Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
DevSecOps in Practice with VMware Tanzu

You're reading from   DevSecOps in Practice with VMware Tanzu Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio

Arrow left icon
Product type Paperback
Published in Jan 2023
Publisher Packt
ISBN-13 9781803241340
Length 436 pages
Edition 1st Edition
Concepts
Arrow right icon
Authors (2):
Arrow left icon
Robert Hardt Robert Hardt
Author Profile Icon Robert Hardt
Robert Hardt
Parth Pandit Parth Pandit
Author Profile Icon Parth Pandit
Parth Pandit
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Part 1 – Building Cloud-Native Applications on the Tanzu Platform
2. Chapter 1: Understanding the Need to Move to a Cloud Platform FREE CHAPTER 3. Chapter 2: Developing Cloud-Native Applications 4. Chapter 3: Building Secure Container Images with Build Service 5. Chapter 4: Provisioning Backing Services for Applications 6. Chapter 5: Defining and Managing Business APIs 7. Part 2 – Running Cloud-Native Applications on Tanzu
8. Chapter 6: Managing Container Images with Harbor 9. Chapter 7: Orchestrating Containers across Clouds with Tanzu Kubernetes Grid 10. Chapter 8: Enhancing Developer Productivity with Tanzu Application Platform 11. Part 3 – Managing Modern Applications on the Tanzu Platform
12. Chapter 9: Managing and Controlling Kubernetes Clusters with Tanzu Mission Control 13. Chapter 10: Realizing Full-Stack Visibility with VMware Aria Operations for Applications 14. Chapter 11: Enabling Secure Inter-Service Communication with Tanzu Service Mesh 15. Chapter 12: Bringing It All Together 16. Index 17. Other Books You May Enjoy Appendix

The challenges of running a software supply chain

VMware Tanzu is a modular software application platform that runs natively on multiple clouds and is geared toward important business outcomes such as developer productivity, operator efficiency, and security by default. If you are looking for a hands-on detailed treatment of VMware Tanzu, you won’t be disappointed.

However, before diving into the platform’s components, it may help to understand some history and background. If you’re reading this, there’s a good chance you participate in the coding, designing, architecting, operating, monitoring, or managing of software. However, you may not have considered that you are participating in a supply chain.

According to Adam Hayes in his Investopedia article, The Supply Chain: From Raw Materials to Order Fulfillment, a supply chain “refers to the network of organizations, people, activities, information and resources involved in delivering a product or service to a consumer.”

When a piece of software makes the journey from a developer’s workstation to an end user, that’s as much of a supply chain as when Red Bull and ramen noodles make the trek from raw ingredients to a production facility to a warehouse to the neighborhood grocery store.

Every supply chain has its own set of challenges, and software supply chains are no exception. Most software written today consists of libraries and frameworks containing millions of lines of open source software developed by people who are essentially anonymous and whose motivations are not entirely clear.

Much of that software changes hands many times as it moves from an open source repository to the developer, to source control, to building and packaging, to testing, to staging, and finally, to running in production. Furthermore, the infrastructure on which that software runs is often open source as well, with a worldwide community of hackers working to identify vulnerabilities in the operating systems, network protocol implementations, and utilities that make up the dial tone that your software runs on. This ecosystem presents an enormous surface area for bad things to happen.

For further reading on real-world examples of what can go wrong with software supply chains, I’d recommend a quick search of the web for the 2020 SolarWinds incident or the 2021 emergence of Log4Shell (CVE-2021-44228). The authors of this book, in their capacity as Tanzu solution engineers, have seen first-hand the impact software supply chain issues can have across the financial, government, telecom, retail, and entertainment sectors.

You have been reading a chapter from
DevSecOps in Practice with VMware Tanzu
Published in: Jan 2023
Publisher: Packt
ISBN-13: 9781803241340
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime