nginx is an open source web server often used as a reverse proxy, load balancer, and web cache. Designed for high loads of concurrent connections, it’s fast, versatile, reliable, and most importantly, very light on resources. In this article, you’ll learn how to monitor nginx in Kubernetes with Prometheus, and also how to troubleshoot different issues related to latency, saturation, etc.

Cloud-native applications running on Kubernetes rely on container network plugins to establish workload communication. While Azure Kubernetes Service (AKS) provides several supported networking options (kubenet and Azure CNI) that address the needs of most deployments, Microsoft recently introduced the ability to bring your own networking solution, called BYOCNI, to help users address more advanced networking requirements. This new feature enables AKS customers to run Calico networking on AKS.

We've made it our mission to reduce technical debt in the future of cloud computing, and our partners are helping us make that mission a reality. Today, we’re excited to announce that one of the world's leading Venture Studios, GSD Venture Studios, has chosen Cycle.io as the underlying platform for their new on-demand DevOps service, GSD.dev.

This month’s highpoints include some fine touches we’ve brought into Sysdig Monitor with the ability to view live logs on a container, translate form-queries into PromQL, multi-query support for stacked area charts. Drift Control makes its way into the Sysdig Secure side.

Helm is a deployment tool for Kubernetes objects that supports package management, dependencies, and templating. In this article, we will explore how to optimize your Helm charts. To follow along, you’ll need a basic understanding of Helm and will have ideally written and deployed some basic Helm charts.

Summer is finally here in the Northern Hemisphere and as we work on getting our collective outdoors time in, we also have been busy at work making some great enhancements to Shipa. We kicked off June with a great webinar with PeladoNerd focusing on LATAM. We continued to focus on building and enhancing Shipa.

We are proud to announce that we have won the 2022 Microsoft OSS on Azure Partner of the Year award! The Microsoft Partner of the Year Awards recognize Microsoft partners that have developed and delivered outstanding Microsoft-based applications, services, and devices during the past year. Awards were classified in various categories, with honorees chosen from a set of more than 3,900 submitted nominations from more than 100 countries worldwide.

Earlier this year we released our report on the cost of cloud. Through this white paper we discovered the complexities of cloud costs for businesses and alternatives beyond the hyperscalers. This white paper saw 1,000 cloud developers surveyed about the management of their cloud services, and the degree of costs associated with it. From this analysis, we were able to come up with 5 key takeaways outlining the degree to which hyperscalers are overpromising and under-delivering.

We are excited to be participating in this year’s National Homeland Security Conference as a sponsor. This conference is taking place at a time when Kubernetes adoption is exploding among government, military, and intelligence agencies of all stripes.

VMware Tanzu Observability offers easy integration with Amazon Web Services (AWS) CloudTrail, enabling operators to view events that are related to governance, compliance, and operational and risk auditing for your AWS account. This post walks you through the process of integrating CloudTrail Service with Tanzu Observability Wavefront to take advantage of these consolidated features.

Last month, we discussed how investing in developer happiness is not just a trend, and that, in fact, your business depends on it. In parallel, VMware commissioned a study by Forrester Research to examine the business impact of developer experience (DevX). This study helps identify the ways in which DevX affects business outcomes, determine obstacles to developer productivity, and outline how DevX can be improved.

Kubewarden is a policy engine for Kubernetes that is part of the CNCF Sandbox. Its mission is to simplify the adoption of policy-as-code. Never heard of Kubewarden? Do you want to know what makes Kubewarden stand out among similar solutions? This is a high-level overview of Kubewarden’s unique points: Today, a year and a half since its conception, we’re thrilled to announce the release of Kubewarden v1.0.0!

Epinio is a Platform as a Service (PaaS) that allows developers to go from the application source to a URL in one step. Try Epinio today or try it tomorrow — but make sure you try it. We just released our first stable version (Epinio v1.0.0) and we think you are going to love it. Let me tell you why.

