Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
Kubernetes is not a secure platform. Its implementation in production requires the integration of several components to ensure its security and good operation by both administrators and users.
The management of cluster access is obviously an important point in the adoption of the platform. Several tools exist today to manage this critical security aspect. Infra is a new player in this field and deserves some attention.
The purpose of this post is to share some thoughts on the management of a Kubernetes platform in production. The idea is to focus on a major problem that many beginners encounter with this platform, namely: the management of preempted pods.
Preemption is a famous nightmare on every orchestration platform, this is not something dedicated to Kubernetes, but several aspects of this platform can be the root cause of an unexpected preemption.
Kubernetes is a container orchestration platform today adopted by many companies. Its implementation requires a certain understanding of its ecosystem in order to deploy a cluster ready for production. Implementing working principles or tools is therefore essential and requires the work of all teams (operations, development, security, etc.) to promote the detection of anomalies as soon as possible and thus raise the level of security of the orchestrator and its resources.
The primary objective being to minimize the impacts in production by adding automated processes as early as possible in a continuous integration pipeline is today a recognized principle of the DevSecOps world.
Generally speaking, all companies are looking to increase their productivity at all levels: human, infrastructure, processes, and so on. Often, productivity is driven by the addition of automated processes to facilitate and increase the pace of production. This automation requires an evolution, an adaptation, or even a complete transformation of the concepts historically used. This includes the implementation and control of security policies.
Indeed, since the emergence of new working methods based on agility and flexibility (such as DevOps), some security concepts have had to adapt to the pace of development and management of the components of the infrastructure. Today, one of the best safety practices is to move these control points as early as possible in the integration chain in order to detect as soon as possible any anomaly that deserves special attention.
DevOps is a working methodology widely used today, combining good development (Dev) and operations (Ops) practices to deliver value to customers continuously. Adopting this methodology generally requires a multi-level restructuring (human, process, and technological).
To promote its adoption and implementation, it is essential to consider some crucial points in the DevOps transformation of your company.
Kubernetes is now the platform of choice for many companies to manage their applications both on-premises and in the cloud. Its emergence a few years ago drastically changed the way we work. The flexibility of this platform has allowed us to increase the productivity of the engineering teams, thus requiring new working methods more adapted to this dynamic environment.
Kubernetes requested an adaptation of the security control processes to ensure the continuity of the reliability of this system. Falco is a tool that fits into this ecosystem.
This article is an opinionated SRE point of view of an open-source stack to easily request, graph, audit and secure any kind of data access of multiple data sources. This post is the first part of a series of articles dedicated to MLOps topics. So, let’s start with the theory!
Trino is an open-source distributed SQL query engine that can be used to run ad hoc and batch queries against multiple types of data sources. Trino is not a database, it is an engine that aims to run fast analytical queries on big data file systems (like Hadoop, AWS S3, Google Cloud Storage, etc), but also on various sources of distributed data (like MySQL, MongoDB, Cassandra, Kafka, Druid, etc). One of the great advantages of Trino is its ability to query different datasets and then join information to facilitate access to data.
Our profession evolves every year, whether through the introduction of a new tool, a new cloud service, or a new working method. This constant evolution requires the establishment of a learning culture to continuously share experiences and ideas, thus encouraging everyone to gain new knowledge each year.
Obviously, this demands a portion of our working time and an online library of training resources maintained by entities with authority in the domain. These entities are responsible for updating the content to allow us to continuously improve our skills, sometimes to advance in our career in order to aim for an internal or external evolution. Therefore, relying on trusted education partners is important to ensure the highest-quality learning content.
The daily work of DevOps can be like a puzzle in the sense that the idea is to assemble several pieces in a logical order to create a structure understood by everyone. The different assembly steps are usually the same for any puzzle and therefore require learning to gain efficiency.
Efficient time management is probably what every DevOps engineer seeks to advance in his career. This is the skill that the top-performing engineers have improved over time and iteration. Time is what everyone needs to learn and test something new to become an expert in the area.
The purpose of this post is to centralize a set of free resources in order to present a way to understand and develop Site Reliability Engineering (SRE) and DevOps skills. The content of this post is based on a return of several years of experience in the industry and a willingness to share content that may still be unknown to some people who would like to evolve in their career or open themselves to new opportunities.
The purpose is not to explain what an SRE is or what the DevOps methodology is, but to describe probably the major aspect of these roles: Continuous Learning.
No, YAKD is not a new Kubernetes Dashboard project, but that could be a good name for a new Kubernetes Dashboard application.
The purpose of this post is to list some existing dashboard projects. The number of dashboards seems to be increasing each day, although some projects listed below already meet all the requirements of a dashboard application.
Today, Prometheus is used widely in production by organizations. In 2016, it was the second project to join CNCF and, in 2018, the second project to be graduated after Kubernetes. As the project has seen a growing commercial ecosystem of implementers and adopters, a need has emerged to address specific aspects already implemented in older monitoring tools like Nagios. Blackbox service testing is one of them.
As everyone knows, Prometheus is an open-source, metrics-based monitoring system. Prometheus does one thing, and it does it well. It has a powerful data model and a query language to analyze how applications and infrastructure perform.
Today, Kubernetes is the most adopted open-source platform to orchestrate containers and IT teams are working to use Kubernetes as a new platform for further adoption to development responsibilities. Beyond evidence of improved deployment, resources management, and cost savings, Kubernetes is used today in so many ways that it is sometimes hard to follow the new trends.
The increase in the adoption of Kubernetes comes partly from the community and all the resources that it provides every day to easily understand the concept and the management. Training, courses, certifications, no matter your title or your background, there will be a resource online to help you implement a new concept, having a big overview of what is possible and, inherently, growing your skills.
Velocity in agile development measures the quantity of work a team can accomplish in a sprint. It can be measured in story points, hours or days. The higher the velocity of a team, the more features it delivers, the more value it brings to customers. Sprint velocity is a good measure in sprint project management to evaluate and estimate team productivity.
The measure of the velocity is based on multiple factors: the continuous integration (CI) process, the time to qualify the code changes, to test the regression, the security, the delivery, etc…
Businesses of all sizes are shifting some or all of their data and applications to cloud computing environments to take advantage of all the benefits available to them: availability, flexibility, scalability, accessibility, etc… The migration and the tools used to do it have to be assessed correctly to be successful.
The purpose of this article is to list tools that everyone should be aware of when it is time to manage a cloud infrastructure. In the cloud, it is obviously better to rely on cloud services offered by the provider but sometimes it is better to use open-source projects to facilitate the management.
The last decade of programming has seen a number of revolutionary transformations. One has arisen from a monolithic application to a cloud-based microservices running in containers. Another one has come from a set of practices around the DevOps methodology to align development and operation teams into a shared work process. And it’s not finished, introduced in 2017 by Weaveworks, the GitOps methodology is becoming the new standard to move faster in production in a reliable/secure way while continuing to bring teams to work closer.
GitOps is another methodology of work that aims to optimize the time/effort between the developers and the operation team members. The main component of the GitOps methodology is obviously Git, a versioning source control tool acting as a single source of truth for declarative infrastructure and application configurations.