Jumpstarting your understanding of Kubernetes Networking Policies.
We are about to get hands-on with Kubernetes and network policies by walking through some common use cases. By the end of this post, you should have a basic understanding of how to implement networking policies in Kubernetes, and how to allow / block traffic within your cluster.
Shifting Security Left by scanning your container images
It’s been quite some time since I wrote a how-to article. A lot has changed since then with me personally but let’s get right into it.
Anchore Engine is an open-source tool that scans your container images to see if there are any open vulnerabilities.
For example, if your base image is
node:alpine how do you know if that image is safe to use? Anchore will scan your built image and let you know if there are vulnerabilities that you can leverage during the build process.
Here’s the breakdown of what we’ll…
On Windows 10 with minikube & different namespaces
We are going to set up our hello-world example so that every time you push a change to a particular branch in your git repository, those changes will sync to Kubernetes, or in our case minikube, and ensure your application is in the state that you want it to be in. …
One more step in our automation quest…
In my last post, I covered GitOps, how we got here, and why it’s important. In this post, we are going to get back to the technical stuff and cover the deployable artifact, a Helm Chart.
As a quick recap, by going #GitOps, I’ve decided my entire stack will now be configured in Git. From the host configuration to the latest version of my microservices, it’s all in there.
In this post, I will be converting the Airwave Tech
hello-word service into a helm chart. …
A brief history lesson of how we got here.
GitOps is a practice that uses Git (source control) as the source of truth for your codified infrastructure. Coupled with a way to sync your stack’s current state against this source code, your system will continuously converge to what has been set as its desired state. Much like common software delivery practices, the ability to deploy changes starts with the pull request.
A couple of years ago, Weaveworks developed GitOps, but the concept of managing your infrastructure with code has been around for decades. …
Updated — Testing out Knative Serving v0.16.0
Knative (pronounced kay-nay-tiv) is a serverless solution you can run on Kubernetes, except in our case it’s minikube. We are going to do some basic set up and testing so you can get your feet wet and figure out what the Knative hype is about.
Before we dive in, a very quick and rudimentary breakdown of the Knative components:
Serving — We will be using Istio and Kubernetes to deploy and serve serverless applications and functions.
Eventing — A system to loosely couple services. Design principles include leveraging consumers, producers, and brokers. …
Some changes you must know about before getting started.
After a 60 day break from working on all things #DevOps, I wanted to jump back in by refreshing my local environment. While spinning things up, I noticed Helm v3 was released back in November 2019.
After an internet search, I found this:
Some of my takeaways are…
With role-based access controls (RBAC) enabled by default in Kubernetes 1.6, locking…
Upgrading from v1.5.2 to v1.6.2
I feel like it’s been ages since I’ve played with Minikube. The last thing I remember is I was trying to write a post about serverless on minikube but my machine ran out of resources. I was back to pick up from where I left off but noticed there was a minikube update available so I thought I’d write a quick post to kick off the New Year!
The following commands will stop your minikube, upgrade your minikube binaries on windows, and then restarts minikube again.
choco upgrade minikube
Another tool to help you release software
Skaffold is a command line tool that facilitates continuous development for Kubernetes applications. You can iterate on your application source code locally then deploy to local or remote Kubernetes clusters. Skaffold handles the workflow for building, pushing and deploying your application. It also provides building blocks and describe customizations for a CI/CD pipeline.
Having deployed software for many years, I figured I’d give it a spin and see what it has to offer and how it is different from other tools/solutions.
I have been deploying software for a long time. I remember…
Helping you build the hardest parts of your Stack