Blog

Comparison: Kubeadmiral and Karmada

Posted on March 17, 2025 by Derek Mortimer

Kubeadmiral, Karmada, and Multi-cluster Federation Standards A client recently asked us for a comparison of two multi-cluster Kubernetes management technologies, specifically Kubeadmiral and Karmada . In this post we’ll introduce these technologies, and the Kubernetes standards that influenced their architecture, to enable multi-cluster workload orchestration. The focus will be entirely on managing the manifests inside existing Kubernetes clusters, specifically excluding discussion of standards such as the Cluster API which are concerned with the provisioning of new clusters from scratch.

Evaluating Large Scale Solutions for Multi Tenant Metrics System

Posted on November 4, 2024 by Korhan Ozturk

In our work with a client, we encountered a challenge with their multi-tenant Kubernetes platform. The platform was designed to provide a flexible environment where each tenant could independently manage their own services and infrastructure. As part of this setup, tenants were encouraged to create and maintain their own monitoring stacks using Prometheus and Alertmanager .

Supporting private service access in GCP from a multi-tenanted kubernetes platform

Posted on October 25, 2024 by Tiago Alves

Having a developer platform that works out of the box is great, but integrating it with other cloud provider resources outside the platform can be tricky:

Serverless Exodus to GKE Autopilot

Posted on September 13, 2024 by Jingkai He

Over the last year CECG has been working on an engagement within a client’s Advertising Technology division to deliver an Ad decision server solution. It comes with the following requirements:

Automated Landing Zones in GCP Organizations

Posted on August 12, 2024 by Derek Mortimer

What is a Landing Zone? As cloud usage increases across organizations and more teams deploy resources, it becomes increasingly important to stay organized as platform operators to be able to ensure security best practices are being applied and also be able to attribute resources to their owners (e.g., for cost attribution, to discover responsible people/teams).

How We Execute Greenfield Projects

Posted on July 15, 2024 by Senna Semakula-Buuza

Planning and executing greenfield projects is no easy feat. It requires meticulous planning and flawless execution. Tune in to see how we unveil our strategy to achieve the utmost client satisfaction and critical decisions agreed upon within 15 minutes.

Deep Dive into Policy Controllers and their impact on Cluster Management

Posted on July 3, 2024 by Andreas Ttofi

What is a policy engine in Kubernetes? In this article, we are going to look at how Policy Engines can help enforce organisational standards in Kubernetes. We will do a deep dive into the most popular available open-source solutions and compare their approaches and strengths, to enable readers to more rapidly make informed decisions when faced with the need for enforcing standards.

Best-Practice Security, Automation & Operability, with mTLS

Posted on June 10, 2024 by CECG

Discover how we designed a robust authentication approach which can flexibly handle a diverse range of communication protocols and which scales efficiently.

How onboarding at CECG is different

Posted on May 20, 2024 by Ilia Chernov

What this post is about I recently joined CECG and the onboarding process looked and felt different compared to other companies I worked at.

Securing the Unseen - Comprehensive Strategies for Kubernetes Secret Management

Posted on May 10, 2024 by Neofytos Zacharia

Introduction In the digital landscape, where security breaches and data leaks are ever-looming threats, the art of managing secrets within Kubernetes takes on a paramount importance. “Securing the Unseen” delves into the comprehensive strategies essential for the effective management of Kubernetes secrets, offering a beacon of guidance for security and software professionals alike. This guide is meticulously crafted to uncover the layers of complexity in secret management, presenting a panoramic view of the tools and practices at the forefront of Kubernetes security.