Docker is a platform for developers and sysadmins to develop, deploy, and run applications using containers. Docker is also referred to as an application packaging tool. This means that enabled applications can be configured and packaged into a Docker image that can be used to spawn Docker containers that run instances of the application. It provides many benefits including runtime environment isolation, consistency via code, and portability.

Robin.io continues to grab the attention of telecom industry peers and thought leaders with its approach to automation and orchestration of complex 5G networks.

During the next two weeks, our team will work to improve the overall experience of Qovery. We gathered all your feedback (thank you to our wonderful community 🙏), and we decided to make significant changes to make Qovery a better place to deploy and manage your apps. This series will reveal all the changes and features you will get in the next major release of Qovery. Let's go!

Monitoring is not easy. Period. In our guide to Kubernetes monitoring we explained how you need a different approach to monitoring Kubernetes than with traditional VMs. In this blog post, we’ll go into more detail about the key Kubernetes metrics you have access to and how to make sense of them. Kubernetes is the most popular container orchestrator currently available. It’s available as a service across all major cloud providers. Kubernetes is now a household name.

Kubernetes makes it easier in certain ways to manage reliability. But incident response teams and SREs must also be prepared to handle the unique reliability challenges that K8s creates.

We are thrilled to announce the availability of Calico Enterprise 3.5, which delivers deep observability across the entire Kubernetes stack, from application to networking layers (L3–L7). This release also includes data plane support for Windows and eBPF, in addition to the standard Linux data plane. These new capabilities are designed to automate, simplify and accelerate Kubernetes adoption and deployment. Here are highlights from the release…

The CVE-2021-25735 medium-level vulnerability has been found in Kubernetes kube-apiserver that could bypass a Validating Admission Webhook and allow unauthorised node updates. The kube-apiserver affected are: You are only affected by this vulnerability if both of the following conditions are valid: By exploiting the vulnerability, adversaries could bypass the Validating Admission Webhook checks and allow update actions on Kubernetes nodes.

Today, I am excited to share that we secured $188M in a new funding round, at a valuation of $1.19B (read more here). At the outset, I want to thank our employees, partners, investors and most importantly, our customers for this important milestone. The funding follows a year of unmatched innovation that led to accelerated revenue growth, installed base growth, and rapid community adoption of our open source projects.

Codefresh is excited to partner with Atlassian on their new Open DevOps launch. Codefresh is offering native support for connecting the two platforms and giving better visibility on deployments and features of each deployment for our mutual customers. At the heart of this integration is the Codefresh App; which can be found on the Atlassian Marketplace. Simply define Codefresh as the CI/CD partner that will connect to Atlassian’s DevOps API.

As applications move from monolithic architectures to microservices-based architectures, DevOps and Site Reliability Engineering (SRE) teams face new operational challenges. Microservices are updated constantly with new features and resource managers/schedulers (like Kubernetes and GKE) can add/remove containers in response to changing workloads. The old way of creating alerts based on learned behaviors of your monolithic applications will not work with microservices applications.

One of the greatest strengths of containers is the ability to spin more of them up quickly. As the volume of traffic to your application increases, you can create more application containers on the fly to handle it, in almost no time at all. Kubernetes ships with autoscaling baked in, giving you the power to scale out when the system detects an increase in traffic—automatically!

Docker is a power tool for deploying applications or services, and there are numerous Docker orchestration tools available that can help to simplify the management of the deployed containers. But what if you are wanting to deploy a small number of services and not wanting to undertake setting up and managing another application stack just to run a handful of containers. I will cover how I deployed a handful of services on a single Docker host.

When building distributed, scalable cloud-native apps containing dozens or even hundreds of microservices, you need reliable monitoring and alerting. If you’re monitoring cloud-native apps in 2021, there’s a good chance you’ve chosen Prometheus. Prometheus is an excellent choice for monitoring containerized microservices and the infrastructure that runs them — often Kubernetes.

You probably can’t believe I’m asking that question. It’s like showing up to a party and immediately asking about the afterparty. Is it really time to look for the exit? No…but yes. We used to deploy apps on systems in data centers. Then we moved the systems to the cloud. Then we moved the apps to containers. Then we wrapped it all in Kubernetes for orchestration, and here we are. Each advance in technology unlocks doors we couldn’t reach before.

Large portions of software development budgets are dedicated for testing code. A new component may take weeks to thoroughly test, and even then mistakes happen. If you consider software defects as security issues then the concern goes well beyond an application temporarily crashing. Although even minor bugs can cost companies a lot of time to locate the bug, resolve it, retest it in lower environments, then deploy it back to production.

