Tag: API
-
Azure ML on AKS with Trusted Access
Trusted Access which is in preview provides secure access to the Kubernetes API Server while granting services that are needed for operations without requiring a traditional (private-endpoint). This feature uses the system0assigned managed identity as a authentication mechanism as intermediary to access your AKS clusters. As always in any feature that is rolled out prior…
-
Capsule – Multi-tenant in Kubernetes
Introduction Multi-tenancy in Kubernetes refers to the ability to isolate and manage multiple user groups or ‘tenants’ within a single Kubernetes cluster. This approach is essential for organizations that want to maximize resource utilization while maintaining isolation and security between different user groups. Typically this can be achieved by either logical isolation mapping namespaces as…
-
Conftest in Terraform in Action
Introduction In today’s rapidly evolving technological landscape, ensuring the security and compliance of infrastructure has become paramount. Open Policy Agent (OPA) is a CNCF-graduated open-source project that utilizes rego policies for enforcement. With its ability to expand to multiple resources and its relatively easy-to-pick-up syntax, OPA has gained significant popularity. In this blog post, we…
-
Kubernetes v1.28.0 Validating Admission Policies
Kubernetes recently dubbed “Planternetes” with a large amount of enhancements, notably I’m covering some aspects of new releases in security features and Validating Admission Policies stood out to me. I’ve created a script using bash and kind with proper configuration for you to run this demo. I’m running on Ubuntu you can use macOS or…
-
Kubernetes Bill of Materials – Supply Chain Security
Software Bill of Materials has grown in popularity and adoption from many open source software projects to provide transparency of software supply chain attestation of packages associated with the build of the software. While the aim of Software Bill of Materials aims to reduce or be the front protection in the movement behind software supply…
-
Azure Kubernetes Service Gateway API for Containers (Backend MTLS)
Background Application Gateway for Containers is a new feature offering for Azure Kubernetes Service that encompasses native capabilities and extends the use of services by implementing a Application Load Balancer controller to facilitate operations. Options of going more native to Kubernetes is really a strong suit of Azure that the operations that allows your organization…
-
Application Gateway for Containers in Azure Kubernetes Service (AKS)
Most of the production recommendations in regards to Azure Kubernetes Service was directed to use native Application Gateway Ingress Controller. I’ve heard mixed uses of this being cumbersome and tedious that others have opted for use of nginx-ingress controller. As of this week the (preview) for Application Gateway for Containers is able to be used…
-
Multi-tenancy in Kubernetes with Kiosk
Multi-tenancy shouldn’t be unfamiliar to those who’ve already adopted some type of cloud model regardless if it’s hybrid and not full cloud-native. This also has been a area of adoption in the realm of kubernetes as likely every organization is facing financial optimization decisions. Today’s blog post explores the tool known as Kiosk that is…
-
Otomi – PaaS for Kubernetes
Otomi is a platform as a service for Kubernetes, well let’s unpack exactly what that breaks down to. For instance in Kubernetes you’re mostly empowered depending on how you configure your cluster by numerous plugins/resources. Depending on how you are hosting your cluster this can be limited to the CSP’s native controls but also can…
-
Jenkins in Azure
Jenkins is an open-source automation server that is widely used for continuous integration and continuous delivery (CI/CD) pipelines. It allows developers to automate the building, testing, and deployment of their software applications, making the development process faster and more efficient. For todays post this will show how to run this on Azure Virtual Machines and…