It’s the type of nightmare that leaves developers in a cold sweat. Imagine waking up to a message from your team that simply says, “We lost a cluster,” but it’s not a dream at all. InfluxDB Cloud runs on Kubernetes, a cloud application orchestration platform. We use an automated Continuous Delivery (CD) system to deploy code and configuration changes to production. On a typical workday, the engineering team delivers between 5-15 different changes to production.

Last week, I showed you how to build and deploy a Go Web application (or API backend for a frontend framework like React or Vue) to a cloud provider, using Docker as a process manager. In this post, which is part of two of this series, I will show you a second method of deploying a Go Web app or backend to any cloud, using Docker Swarm.

Imagine having the ability to instantly know when a Kubernetes compliance or security violation occurs. Now you can with Shipa Insights. Coupling Shipa Insights with the robust notification and alerting capabilities of PagerDuty makes this very possible. Shipa has the capability of sending fine-grained events externally e.g to PagerDuty. Now with the power of Shipa Insights, you have the capabilities to alert on policy violations. Let’s take a look at gettings started.

Customers are demanding multi-cloud solutions to solve problems such as resource constraints, application mobility, and flexible architectures. VMware is positioning new products to meet this demand and provide a unified experience across infrastructures. In this latest look at the hybridized data center, VMware meets the customer where they are to demonstrate the efficacy of VMware Tanzu Kubernetes Grid in a public cloud deployment.

Fluentd is an open source data collector widely used for log aggregation in Kubernetes. Monitoring and troubleshooting Fluentd with Prometheus is really important to identify potential issues affecting your logging and monitoring systems. In this article, you’ll learn how to start monitoring Fluentd with Prometheus, following Fluentd docs monitoring recommendations. You’ll also discover the most common Fluentd issues and how to troubleshoot them.

CI/CD systems follow a multi-tiered environments pattern: development, testing, staging, and production release are all part of this process. Each setting in this cycle could have a variety of set ups and configurations. As a result, having to set up separate configurations for different environments could be inconvenient and burdensome. In this tutorial, we will take a look at what Docker is and how it has freed developers from set-up problems and port clashes.

As the container orchestration platform of choice for many enterprises, Kubernetes (or K8s, as it’s often written) is an obvious target for cybercriminals. In its early days, the sheer complexity of managing your own Kubernetes deployment meant it was easy to miss security flaws and introduce loopholes. Now that the platform has evolved and been managed, Kubernetes services are available from all major cloud vendors, and Kubernetes security best practices have been developed and defined.

It’s no secret that AWS has an extensive catalog of services which enable organizations to rapidly scale infrastructure. In this fast paced and self scaling cloud native world, observability across all these services has never been more critical. As a long time AWS Technology Partner, it’s always great to speak to our friends at AWS, and most recently, Lumigo CEO Erez Berkner joined AWS on Air to talk about end-to-end observability of the modern cloud application.

Implementing change in an organization always has its challenges, and for it to be successful it requires support from executive management. For one of our large Managed Service Provider (MSP) clients, their new CIO was focused on making their customer’s cloud consumption more efficient, with the outcome being cost savings.

Organizations are moving from monolithic architecture (where all the code building the application exists as a single, monolithic entity) to microservices architecture as it simplifies app management, making it easier to build, deploy, update, test and scale each service independently without affecting other parts of the architecture.

The modernization of infrastructure and applications is driving the rapid growth of containers, and as companies scale the adoption of Kubernetes, it’s critical to incorporate security and compliance. The challenge? Compliance and security is a journey, not a state in time, and application security in Kubernetes has a large surface area. This challenge increases exponentially as you run more applications, onboard more developers, add more environments, add new pipelines, and more.

As we continue to build our vision around Shipa Insights, we are pleased to announce that we are now including engineering efficiency statistics along with the policy and security violations from our initial release. Getting started with Shipa Insights is very easy, Shipa Insights is there for you automatically. Navigate to the Insights Module and take a look at what Shipa has been keeping track of / discovering on your behalf.

It’s right there on our community page—the statement that “Project Calico is first and foremost a community.” With that in mind, we wanted to make it easier for new contributors to get involved. It’s a win-win scenario—developers experience less frustration, they can get their work done, and have their contributions considered. Plus, the project can easily benefit from the contributions.

