Everyone is talking about Kubernetes these days, and it’s no secret that Kubernetes has emerged as the leading container orchestration tool. There are a variety of reasons for that, ranging from Kubernetes’s open source, community-based development model to helpful technical features like pod security policies and automatic load balancing.
If you work with Kubernetes, you’re probably already familiar with basic Kubernetes best practices guides and patterns. But the recent release of Kubernetes v1.14 has introduced some new features, which in turn necessitate new best practices. Most of them center on security and automation, which are top of the list for operations staff, management, and development alike. But there are some others that factor in as well.
If you believe all the marketing hype, then Kubernetes is the silver bullet to make containers so routine that they’re boring, and your infrastructure will have better harmony than any boy band in history. If only this were true.
Kubernetes 1.14 was recently
released with several new features and nonetheless important enhancements.
Main highlights include:
- Support for Windows nodes (graduating from Beta to Stable)
- Several kubectl improvements (updated plugin mechanism, kustomize Integration, new documentation website)
- Persistent Local Volumes, which makes locally attached (non-network attached) storage available as a persistent volume source (graduating to GA)
As of
today
, Amazon App Mesh Service Mesh is finally available, and Alcide is very proud to be among those select vendors that natively integrate with App Mesh.
The post is part one of a two blog series on DevOps KPIs
DevOps is no longer a new concept. There are entire tool ecosystems, methodologies, and transformation models, as well as endless resources out there to guide companies along the DevOps journey. But how do you do the basics well, and how do you measure success?
The tools you use will differ if you’re running a Platform as a Service (PaaS), running a mobile application, or serving as a bank. Nevertheless, there are some core Key Performance Indicators (KPIs) that should be common to all of these environments. This article will take you through the KPIs you should either evaluate or revisit and examine what you should consider when measuring success.
Tunneling is the practice of embedding messages of one network protocol within messages of a different network protocol. In a security context, tunneling is a way for an attacker to bypass security boundaries like the perimeter firewall of a cloud deployment by encapsulating malicious traffic within permitted traffic. This blog explores the challenges of detecting DNS tunneling, and offers a solution to how you can detect a DNS tunneling attack on you cloud environments.
Last week our team came back from KubeCon Seattle, CNCF largest event to date with over 8000 attendees (!) where they showcased our Microservices Firewall, and I thought that now would be a good time to touch base again and talk about Kubernetes security.