Kubernetes: Naming Things

Kubernetes: Naming Things

An old saying goes something like this: there are only two hard problems in computer science, namely cache invalidation, naming things, and off-by-one errors. We will focus on the naming things topic in the context of Kubernetes, here. As YAML, erm, Kubernetes engineers we are painfully familiar with structures like the following: type: human id: […]

Read More...

Increasing Security of Istio Deployments by Removing the Need for Privileged Containers

Increasing Security of Istio Deployments by Removing the Need for Privileged Containers

With the 1.0 release, Istio is preparing itself for prime time by companies developing container-native applications with a desire for adopting a service mesh solution. However, there is a potential issue that may slow down the adoption rate: Pods that belong to the Istio mesh require elevated privileges in order to function properly. In this […]

Read More...

[Podcast] PodCTL #49 – Security & Service Meshes

[Podcast] PodCTL #49 - Security & Service Meshes

As we use PodCTL to help educate the market on Containers, Kubernetes and associated technologies, we’ve found that Service Meshes (and Istio) are one of the most popular topics. While it’s still a newer technology, just recently achieving v1.0 GA, we find that many people want to learn more. So this week we went deeper […]

Read More...

Using JFrog’s Artifactory and Red Hat OpenShift Together

Using JFrog's Artifactory and Red Hat OpenShift Together

This blog post was contributed by Craig Peters, Director of Product at JFrog. Red Hat OpenShift is an enterprise-grade platform designed to automate the build, deployment, scaling, and management of container applications on Kubernetes. It allows development teams to focus on software innovation, while enabling them to build and deliver them faster. Back in January […]

Read More...

[Podcast] PodCTL #48 – Patching VMs, OS, Containers

[Podcast] PodCTL #48 - Patching VMs, OS, Containers

Recently, we heard a company say that they wanted to move all of their applications from Virtual Machines to Containers because they no longer wanted to do patching of Operating Systems. This got us thinking. Would that move completely eliminate the need to patch Operating Systems, since Containers are Linux and there are still Operating […]

Read More...

[Podcast] PodCTL #47 – VM Admin vs Container Admin

[Podcast] PodCTL #47 - VM Admin vs Container Admin

This week, we were watching as fall trade show season got started and we noticed that one of the Container 101 sessions had a packed room. This led to a discussion about how many people were still at the 101 stages of container knowledge. TL;DR – it’s still a lot! So we thought it would […]

Read More...

[PodCTL] PodCTL #46 – KubeVirt and Container Native Virtualization

[PodCTL] PodCTL #46 - KubeVirt and Container Native Virtualization

Does it feel like sometimes the new Kubernetes updates are only targeted at new, cloud-native applications? What about all those existing applications that aren’t microservices or are running in virtual machines today? Today’s show looks at the intersection of container, virtual machines and Kubernetes. We talk about the KubeVirt project and the work that Red […]

Read More...

Keeping both of your OpenShift Container Platforms Highly Available with Keepalived and HAproxy

Until Kubernetes Federation hits the prime time, a number of solutions have sprung up as stop gaps to address geographically dispersing multiple cluster endpoints: stretch clusters and multiple clusters across multiple datacenters. The following article discusses how to configure Keepalived for maximum uptime of HAproxy with multiple cluster endpoints. In the following documentation an HAproxy […]

Read More...

[Podcast] PodCTL #45 – Container Registries

[Podcast] PodCTL #45 - Container Registries

This week is the One Year Anniversary of the PodCTL podcast! We’ve now got a few teeth coming in and we’re ready for the terrible twos. This week we dug into the role of Container Registries and how they interact with both Kubernetes, but also CI/CD pipelines and security systems (e.g. scanning, image signing, etc.). […]

Read More...

Promoting container images between registries with skopeo

OpenShift admins choose different architectures for their installations, but many use two discrete clusters to physically divide development and testing workloads from production deployments. We recommend having some Continuous Integration (CI) process in nearly every development scenario, to orchestrate the lifecycle of applications from the initial commit all the way into production. Continuous Integration can […]

Read More...