Kubernetes shouldn’t be reserved for production. Using local Kubernetes in development means you can build and test your service using the same technologies as your live deployments. Some organizations provide a shared Kubernetes cluster for development activities. Others offer on-demand virtual clusters that serve staging environments for significant changes.

The Cloud Native Computing Foundation published their Annual Report for 2021 which outlines the past year and what can be expected in the upcoming 6 months. Community leaders and 62,000 contributors on GitHub came together to report on initiatives and updates to create CNCF’s second annual report. So, here are the important updates from the Kubernetes Annual Report that we think you need to know.

We’re pleased to announce a new out-of-the-box dashboard for Azure Kubernetes Service (AKS) that allows you to immediately visualize the health and performance of your AKS clusters. This dashboard organizes and highlights the most critical information from the standard AKS metrics, while also incorporating log data to provide observability into the control plane.

Modern applications are designed to leverage cloud native technologies like serverless and containers to run at an unprecedented scale, moving the focus away from machines to the actual service. Lumigo’s observability platform was purpose-built for these evolving cloud environments, and we’ve been delivering the most advanced automated distributed tracing for serverless applications since 2019.

When I joined SUSE I heard about our Kubernetes distributions: Rancher Kubernetes Engine (RKE), RKE2 and K3s. However, the differences between RKE and RKE2 were not clear to me. I decided to spend time with them and blog about the differences.

HAProxy Kubernetes Ingress Controller provides custom resources named Backend, Defaults, and Global that let you manage ingress controller settings more efficiently. To start using them right away, check the documentation for steps and examples. In this blog post, you’ll learn why custom resources are such a powerful feature and see tips for getting the most out of them.

I love what we are building here at Shipa, and I couldn’t be more proud of all the great things the team is constantly delivering, but one thing I like is having personal projects. These help me keep up to date with technology and learn new things. I try to keep the investment in those projects at a minimum and under control. That goes across both the timing and the resources invested. My most recent project is related to the experience when defining cloud-native applications.

Cloud technology, and applications running in the cloud, are becoming more and more common. With this rise in cloud computing, application development has needed to change as well, resulting in what can be called the cloud-native approach to software development. In this article, you will learn all about cloud-native technology and how cloud-native companies approach building their applications.

While organizations have been moving to modernize their IT infrastructures by adopting cloud-native Kubernetes technologies, the pandemic helped accelerate this movement. The surge in cloud services adoption during the lockdowns emphasized the need for organizations to make their business and technology models more agile.

Last May, KubeCon gathered multiple tech enthusiasts, students, professionals, and companies. The event highlighted various topics and insights on how to collaborate on pushing the boundaries of cloud-native computin One of our Engineering Directors, Mykola Marzhan, shared his knowledge about databases on Kubernetes at KubeCon, during a session organised by the DoK.Community. We’ve picked out some of the key highlights from the talk below.

In addition to the usual updates to supporting utilities, Rancher Desktop 1.4 adds a couple of new useful features we think you’ll like.

Project Calico has offered a production-ready data plane based on eBPF since September 2020, and it’s been available for technical evaluation for even longer (since February 2020). The pre-requisites and limitations are simple to review, it’s easy to enable, and it’s easy to validate your configuration. So, there’s never been a better time to start experiencing the benefits! You do know what those are, don’t you? Don’t worry if not!

Today, a lot of organizations face the challenge of running open source software in production environments in a secure and compliant way. Just six months ago, we witnessed how a vulnerability in Log4j, one of the most popular open source libraries, compromised millions of sites and applications, including products from major cloud vendors.

In this article, we will analyze some new features and the impact they might have on the Prometheus community. Here’s our editor’s pick.

Lineage to the saying “canary in a coal mine”, the canary deployment/release methodology is an incremental release focused on safety. If the canary does not pass, the deployment does not continue or is rolled back. Taking a jog down memory lane, like Kubernetes the Hard Way, a few years ago a canary deployment in Kubernetes was quite the undertaking.

