Subscribe to our 0800-DEVOPS Newsletter

Get in touch

Contact us for all inquiries regarding services and general information






Get in touch

Contact us for all inquiries regarding services and general information






Use the form below to apply for course





Get in touch

Contact us for all inquiries regarding services and general information






Blog

0800-DEVOPS #13 - Kubernetes security, self-service vs control, and tips for online facilitation

Check out our newsletter archive. If you like 0800-DEVOPS, please share the good vibe and forward this article to your friends. Thanks, you rock!
Or you can just sign-up here.


 

In focus: Kubernetes security

Kubernetes is quickly becoming a new standard runtime platform. Existing integration platforms, DMS, portals, <you-name-it> monolithic platforms are rapidly transforming into decentralized, modularized systems running in containers. Each public cloud has it’s own Kubernetes flavor. But we’re also seeing a huge number of organizations spinning up their own private cloud.

What is Kubernetes anyway?

"A highly reliable distributed system for running other people's code as root next to your mission critical data and secrets"

Ian Coldwater, Lead Infrastructure Security Engineer @Salesforce/Heroku

Hahaha… but very well said.

If you opt for the private cloud you need to take care of it. And this is where many organizations take things lightly. As much as it is easy to get started with Kubernetes, please be aware that out-of-the-box Kubernetes is pretty much unsecured and if you want to use it for basically anything other than PoC, you need to harden it.

Not convinced? Take a look at this talk by Ian Coldwater and Brad Geesaman. It sent shivers down my spine seeing what a malicious attacker can do to your Kubernetes instance.

Moral of the story: take good care of how your vanilla Kubernetes is secured! Or choose Kubernetes distribution that is inherently more secured (“more secured” doesn’t mean “bullet-proof”!), like Red Hat OpenShift. Any way you choose is fine, just don’t take your security lightly.

Going online

As we’re fighting the pandemic, we’re all increasingly moving our work online. This represents a challenge to some of the traditionally collocated and onsite activities such as workshops, meetups, meetings, classes, and other highly collaborative events.

To make these activities easier, we’re sharing a collection of Resources for Online Meetings, Classes, and Events to help you seamlessly move these activities online. The collection was made by a group of facilitators, organizers and technology stewards, and we thank them for this!

 

Worth of your time

+ With a lot of people rushing to microservice architecture, here is an always relevant discussion by Sam Newman on when—and when not—to apply microservices in your organization. Sam gives a nice summary “…a microservice architecture is one that can give you a lot of flexibility as you continue to evolve your system. That flexibility has a cost of course, but if you want to keep your options open regarding changes you might want to make in the future, it could be a price worth paying.”

+ Striking the right balance between self-service and control over container platform in your organization is never an easy task. Take a look at how we did it.

 

Read with us

Effective DevOps

Effective DevOps

Jennifer Davis and Ryn Daniels have written another good book on DevOps.

Starting with basic organizational, cultural and technical concepts, they are looking at DevOps from collaboration, affinity, tools and scaling point of view. Focus of the book is more on the cultural aspects. Especially interesting are chapters listing common misconceptions as this is something we can all relate to.

 

Quote of the Day

“The fastest way to change yourself is to hang out with the people who are already the way that you want to be.”

Ben Casnocha and Reid Hoffman in “The Start-up of You”

 


Check out our newsletter archive. If you like 0800-DEVOPS, please share the good vibe and forward this article to your friends. Thanks, you rock!
Or you can just sign-up here.

Ivan is Director of Engineering at CROZ, curator of 0800-DEVOPS newsletter and O'Reilly author contributing to "97 Things Every Cloud Engineer Should Know". His special areas of interest cover DevOps culture, sociotechnical nature of software delivery and cloud native architectures. Particularly interested in leadership and organizational change, he is helping organizations align business and tech, focus their efforts, and essentially work smarter, not harder. You can follow him on Twitter as @ikrnic.

0800DEVOPS
SUBSCRIBE TO 0800-DEVOPS NEWSLETTER

Interviews, articles, book recommendations and all things DevOps! Once a month, straight to your inbox!

CONTACT

Get in touch

Want to hear more about our services and projects? Feel free to contact us.

Contact us