Tag: Multi-cloud
-
Kubernetes 1.29.0 Security Enhancements
Introduction Kubernetes 1.29.0 is now released this marks a significant milestone in the evolution of container orchestration, introducing robust security enhancements that cater to the ever-evolving demands of modern infrastructure management. This latest release encapsulates Kubernetes’ commitment to providing a secure, scalable, and highly efficient platform for deploying and managing containerized applications. With a focus…
-
Road to Multi-Cloud Architect 2023 Reflections
Head in the clouds November was filled with immense amounts announced throughout multiple cloud platforms but also notes when I’ve finally accomplished a well sought after goal of mine, achieving all three CSP’s Architect Pro. It would be of note that the landscape is constantly changing and staying at this pace of bleeding edge you…
-
Chaos Mesh on EKS
Introduction Ensuring the reliability and resilience of modern cloud-native applications is crucial, especially as services scale to support more users and traffic. One effective approach is chaos engineering – intentionally introducing failures, delays, and other adverse conditions to evaluate a system’s response and ability to recover. By proactively testing how an application behaves under chaotic…
-
Azure Kubernetes Service with Notary and Ratify
Introduction Azure Kubernetes Service while having many additions and capabilities continues to implement more native security controls and recently announced the use of signed images with leveraging the open-source project Ratify for a parameter known as ImageIntegrity. This is not only a step-forward of first party native capabilities but also a guard-rail that extends the…
-
Wazuh on Kubernetes
Wazuh is a open-source XDR and SIEM with cloud workload protection in this blog post we are covering the kubernetes deployment of resources for Wazuh in a cluster. For starters we are going to need to clone our repo to follow along mind you I’m hosting this in AKS. For clusters involving EKS in the…
-
Paralus Secure Kubernetes Access in AKS
Introduction Paralus is a CNCF project in sandbox status that I’ve sat through a series of use cases in the Cloud Native Security Conference a good while back and felt like this deserved more attention for areas of focus that many organizations are struggling with providing remote access to clusters securely without running up costs…
-
Chaos Studio Experiments in AKS
Introduction Chaos Studio was presented as a service in Microsoft Azure that is to measure and understand your applications service resilience, I’ve wrote about using LitmusChaos previously in a blog but felt like I could create more on this topic as application resiliency is not only pivotal to organizations operations. Chaos Engineering is the practice…
-
Conftest in Terraform in Action
Introduction In today’s rapidly evolving technological landscape, ensuring the security and compliance of infrastructure has become paramount. Open Policy Agent (OPA) is a CNCF-graduated open-source project that utilizes rego policies for enforcement. With its ability to expand to multiple resources and its relatively easy-to-pick-up syntax, OPA has gained significant popularity. In this blog post, we…
-
Kubernetes Bill of Materials – Supply Chain Security
Software Bill of Materials has grown in popularity and adoption from many open source software projects to provide transparency of software supply chain attestation of packages associated with the build of the software. While the aim of Software Bill of Materials aims to reduce or be the front protection in the movement behind software supply…
-
Azure Kubernetes Service Gateway API for Containers (Backend MTLS)
Background Application Gateway for Containers is a new feature offering for Azure Kubernetes Service that encompasses native capabilities and extends the use of services by implementing a Application Load Balancer controller to facilitate operations. Options of going more native to Kubernetes is really a strong suit of Azure that the operations that allows your organization…