The software bill of materials, often referred to as an SBoM or BOM, has gained a tremendous amount of popularity in the past year and a half. It’s mentioned in the US White House’s 14028 Executive Order and is referenced in innumerable secure software supply chain articles. While the SBoM has been around for many years, awareness and adoption seems to be hitting an inflection point.

At Tigera, we strive to innovate at every opportunity thrown at us and deliver what you need! We have listened to what users ask and today we are excited to announce the early preview of Calico Enterprise 3.14. From new capabilities to product supportability and extending partnerships with our trusted partners, let’s take a look at some of the new features in this release.

Security can certainly be a broad brush topic. As a software engineer, you design and build to the best of your ability. In delivery methodologies of years gone by, sometimes security can be viewed as an afterthought e.g running security testing last before deploying. Today with the DevSecOps movement, one more set of concerns moves left towards the developer which is now security.

Managing a Kubernetes cluster is a complex endeavor. As demands on a cluster grow, increasing the number of deployed pods can help ease the load on the system. But what do you do when you run out of nodes to host those pods, or when the load decreases and some nodes are no longer needed? Manually adding or removing nodes is possible, but wouldn’t it be better if there was a way to automate that task? Fortunately, that’s exactly what the Kubernetes Autoscaler charm is for!

Cloud-native technologies allow you to more efficiently deploy your applications at the enterprise level. But the learning curve can be steep, and it may be confusing to figure out the world of cloud-native tech and establish how you’ll make your development workflow as efficient as possible. A working knowledge of DevOps technology is crucial to effectively start your deployment and creating a sustainable and manageable workflow.

Continuous integration has become a widely accepted practice for software projects. As more technologies are introduced in both continuous integration and software development, developers are looking for practical ways to benefit from them. Basic tutorials that cover toy examples are not always enough for real-life practitioners. As an actual user of Django, Docker, and CircleCI, this was certainly a pain point for me. That is why I wrote this tutorial.

96% of companies now use or are in the process of evaluating Kubernetes. As the maturity and complexity of Kubernetes environments grow, costs quickly spiral out of control when an effective strategy for visibility and optimization is not in place.

In May, a team from Grafana Labs descended on Valencia, Spain, to share their latest insights on the cloud native landscape at KubeCon + CloudNativeCon EU 2022. Along with diving into the future of Kubernetes monitoring with kubectl alpha events and multi-cloud deployments, Grafanistas presented an overview of the Prometheus ecosystem with an eye towards how sparse high-resolution histograms are going to change the game.

Kubecon EU returned to Spain. This time to Valencia, city of paella and horchata and, of course, a great place for big events. We had a great time meeting you all in person, and attending the talks. Here are our hot takes from the event. The main event started on Wednesday, but before that different co-located events took place: Ebpf Day, Cloud Native SecurityCon, and PrometheusDay among others. These events gathered a large number of attendees.

VMware Tanzu Mission Control is designed for operations teams to address complexity and increase control of their Kubernetes clusters wherever they live. In order to support customers with their multi-cloud business imperatives, VMware made an early commitment to provide data protection capability in Tanzu Mission Control, designed to help enterprises more confidently and safely run critical workloads on Kubernetes.

Optimizing Kubernetes costs isn’t an easy task. Kubernetes is as deep a topic as cloud (and even more complex), containing subtopics like: That’s a lot for a busy DevOps team to understand and manage, and doesn’t even consider that line-of-business stakeholders and finance team members should have some understanding of each cost driver’s function and importance to contribute to a successful FinOps Strategy.

As the complexity of Kubernetes environments grow, costs can quickly spiral out of control if an effective strategy for optimization is not in place. We’ve compiled expert recommendations and best practices for running cost-optimized Kubernetes workloads on AWS, Microsoft Azure, and Google Cloud (GCP).

In May, we hosted our first in-person community meetup speaking about all things Kubernetes. Community members came and engaged in cloud-native discussions with talks from Saiyam Pathak, Kunal Kushwaha, Josh Van Leeuwen, and Walid Shaari. We also featured in ZDNet’s article on the four-day work week which includes an interview with Mark Boost, CEO at Civo. This outlined how employees have attained a better work-life balance with the change as well as why the decision was made.