Category: Blog
-
Kubernetes 1.29.0 Security Enhancements
Introduction Kubernetes 1.29.0 is now released this marks a significant milestone in the evolution of container orchestration, introducing robust security enhancements that cater to the ever-evolving demands of modern infrastructure management. This latest release encapsulates Kubernetes’ commitment to providing a secure, scalable, and highly efficient platform for deploying and managing containerized applications. With a focus…
-
Conftest and authoring custom checks in Policy as Code
Introduction In the rapidly evolving world of Infrastructure as Code (IaC), ensuring compliance and security is paramount. How can we use tools that agnostically enforce guard rails uninformedly? One way to do this without incurring extravagant costs is using Conftest a wrapper of OPA. In this latest blog I’m going to cover how Conftest seamlessly…
-
Road to Multi-Cloud Architect 2023 Reflections
Head in the clouds November was filled with immense amounts announced throughout multiple cloud platforms but also notes when I’ve finally accomplished a well sought after goal of mine, achieving all three CSP’s Architect Pro. It would be of note that the landscape is constantly changing and staying at this pace of bleeding edge you…
-
Chaos Mesh on EKS
Introduction Ensuring the reliability and resilience of modern cloud-native applications is crucial, especially as services scale to support more users and traffic. One effective approach is chaos engineering – intentionally introducing failures, delays, and other adverse conditions to evaluate a system’s response and ability to recover. By proactively testing how an application behaves under chaotic…
-
Azure Kubernetes Service with Notary and Ratify
Introduction Azure Kubernetes Service while having many additions and capabilities continues to implement more native security controls and recently announced the use of signed images with leveraging the open-source project Ratify for a parameter known as ImageIntegrity. This is not only a step-forward of first party native capabilities but also a guard-rail that extends the…
-
SigNoz Open-Source Telemetry in AKS
Introduction SigNoz is a open-source project with a paid SaaS offering of observability for your infrastructure, previously very few players were existing in this space notable are Elastic, Prometheus, however if you notice these goals of these organizations was a solution for one area. Due to this the approach at least from what I can…
-
Wazuh on Kubernetes
Wazuh is a open-source XDR and SIEM with cloud workload protection in this blog post we are covering the kubernetes deployment of resources for Wazuh in a cluster. For starters we are going to need to clone our repo to follow along mind you I’m hosting this in AKS. For clusters involving EKS in the…
-
Kargo by Akuity CD of the Future
Introduction Kargo is a new tool presented by Akuity that aims at treating your releases as stages rather than environments shifting from deliver of the artifacts that are produced in CI pipelines as in continuous delivery the packaged artifact moves from different areas as needed uat, dev, prod. While ArgoCD revolutionize the use of GitOps…
-
Paralus Secure Kubernetes Access in AKS
Introduction Paralus is a CNCF project in sandbox status that I’ve sat through a series of use cases in the Cloud Native Security Conference a good while back and felt like this deserved more attention for areas of focus that many organizations are struggling with providing remote access to clusters securely without running up costs…
-
Chaos Studio Experiments in AKS
Introduction Chaos Studio was presented as a service in Microsoft Azure that is to measure and understand your applications service resilience, I’ve wrote about using LitmusChaos previously in a blog but felt like I could create more on this topic as application resiliency is not only pivotal to organizations operations. Chaos Engineering is the practice…