Secure Kubernetes Microservices Communication with Istio and OPA
by Zach Yonash
| Wednesday, May 18, 2022
| Security Microservices SPIFFE OPA Istio
The cybersecurity landscape has been rapidly evolving in recent years. Many companies have moved well past cloud adoption and are now fully utilizing a hybrid of cloud-native and on-premises technologies, prompting the need for a variety of new security measures to ensure critical workloads aren't compromised. One of the core tenets of zero trust is workload identity. Under the zero trust mindset, verifiable identification between each of your microservices needs to be mutual (see: Mutual TLS).
The Grype Admission Controller
by Josh Knarr
| Wednesday, Mar 16, 2022
| Admission Controllers Kubernetes Security
Intro Today I want to write about the grype admission controller. I wrote it. I am proud of it. I think it solves a really uncomfortable problem in DevSecOps.
Security has a big problem: On one hand, security teams are responsible for making everything secure. That's their job. But on the other hand, they need to somehow do that job while not being directly involved in the production of the code.
by Christopher Andrews
| Tuesday, Mar 15, 2022
| GitLab DevOps CI/CD
In DevOps, there are a multitude of CICD deployment strategies and methodologies. Each come with their Pros and each come with some Cons - some more than others. In this edition of our Deployment Methodologies Blog Post series, we are going to cover “Canary” Deployments, otherwise known as “Incremental Rollouts”.
What are Canary deployments, or Incremental Rollouts? Canary deployments are named and modeled off of the phrase “Canaries in the Cole mine”, in which a canary was taken into a coal mine to see if it would succumb to poisonous gas, giving the humans time to escape to safety (kind of mean, right?
Deployment Methodologies with GitLab -- Blue/Green
by Zach Hackett
| Wednesday, Feb 9, 2022
| DevOps CICD GitLab
The world of CICD is home to a plethora of deployment methodologies, or ways we deploy our code into various environments. From canary deployments to manual rollouts, there is a strategy for everyone. With this series of articles, we aim to give you insight into the different options out there, so you and your team can choose the best deployment strategy for you.
This time around, we're diving into the Blue/Green deployment methodology.