos do containerd docker con live 2021 jorge arteiro
Fundamentos do containerd docker con live 2021 jorge arteiro
 
Managing add-ons across clusters
Managing add-ons across clustersManaging add-ons across clusters
Managing add-ons across clusters
 
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...
Take the Fastest Path to Node.Js Application Development with Bitnami & AWS L...
 
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)
 
Kubestr browse2021.pptx
Kubestr browse2021.pptxKubestr browse2021.pptx
Kubestr browse2021.pptx
 
Running Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using KubernetesRunning Azure PaaS Anywhere using Kubernetes
Running Azure PaaS Anywhere using Kubernetes
 
Building Resilient Cloud Native Apps in GKE
Building Resilient Cloud Native Apps in GKEBuilding Resilient Cloud Native Apps in GKE
Building Resilient Cloud Native Apps in GKE
 

Similar to Global Azure Virtual: Container & Kubernetes on Azure

Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayNico Meisenzahl
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...Cloud Native Rosenheim Meetup
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup:  Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...GitLab Remote Meetup:  Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...Nico Meisenzahl
 
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...Philip Welz
 
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...Nico Meisenzahl
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasNico Meisenzahl
 
Festive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingFestive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingNico Meisenzahl
 
How to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being HackedHow to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being HackedNico Meisenzahl
 
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedKCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedNico Meisenzahl
 
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...Tom Kerkhove
 
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...Tom Kerkhove
 
Deep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureDeep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureJorge Arteiro
 
Develop Azure compute solutions Part - 2
Develop Azure compute solutions Part - 2Develop Azure compute solutions Part - 2
Develop Azure compute solutions Part - 2AzureEzy1
 
Google Cloud Fundamentals by CloudZone
Google Cloud Fundamentals by CloudZoneGoogle Cloud Fundamentals by CloudZone
Google Cloud Fundamentals by CloudZoneIdan Tohami
 
Achieving DevSecOps Outcomes with Tanzu Advanced - Spanish
Achieving DevSecOps Outcomes with Tanzu Advanced - SpanishAchieving DevSecOps Outcomes with Tanzu Advanced - Spanish
Achieving DevSecOps Outcomes with Tanzu Advanced - SpanishVMware Tanzu
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughContainer Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Nico Meisenzahl
 
Containerized Build & Deployment Pipelines
Containerized Build & Deployment PipelinesContainerized Build & Deployment Pipelines
Containerized Build & Deployment PipelinesNico Meisenzahl
 
Open service broker API with Azure Kubernetes Services
Open service broker API with Azure Kubernetes ServicesOpen service broker API with Azure Kubernetes Services
Open service broker API with Azure Kubernetes ServicesJorge Arteiro
 

Similar to Global Azure Virtual: Container & Kubernetes on Azure (20)

Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup:  Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...GitLab Remote Meetup:  Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
 
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
 
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
 
Festive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingFestive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networking
 
How to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being HackedHow to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being Hacked
 
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedKCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
 
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
 
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...
NDC London 2021 - Application Autoscaling Made Easy With Kubernetes Event-Dri...
 
Deep dive into Kubernetes on Azure
Deep dive into Kubernetes on AzureDeep dive into Kubernetes on Azure
Deep dive into Kubernetes on Azure
 
Develop Azure compute solutions Part - 2
Develop Azure compute solutions Part - 2Develop Azure compute solutions Part - 2
Develop Azure compute solutions Part - 2
 
Google Cloud Fundamentals by CloudZone
Google Cloud Fundamentals by CloudZoneGoogle Cloud Fundamentals by CloudZone
Google Cloud Fundamentals by CloudZone
 
Achieving DevSecOps Outcomes with Tanzu Advanced - Spanish
Achieving DevSecOps Outcomes with Tanzu Advanced - SpanishAchieving DevSecOps Outcomes with Tanzu Advanced - Spanish
Achieving DevSecOps Outcomes with Tanzu Advanced - Spanish
 
Why kubernetes
Why kubernetesWhy kubernetes
Why kubernetes
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughContainer Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
 
Containerized Build & Deployment Pipelines
Containerized Build & Deployment PipelinesContainerized Build & Deployment Pipelines
Containerized Build & Deployment Pipelines
 
Open service broker API with Azure Kubernetes Services
Open service broker API with Azure Kubernetes ServicesOpen service broker API with Azure Kubernetes Services
Open service broker API with Azure Kubernetes Services
 

More from Nico Meisenzahl

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsNico Meisenzahl
 
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedContainer Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedNico Meisenzahl
 
ContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesNico Meisenzahl
 
ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...Nico Meisenzahl
 
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughKCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
azdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Clusterazdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes ClusterNico Meisenzahl
 
Continuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesContinuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesNico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
Microsoft DevOps Forum 2021 – DevOps & Security
 Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & SecurityNico Meisenzahl
 
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...Nico Meisenzahl
 
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Nico Meisenzahl
 
Die Evolution von Container Image Builds
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image BuildsNico Meisenzahl
 

More from Nico Meisenzahl (16)

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
 
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedContainer Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
 
ContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack Kubernetes
 
ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...
 
