Master thesis : How Kubernetes can support cloud native application development ?
Promotor(s) : Mathy, Laurent
Date of defense : 24-Jan-2020 • Permalink :
|Title :||Master thesis : How Kubernetes can support cloud native application development ?|
|Translated title :||[fr] Comment Kubernentes peut-il aider au développement d'applications cloud native ?|
|Author :||Stappers, Michaël|
|Date of defense :||24-Jan-2020|
|Advisor(s) :||Mathy, Laurent|
|Committee's member(s) :||Donnet, Benoît
|Number of pages :||83|
|Keywords :||[en] container|
[en] service mesh
|Discipline(s) :||Engineering, computing & technology > Computer science|
|Target public :||Professionals of domain|
|Institution(s) :||Université de Liège, Liège, Belgique|
|Degree:||Master : ingénieur civil en informatique, à finalité spécialisée en "computer systems security"|
|Faculty:||Master thesis of the Faculté des Sciences appliquées|
[en] The development of applications has evolved. Several years ago, the trend was to create some monolithic applications on a mainframe. Now, it is the micro-services architecture in the cloud. The requirements of the users have also changed. They want a secured application highly available at any time. These constraints transform the IT sector and the application development. The workflow must be quick and automatised.
Kubernetes is a potential solution to support the development of cloud native application. This master thesis will explore how it can be used to create an environment to fit the new constraints. It begins by the creation of a cluster of 6 instances in the cloud (3 masters and 3 workers) and the development of a web application to represent a real use case. After that, a comparison is made between some tools dedicated to the continuous integration and deployment. It is the basis of the devOps and gitOps principles which ensure an efficient workflow. The communication between the services is performed by Istio which is a service mesh tool. It is responsible of the routing and the enforcement of policy rules. A micro-services architecture has some weaknesses in term of security at the level of the cluster itself, the Kubernetes API, the images used by the container, the running containers and the services. All these elements can be configured to mitigate or reduce the consequences of an attack. The performances of Kubernetes and the added tools are analysed to determine in which cases Kubernetes is interesting. In the majority of the cases, it is a efficient choice if the application receives a variable load and must be highly available and secured. The conclusion and the future works close this master thesis.
Size: 1.51 MB
Format: Adobe PDF
Size: 130.43 kB
Format: Adobe PDF
Size: 4.52 MB
Cite this master thesis
The University of Liège does not guarantee the scientific quality of these students' works or the accuracy of all the information they contain.