Welcome to our second blog post on the Kubernetes threat vectors series. We are covering different tactics on the Kubernetes attack matrix, published by Microsoft and originally based on the MITRE ATT&CK framework. On the first blog we reviewed the Initial access tactic and its techniques and today, we are moving on to Execution. Let’s get started. What is Execution?
Today, every company is a software company and digital business is a core strategy for many organizations. To gain the much-needed agility and efficient scalability, companies in all verticals are modernizing their infrastructure by moving to hybrid, multicloud and cloud-native environments. Realizing that modern applications run on modern infrastructure, IT leaders are prioritizing infrastructure modernization initiatives.
The way we write, ship, and maintain software today has evolved drastically in the last few years. How we consume underlying infrastructure to run our software has matured significantly, in that we have seen a transition from bare metal to virtual machines to containers to micro-VMs.
Qovery is excited to announce that we are now a silver member of the Cloud Native Computing Foundation (CNCF) and Linux Foundation (LF). As a CNCF silver member, we are looking forward to contributing to CNCF projects and playing an active role in developing the cloud-native ecosystem. Qovery also recently makes is deployment engine open-source, an abstraction layer library that turns easy apps deployment on AWS, GCP, Azure, and other Cloud providers.
As Kubernetes continues to establish itself as the industry standard for container orchestration, finding effective ways to use a declarative model for your applications and tools is critical to success. In this blog, we’ll set up a K3s Kubernetes cluster in AWS, then implement secure GitOps using ArgoCD and Vault. Check out the source for the infrastructure and the Kubernetes umbrella application here.
We’re excited to announce that Calico Enterprise, the leading solution for Kubernetes networking, security and observability in hybrid and multi-cloud environments, now includes encryption for data-in-transit.
In this article we will be looking into Kubernetes monitoring with Graphite and Grafana. Specifically, we will look at how your whole Kubernetes set up can be centrally monitored through Hosted Graphite and Hosted Grafana. This will allow Kubernetes Administrators to centrally manage all of their Kubernetes clusters without setting up any additional infrastructure for monitoring.