During the next four weeks, our team will work to improve the overall experience of Qovery. We gathered all your feedback (thank you to our wonderful community 🙏), and we decided to make significant changes to make Qovery a better place to deploy and manage your apps. This series will reveal all the changes and features you will get in the next major release of Qovery. Let's go!

Security testing tools help us to monitor our cloud-native resources for potential vulnerabilities throughout our development lifecycle. By flagging security vulnerabilities early, our teams can react on time to reduce potential damage to our end-users and our business. This post will compare three different Security scanning tools that focus on cloud-native infrastructure and application security, namely.

Elite software development teams automate and integrate monitoring observability tools more frequently than lower performing teams, per the Accelerate: State of DevOps report. Organizations that need the highest levels of reliability, security, and scalability for their applications choose Google Kubernetes Engine (GKE). Recently we introduced GKE Autopilot to further simplify Kubernetes operations by automating the management of the cluster infrastructure, control plane, and nodes.

Codefresh is an awesome platform for doing GitOps deployments to Kubernetes. Starting last year, the Codefresh team has been adding rich integrations with Argo CD and Argo Rollouts, GitOps observability dashboards, and more. Codefresh pipelines, in particular, have played an integral role in our customers’ progressive delivery workflows by allowing them to orchestrate all of the testing, analysis, and rollback activities that work in conjunction with Argo CD synchronization.

With everything going on in the world, it seems like a lifetime ago that we started talking about the Splunk Operator for Kubernetes, which enables customers to easily deploy, scale, and manage Splunk Enterprise on their choice of cloud environment. During that time, we’ve heard from an increasing number of on-premise and public cloud Bring-Your-Own-License Splunk customers that containerization and Kubernetes are an important part of their current and future deployment plans.

Codefresh is a DevOps automation platform with Kubernetes and Docker native tools and features. You can create powerful pipelines and utilize the provided dashboards by connecting different Kubernetes clusters and registries to receive further insights into your deployments. Additionally, by enabling GitOps for your repositories you can reach the highest level of confidence in your Kubernetes deployments.

Welcome to another monthly update on what’s new from Sysdig. Ramadan Kareem to all observing the holy month of Ramadan. Our team continues to work hard to bring great new features to all of our customers, automatically and for free! This last month was a big month for security with our release of Cloud Security Posture Management (CSPM), and we had lots of fun designing and releasing our new Cloud Chaos game!

In this video with with Kohsuke Kawaguchi (KK) from Launchable and Viktor Farcic we talk about testing K8s applications. Do we really need to write all the tests every time we make a change to the source code or make a release? That could take minutes or even hours. Wouldn’t it be better to run only the tests related to the changes we are making or the phase of the lifecycle of an application? Is the future of testing in AI and ML?

Whether running on the public cloud or a private cloud, the use of containers is ingrained in today’s devops oriented workflows. Having workloads set up to run under the mandated compliance requirements is thus necessary to fully exploit the potential of containers. This article focuses on how to build and run containers that comply with the US and Canada government FIPS140-2 data protection standard.

During the next five weeks, our team will work to improve the overall experience of Qovery. We gathered all your feedback (thank you to our wonderful community 🙏), and we decided to make significant changes to make Qovery a better place to deploy and manage your apps. This series will reveal all the changes and features you will get in the next major release of Qovery. Let's go!

The CVE-2021-20291 medium-level vulnerability has been found in containers/storage Go library, leading to Denial of Service (DoS) when vulnerable container engines pull an injected image from a registry. The container engines affected are: Any containerized infrastructure that relies on these vulnerable container engines are affected as well, including Kubernetes and OpenShift.

On our cloud-native journey, we live in a containerized world. Our environments are containers, managed by orchestrators, and living on some level of computing clusters. Of course, that means you are also responsible for managing all those bits, right?

Telepresence 2 was recently released and (like Telepresence 1) it is a worthy addition to your Kubernetes tool chest. Telepresence is one of those tools you cannot live without after discovering how your daily workflow is improved. So what is Telepresence? It is too hard to describe all the functionalities of the tool in a single sentence, but for now I would describe it as the “Kubernetes swiss army networking tool”.

Argo Rollouts is a progressive delivery controller created for Kubernetes. It allows you to deploy your application with minimal/zero downtime by adopting a gradual way of deploying instead of taking an “all at once” approach. Argo Rollouts supercharges your Kubernetes cluster and in addition to the rolling updates you can now do In the previous article, we have seen blue/green deployments.

If you’re a developer, a DevOps engineer or just a person fascinated by the unprecedented growth of Kubernetes, you’ve probably scratched your head about how to get started. MicroK8s is the simplest way to do so. Canonical’s lightweight Kubernetes distribution started back in 2018 as a quick and simple way for people to consume K8s services and essential tools.

Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes even more complicated if those malicious processes are hidden. A malware using open source tools to evade detection has been reported. The open source project used by the malware is libprocesshider, a tool created by Sysdig’s former chief architect Gianluca.

In an age of virtualization and cloud computing, developers increasingly use Kubernetes’ open-source platform to manage containerized workloads and services. Kubernetes container became popular because it was impossible to define a resource boundary for multiple applications in a traditional CPU environment. Misuse of resources created an inefficient environment.

Kubernetes is now the industry standard for organizations that are born in the cloud. Slowly, many enterprises and mid-level companies are adopting it as the default platform for managing their applications. But we all know, Kubernetes adoption has its own challenges, as well as its associated costs. How do we decide when and what to migrate to Kubernetes? Does migrating to Kubernetes mean overhauling all devops processes?

Follow this post to deploy your static website using aws s3 free of cost just in 15 min.

If your organization is adopting multiple Kubernetes clusters, chances are that multiple users or groups have access to these clusters on the same shared infrastructure. Kubernetes multi-tenancy aims to drive efficient use of infrastructure, while providing operators with robust isolation mechanisms between users, workloads, or teams. Running more applications on the same shared infrastructure means better utilization of resources and a reduction in overall operating costs.

IBM’s AIX operating system has powered zillion mission-critical applications for over three decades, providing enterprise applications the edge to do more. And, let’s not forget that a huge chunk of BFSI applications is still nesting on AIX within their own data centers due to its security, performance, and reliability.

As with all start-ups, especially for a cloud provider, access to funds is imperative to build and scale quickly – after all building out new data centre regions doesn't come cheap! So in recent months we quietly opened a seed round to acquire $2.8m worth of funding – giving Civo a pre-money valuation of $16,800,000. Since launching into beta nearly 2 years ago, we’ve had tons of VC companies knocking on our door, but at this stage we decided not to take VC money.

During the next six weeks, our team will work to improve the overall experience of Qovery. We gathered all your feedback (thank you to our wonderful community 🙏), and we decided to make significant changes to make Qovery a better place to deploy and manage your apps. This series will reveal all the changes and features you will get in the next major release of Qovery. Let's go!

Today, Canonical announces full enterprise support for Kubernetes 1.21, from cloud to edge. Canonical Kubernetes support covers MicroK8s, Charmed Kubernetes and kubeadm. Starting with 1.21, moving forward Canonical commits to supporting N-2 releases as well as providing extended security maintenance (ESM) and patching for N-4 releases in the stable release channel.

We are seeing organizations struggle to deploy and manage their Kubernetes clusters due to the increasing level of oversight required and the current lack of attention during the planning phase. Day 2 operations can be a “sink or swim” time for these organizations. Without effective Day 2 operations, organizations will face challenges scaling their IT environment and will not be ready to handle new threats to security and availability.

AWS is one of the primary providers for services that help users deploy and manage their containerized applications on the cloud. Since launching ECS in 2014 and EKS in 2017, AWS has learned a lot about running containers at scale and in production. AWS developed Bottlerocket OS, a new operating system for hosting containers. This OS was specifically designed to address gaps left by the ECS and EKS-optimized AMIs, which are based on operating systems that run traditional software applications.

Since the release of CVE-2020-8554 on GitHub this past December, the vulnerability has received widespread attention from industry media and the cloud security community. This man-in-the-middle (MITM) vulnerability affects Kubernetes pods and underlying hosts, and all Kubernetes versions—including future releases—are vulnerable. Despite this, there is currently no patch for the issue.

In my first post in the Kubernetes Logging Simplified blog series, I touched on some of the ‘need to know’ concepts and architectures to effectively manage your application logs in Kubernetes – providing steps on how to implement a Cluster-level logging solution to debug and analyze your application workloads. In my second post, I’m going to touch on another signal to keep an eye on: Kubernetes events.

While architectures and platforms like Kubernetes get a lot of attention in discussions about application modernization, we ignore the data layer at our own risk. How applications and users access data is a concern that gets more important by the day. It’s a trend we’ve seen playing out for a while, as technological concerns around latency and scalability have ceded ground to business-level concerns around compliance, security, and data privacy.

System and application logs provide crucial data for operators and developers to troubleshoot and keep applications healthy. Google Cloud automatically captures log data for its services and makes it available in Cloud Logging and Cloud Monitoring. As you add more services to your fleet, tasks such as determining a budget for storing logs data and performing granular cross-project analysis can become challenging.

2020 was a difficult year for all of us, and it was no different for engineering teams. Many software releases were postponed, and the industry slowed its development speed quite a bit. But at least at AWS, some teams released updates out of the door at the end of the year. AWS Lambda received two significant improvements: With these two new features and Lambda Layers, we now have three ways to add code to Lambda that isn’t directly part of our Lambda function.