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughKCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
 
Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
azdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Clusterazdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Cluster
 
Continuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesContinuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack Kubernetes
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
Microsoft DevOps Forum 2021 – DevOps & Security
 Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security
 
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
 
GitHub Actions 101
GitHub Actions 101GitHub Actions 101
GitHub Actions 101
 
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
 
Die Evolution von Container Image Builds
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image Builds
 

Recently uploaded

Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 

Recently uploaded (20)

Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 

Global Azure Virtual: Container & Kubernetes on Azure

  • 1. Containers & Kubernetes on Azure Global Azure Virtual Rosenheim, April 2020
  • 2. Nico Meisenzahl • Senior Cloud & DevOps Consultant at white duck • Microsoft MVP, Docker Community Leader & GitLab Hero • loves Kubernetes, DevOps and Cloud © white duck GmbH 2020 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org
  • 3. Agenda • why Kubernetes? • how Kubernetes works • container services on Azure • demo © white duck GmbH 2020
  • 4. WHY KUBERNETES? © white duck GmbH 2020
  • 5. Where containers can help • isolation • dependencies • scalability • immutability © white duck GmbH 2020
  • 6. But … • containers itself are not production-ready • we need to manage, scale and monitor them • examples • scaling container workload across multiple nodes • service discovery and load balancing • self-healing of applications • secret, configuration and storage management © white duck GmbH 2020
  • 7. What is Kubernetes? Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications using a declarative approach. © white duck GmbH 2020
  • 8. Declarative and self healing • Me: „I would like to run 3 instances of my app.“ • K8s: „Ok, I will run 3 instances and ensure they are always up.“ • K8s: „Oh, one instance died. Let me start another one instead.“ © white duck GmbH 2020
  • 9. Kubernetes facts • greek for helmsman/captain • introduced by Google in June 2014 • hosted by Cloud Native Computing Foundation (CNCF) – Microsoft, IBM, RedHat and Docker joined the project six weeks after the first release • third container management tool build by Google – Borg – Omega • Kubernetes is the container orchestration tool © white duck GmbH 2020
  • 10. HOW KUBERNETES WORKS © white duck GmbH 2020
  • 11. A pod © white duck GmbH 2020
  • 12. A deployment © white duck GmbH 2020
  • 13. ClusterIP service © white duck GmbH 2020
  • 14. NodePort service © white duck GmbH 2020
  • 17. Big picture © white duck GmbH 2020
  • 18. Resource manifests • are defined in YAML or JSON using a declarative approach • needs to be passed to the API server • are verified and processed by the API server © white duck GmbH 2020
  • 19. Working with Kubernetes • kubectl • CLI for Windows, MacOS & Linux • get/create/delete resources • get API resources/details • attach to containers • “port-forward” functionality • extendable (Plugins) • Dashboard • Helm, Kustomize, … © white duck GmbH 2020
  • 20. CONTAINER SERVICES ON AZURE © white duck GmbH 2020
  • 21. Azure Container Registry (ACR) • fully managed and scalable container registry • integrated security • Azure AD • role-based access • supports container builds à no need to build them locally • supports OCI which allows to also store Helm charts • pricing based on service tier and usage (storage, build-time) • integrates with Azure DevOps © white duck GmbH 2020
  • 22. Container Image scanning © white duck GmbH 2020
  • 24. Azure Container Instances (ACI) • abstracts everything except your container • Linux, Windows & GPU workload • can be used for • event-driven applications • data processing jobs • can be integrated with AKS via virtual nodes • fast scaling • isolated compute • pay as you go pricing (CPU, memory) © white duck GmbH 2020
  • 25. Azure Kubernetes Service (AKS) • fully managed Kubernetes Cluster • scalable and secure by default • runs Linux, Windows and GPU workload • end-to-end developer experience • Azure Dev Spaces, VS Code integration • pricing is based on compute (VM size of worker nodes) • free-of-charge master nodes © white duck GmbH 2020
  • 26. AKS integrates with • Azure Monitor for monitoring • Azure Policies for governance • Azure Files & Azure Disks for persistent storage • Azure AD for authentication and authorization • Azure Virtual Network for advanced networking • Azure Application Gateway for application ingress security • Azure Key Vault for secret management • Azure DevOps for CI/CD • Azure Portal for easy administration • … © white duck GmbH 2020
  • 27. RBAC via Azure AD © white duck GmbH 2020
  • 28. Cluster Autoscaler & virtual node © white duck GmbH 2020
  • 29. Private Cluster support © white duck GmbH 2020 • expose API Server via Private Link into an internal subnet • expose Services into an internal subnet using internal Load Balancer • access PaaS Services via Private Link Endpoints • Container Registry • Storage Services
  • 30. Azure Monitor (Container Insights) © white duck GmbH 2020
  • 31. Governance with Azure Policies © white duck GmbH 2020
  • 32. Azure Key Vault integration © white duck GmbH 2020
  • 33. AAD Pod Identity © white duck GmbH 2020 Node Managed Identity Managed Service Identity
  • 34. DEMO © white duck GmbH 2020
  • 35. Demo • Azure Kubernetes Service • Azure Container Registry • build & deploy an application © white duck GmbH 2020
  • 36. Questions? Slides: https://www.slideshare.net/nmeisenzahl Demo: https://github.com/whiteducksoftware/sample-mvc Nico Meisenzahl (Senior Cloud & DevOps Consultant) Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org © white duck GmbH 2020