If we want to be certain that what we’re running is what we built, we might need to sign container (Docker) images, as well as other types of artifacts. That’s where Cosign jump in. Sigstore Cosign makes signatures invisible, especially if we combine it with Kyverno or other Kubernetes admission controller solutions.
Continue readingWhich tool for Kubernetes policies and admission controllers works better? Kyverno or Datree?
Continue readingScaleway claims that it is the most complete cloud computing service. Is it true? Let’s find out.
Continue readingDatree is known as a great solution for client-side manifest scanning and policy enforcement. That just changed with the introduction of Kubernetes admission controllers. Datree now supports both, so it’s time to revisit the project and see whether it is a good choice for server-side validations and policy enforcement.
Continue readingIngress and service mesh specifications are about to be replaced with Gateway API. Let’s see it in action!
Continue readingExploring CAST AI as a way to combine scaling with cost reporting of cloud and Kubernetes resources.
Continue readingVMWare Carvel ytt is yet another attempt to replace Kubernetes Helm. Is it any good?
Continue readingCan Jsonnet with Tanka replace Helm and Kustomize?
Continue reading“Kubernetes secrets are not secure enough!” If that’s true, maybe we should eliminate them altogether. Can we do that? Can we live without Kubernetes secrets? Is Secrets Store CSI Driver (SSCSID) the solution?
Continue readingKubernetes Horizontal Pod Autoscaler (HPA) is limited to memory and CPU metrics. It can be extended with custom metrics, but that might not be enough either. KEDA (Kubernetes Event-Driven Autoscaling) might be the solution for all (horizontal) scaling needs.
Continue reading
Technology Conversations 