Container networking is one of the most critical concerns in production environments where scale, security and availability are required to be as automated and as seamless as possible. In this blog post I want to focus on the role that container networking plays in enterprises today.
Since 2017, Kubernetes has soared and has played a key role within the cloud-native computing community. With this movement, more and more companies who already embraced microservices realized that a dedicated software layer for managing the service-to-service communication is required.
GitOps is a paradigm that puts Git at the heart of building and operating cloud native applications by using Git as the single source of truth and empowers developers to perform what used to fall under IT operations. This post is part a blog post series covering GitOps and Kubernetes security.
I'm a fan of online surveys. It's a fun, simple, and a great way to check the pulse of our community.
We launched our first survey back in 2018, where we looked at the state of securing cloud workloads. We then continued the motion in 2019 with The Kubernetes Adoption and Usage survey and most recently with the Helm survey, still open for feedback.
In this blog post I'd like to focus on the 2019 Alcide Kubernetes survey. Based on 200 responses from Dev, Ops, Security and Cloud Architects, our survey reveals that 45% of companies are now running Kubernetes in production, while 37% are leveraging hybrid or multi-cloud environments for their Kubernetes clusters.
The Payment Card Industry (PCI) Security Standards Council administers the Payment Card Industry Security Data Security Standard (PCI DSS). It's a standard that any organization that stores, processes or transmits cardholder data, must comply with. It's not new, it's well understood, and there are a multitude of companies that have sought and achieved compliance over the many years since its introduction.
In this blog I am going to explain why you should avoid exposing every tiny configuration in your SaaS application. I am going to talk about configurations that are related to SaaS deployments. This kind of deployments have the unique property that they are fully deployed and managed by either dev or ops teams.
Kubernetes V1.18-alpha.2 is live! The new version introduces an alpha stage field for both Secret and ConfigMap objects to mark their content as immutable.
Publishing a Kubernetes Service
In Kubernetes, a Service is an abstract way to expose an application running on a set of Pods as a network service
With Kubernetes you don’t need to modify your application to use an unfamiliar service discovery mechanism. Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.
This post will describe the different ways used to publish a Kubernetes service, the risks harbored and the methods that can be applied to mitigate those risks.
In our recent blog about making Kubernetes logs auditing a viable practice we mentioned that in general, audit logs are used in two ways: