Tag: Multi-cloud
-
Deploying Policy-as-Code with Kyverno in Kubernetes
Security in Kubernetes shifts the security enforcement with Admission Controllers the flow of these systems can be enhanced with utilization of tools such as Open Policy Agent which leverages rego to define parameters that must be met prior to authorization of operations requested against the Kubernetes api server. What is Kyverno? Kyverno is (greek for…
-
Otomi – PaaS for Kubernetes
Otomi is a platform as a service for Kubernetes, well let’s unpack exactly what that breaks down to. For instance in Kubernetes you’re mostly empowered depending on how you configure your cluster by numerous plugins/resources. Depending on how you are hosting your cluster this can be limited to the CSP’s native controls but also can…
-
Jenkins in Azure
Jenkins is an open-source automation server that is widely used for continuous integration and continuous delivery (CI/CD) pipelines. It allows developers to automate the building, testing, and deployment of their software applications, making the development process faster and more efficient. For todays post this will show how to run this on Azure Virtual Machines and…
-
How to Evaluate a Cloud Native Application Platform: What to evaluate and consider
In order to evaluate a cloud native application platform, it is important to understand what to look for and the different aspects of architecture. There are many benefits to using a cloud native application platform, including the ability to scale applications and manage resources more effectively. When choosing a platform, it is important to consider…
-
Azure CNI Powered by Cilium
What Is Cilium and How Does It Work? Cilium is an open source networking and security solution for containers that can be used on premises or in the cloud. It provides a high performance, scalable way to secure communications between containers without the need for a central controller. Cilium uses the Linux kernel’s built-in networking…
-
Service Mesh in GCP with Linkerd
Linkerd is a service mesh solution that provides a transparent layer of network communication between microservices in a Kubernetes cluster. Service meshes help to address many of the challenges faced in microservice architecture, such as service discovery, traffic management, load balancing, and security. While of course a service mesh may not be needed depending on…
-
AccuKnox in Kubernetes
For today’s post I’ve been wanting to cover more open-source tools that can assist your production operations suite. Enter policy enforcement tool known as AccuKnox. What is AccuKnox? In a nutshell this tool provides policy enforcement and the components that make up this tool are capable of using with Cilium as CNI and adds a…
-
How to Encrypt Secret Data at Rest in Kubernetes
Data encryption is a process of transforming readable data into an unreadable format. This is done in order to protect the data from unauthorized access. Data encryption at rest refers to the process of encrypting data when it is not being used, such as when it is stored on a disk or backup storage system.…
-
Kubesec by Control Plane for Kubernetes Static Analysis
Kubesec is a tool that is used to scan your static workloads to give you improvements that can be made to harden your existing workloads and make you aware of the findings are one step in increasing your security posture. So for this example we will be consuming this resource through the HTTPS method had…
-
Q1 2022 Recap – Future
This year kicked off with high velocity first in terms of work, I’ve entered into a new role that expanded my footprint in consulting and really fit my background more on that later. For this post I’m going to focus on the goals that are laid out for the year, obviously its apparent that adoption…