Kubernetes

Evaluating Large Scale Solutions for Multi Tenant Metrics System

Posted on November 4, 2024 by Korhan Ozturk

In our work with a client, we encountered a challenge with their multi-tenant Kubernetes platform. The platform was designed to provide a flexible environment where each tenant could independently manage their own services and infrastructure. As part of this setup, tenants were encouraged to create and maintain their own monitoring stacks using Prometheus and Alertmanager .

Deep Dive into Policy Controllers and their impact on Cluster Management

Posted on July 3, 2024 by Andreas Ttofi

What is a policy engine in Kubernetes? In this article, we are going to look at how Policy Engines can help enforce organisational standards in Kubernetes. We will do a deep dive into the most popular available open-source solutions and compare their approaches and strengths, to enable readers to more rapidly make informed decisions when faced with the need for enforcing standards.

Securing the Unseen - Comprehensive Strategies for Kubernetes Secret Management

Posted on May 10, 2024 by Neofytos Zacharia

Introduction In the digital landscape, where security breaches and data leaks are ever-looming threats, the art of managing secrets within Kubernetes takes on a paramount importance. “Securing the Unseen” delves into the comprehensive strategies essential for the effective management of Kubernetes secrets, offering a beacon of guidance for security and software professionals alike. This guide is meticulously crafted to uncover the layers of complexity in secret management, presenting a panoramic view of the tools and practices at the forefront of Kubernetes security.

Building the Foundation: Our Take on Training

Posted on March 29, 2024 by Savvas Michael

Introduction Imagine acquiring sought-after engineering skills that could significantly boost your expertise and confidence, in a matter of weeks.

Crossplane: the good, the bad and the ugly

Posted on February 27, 2024 by Simon Aquino

Crossplane is an infrastructure provisioning tool engineered to bridge the gap between infrastructure automation, Kubernetes and reconciliation on steroids. Its main ethos is to provide a unified declarative API to abstract different cloud implementations and leverage Kubernetes to run the provisioning workload.

Case Study: Seamless Cross-cloud Application Deployments

Posted on February 14, 2024 by Derek Mortimer

Where We Were Driven by a long-term engagement with CECG, one of our longest-standing clients had a well-established Kubernetes-based Internal Developer Platform (IDP) known as the Core Platform running on AWS. This platform allows application teams to easily deploy, test and promote their releases through a variety of environments with complete autonomy and automation. The automation and progressive delivery also automate all of the centralised bookkeeping required to do customer-impacting production releases.

AWS Landing Zone: The Art of Taking Off with a Low Code Solution

Posted on February 1, 2024 by Senna Semakula-Buuza

Discover streamlining landing zone creation from the ground up using a low-code approach, optimising efficiency and reducing development complexities.

Embracing Innovation in CI/CD Pipelines: A Shift From Traditional Practices

Posted on January 31, 2024 by Neofytos Zacharia

Embracing Innovation in CI/CD Pipelines: A Shift From Traditional Practices The software development industry has long-established practices and tools for Continuous Integration and Continuous Deployment (CI/CD). However, evolving discussions and innovations point to the need for revisiting and revising these traditional methods. This article explores emerging trends in CI/CD pipelines, advocating for more dynamic and adaptable approaches that challenge conventional processes.

Unravelling Kubernetes Networking: A Comparative Guide to Choosing the Best CNI

Posted on December 29, 2023 by Andreas Ttofi

What is CNI (Container Network Interface)? The Container Network Interface (CNI) is a specification and a set of libraries for designing plugins used to configure network interfaces in Linux containers. It’s a project under the Cloud Native Computing Foundation . Technically, a CNI is a framework responsible for dynamically configuring the container’s networking resources and making necessary changes on the host. It assigns an IP address to the interface and sets up the routes consistent with the IP Address Management by invoking the appropriate IP Address Management (IPAM) plugin.

Integrating Kubernetes and Vault: The options

Posted on December 21, 2023 by Tomasz Bartosiewicz

Over the years, we have observed several common issues when it comes to Kubernetes secret management by our clients. Very often the problems start even before the secrets get to the required application. Lack of strong company-wide security policies results in passing plain text secrets through emails or private chats which eventually find their place in service configuration files on GitHub in plain text (sounds familiar?!). Kubernetes’ secrets can solve part of the problem, however, it is far from a perfect solution due to: