AJ McCaw, September 6, 2023
In the realm of Kubernetes and cloud-native deployments, the terms Day 0, Day 1, and Day 2 have become ubiquitous. They represent distinct phases in the lifecycle of software deployment and management, each with its own set of challenges and requirements.
<TLDR> Public cloud providers have made it easy to get Kubernetes up and running through AKS, EKS and GKE. However, the costs of engineering practices to get your Kubernetes clusters running in a secure, repeatable and reliable way are prohibitive and often missed out until it becomes even more expensive to retrofit. Appvia Wayfinder was...
This is a continuation of the PodSecurityPolicy is Dead, Long live…? article, which looks at how to construct the most effective policy for your Kubernetes infrastructure. Haven’t read that? Check it out first. Based on that foundation, this article looks at how versioning policies streamline the developer experience to deliver features and minimise downtime whilst...
Introduction Following on from PodSecurityPolicy is Dead, Long Live…? this tutorial covers the practical use of a new tool from the Kubernetes Node Specialist Interest Group. The Linux kernel (the same marvel that brings us containers) provides a few capabilities for bridging the last mile in security management limiting the actual capabilities of the processes that are running....
TL;DR PodSecurityPolicy exists in Kubernetes to provide security controls for pods. PSPs are deprecated in 1.21 (April 2021) and will be removed entirely in 1.25 (expected around April 2022). This article explains what PSPs are and its alternatives. We created a PSP migration tool that translates existing PSPs to 3 different policy engines. This blog...
From engineering to operations, Meet the Appvians is a series that shines a spotlight on the people behind our products: What they do, what they enjoy outside of work, and how they’ve experienced life at Appvia. For this edition, we caught up with Arron Duggins, Talent Acquisition Manager, on searching for (and cultivating) exceptional talent, what...
This article is a part of the Cloud Quick Wins series, which is a collection of small improvements that you can make today to save time, reduce your cloud costs and scale faster. The cloud has many benefits, one of them being the ability to pay only for what you use. So why is your...
In order to understand how the technology industry landed at containers and Kubernetes, we need to first look back to the beginning, where it all started. The year is 2016. Amazon AWS is a $12.2 billion business (compared with $45.3 in 2020) and still growing every day. It was the year that, for most companies,...
Overview The client is a closely governed, extremely risk averse organisation whose reputation and security had to be protected at all costs. They have high-level auditing controls and run primarily on a traditional data centre model. This large financial institution had a twofold challenge: 1)They needed to vacate their on-premise data center that came alongside...
