Tag: kubernetes
-
Azure CNI Powered by Cilium
What Is Cilium and How Does It Work? Cilium is an open source networking and security solution for containers that can be used on premises or in the cloud. It provides a high performance, scalable way to secure communications between containers without the need for a central controller. Cilium uses the Linux kernel’s built-in networking…
-
Service Mesh in GCP with Linkerd
Linkerd is a service mesh solution that provides a transparent layer of network communication between microservices in a Kubernetes cluster. Service meshes help to address many of the challenges faced in microservice architecture, such as service discovery, traffic management, load balancing, and security. While of course a service mesh may not be needed depending on…
-
Istio: The Powerhouse Behind Kubernetes Networking and Security
What is Istio? Istio is a service mesh that enables microservices to interact with each other securely and efficiently. Istio provides a range of capabilities that make it easier to develop, deploy, and manage microservices, including traffic management, service discovery, load balancing, rate limiting, and service-to-service authentication. Why use Istio? Istio provides a range of…
-
AccuKnox in Kubernetes
For today’s post I’ve been wanting to cover more open-source tools that can assist your production operations suite. Enter policy enforcement tool known as AccuKnox. What is AccuKnox? In a nutshell this tool provides policy enforcement and the components that make up this tool are capable of using with Cilium as CNI and adds a…
-
Kubewarden a CNCF Sandbox Project
How to Use Kubewarden to Validate Incoming Requests Using Policies Written in WebAssembly In this blog post, we will be discussing how to use Kubewarden to validate incoming requests using policies written in WebAssembly. We will also be discussing the benefits of using Kubewarden and the steps involved in using it. Getting started on a…
-
How to Encrypt Secret Data at Rest in Kubernetes
Data encryption is a process of transforming readable data into an unreadable format. This is done in order to protect the data from unauthorized access. Data encryption at rest refers to the process of encrypting data when it is not being used, such as when it is stored on a disk or backup storage system.…
-
Kubesec by Control Plane for Kubernetes Static Analysis
Kubesec is a tool that is used to scan your static workloads to give you improvements that can be made to harden your existing workloads and make you aware of the findings are one step in increasing your security posture. So for this example we will be consuming this resource through the HTTPS method had…