Blog

Case Study: Security for a large multinational media provider’s Internal Developer Platform

Posted on January 8, 2024 by Tiago Alves

The client is a large multinational that operates in different parts of the world. In each of these geolocations, there are different products, which means different developer platforms with different security requirements. For this reason, we needed to come up with a flexible solution that would allow us to have configurable rules and integrations per region.

Platform Lifecycle Management with Flux & Concourse

Posted on January 3, 2024 by Thoiba Thoudam

Platform Lifecycle Management is a crucial element in the realm of software development, shaping and executing the procedural flow for deploying and promoting changes across multiple environments - from CI and Test to Dev, PreProd, and ultimately, Production. A robustly implemented platform lifecycle ensures the deployment of changes in a dependable, uniform, continuous, and automated fashion of platform services such as logging, monitoring infrastructures, ingress controllers, and cluster add-ons. Platform Lifecycle Management delineates the orchestrated process for propagating changes in these platform services throughout the various stages of delivery.

Unravelling Kubernetes Networking: A Comparative Guide to Choosing the Best CNI

Posted on December 29, 2023 by Andreas Ttofi

What is CNI (Container Network Interface)? The Container Network Interface (CNI) is a specification and a set of libraries for designing plugins used to configure network interfaces in Linux containers. It’s a project under the Cloud Native Computing Foundation . Technically, a CNI is a framework responsible for dynamically configuring the container’s networking resources and making necessary changes on the host. It assigns an IP address to the interface and sets up the routes consistent with the IP Address Management by invoking the appropriate IP Address Management (IPAM) plugin.

Integrating Kubernetes and Vault: The options

Posted on December 21, 2023 by Tomasz Bartosiewicz

Over the years, we have observed several common issues when it comes to Kubernetes secret management by our clients. Very often the problems start even before the secrets get to the required application. Lack of strong company-wide security policies results in passing plain text secrets through emails or private chats which eventually find their place in service configuration files on GitHub in plain text (sounds familiar?!). Kubernetes’ secrets can solve part of the problem, however, it is far from a perfect solution due to:

What’s the point of Operators and CRDs? A seasonal reflection

Posted on December 18, 2023 by Geoff Macartney

It is that time of year when our thoughts naturally turn to pondering the things in life that truly matter. Like Kubernetes Operators, for instance. What’s the point of Operators and CRDs? Searching around for a definition, you find many websites that tell you something along the lines that an operator is a way of extending the API of Kubernetes, or a method of packaging and deploying an application. But so what? Why is this a good thing? How would I explain the value of Operators to someone myself?

Why we are building our own Developer Platform

Posted on December 5, 2023 by Christopher Batey

CECG was founded by and is made up of, the most senior software engineers that want to get things done quickly.

Multi-Tenant Ingress for a GKE-based Developer Platform

Posted on December 1, 2023 by Christopher Batey

A key capability of a developer platform is to enable developers to expose services to the Internet as seamlessly as possible. We implement this capability with a developer platform feature called platform ingress. Without this capability, every engineering team is burdened with:

Mastering the Google Cloud Professional DevOps Exam: The Influence of Platform Engineering Excellence

Posted on November 21, 2023 by Neofytos Zacharia

Embarking on the journey to conquer the Google Cloud Professional DevOps Exam was a challenging yet rewarding experience that significantly elevated my skills and understanding of cloud technologies. Successfully navigating this certification not only validated my expertise in DevOps practices but also provided unique insights into Google Cloud ’s powerful offerings. This certification is a testament to the growing importance of cloud-native DevOps, making it a valuable asset for any professional seeking to advance their career in the ever-evolving tech landscape. In this blog post, we will delve into the landscape of learning resources, the invaluable role CECG’s platform engineering training played, and how real-world scenarios in our projects mirrored the exam challenges.

10 + 1 Things I wish I knew about operators before I wrote one

Posted on November 17, 2023 by Christopher O’Quinn

Writing a custom Kubernetes Operator for the first time can be a bit of a challenge. It’s not obvious where to look or where to start!

Upgrading Kubernetes: 8 years of production

Posted on November 8, 2023 by Matt Burgess

How we successfully keep multi-tenanted production clusters up to date. CECG engineers have been running production Kubernetes clusters for one of our clients for over 8 years now. For context, that’s roughly around the time of the Kubernetes-v1.0.0 release and, as of the time of writing, Kubernetes-v1.28.0 is the latest GA version!