Kubernetes clusters use multiple certificates to provide both encryption of traffic to the Kubernetes components as well as authentication of these requests. These certificates are auto-generated for clusters launched by Rancher and also clusters launched by the Rancher Kubernetes Engine (RKE) CLI.

Hi all! I am a part of the architecture team at Avito.ru, one of the world’s top classifieds (read more about Avito here). In this post I want to share our experience in implementing kubernetes at scale. Kubernetes is a powerful orchestration tool that helps us manage dozens of microservices, support robust and fast deploy. It’s really cool that we don’t have to manage resources manually, think about service discovery and so on.

At CloudHedge, we’re making use of AI to mitigate inefficiencies and speed up the automated application modernization process. Deploying applications on the cloud has always been challenging, there are so many parameters involved that the entire deployment process becomes tedious. To make matters easy, we have CloudHedge’s Cruize module which can be used for deploying your app on cloud, be it AWS, GCP, IBM Cloud or even Azure.

Kubernetes (K8s) is a prevalent open-source system for automating the deployment, scaling, and management of containerized applications. However, maintaining the service can be difficult and expensive. For that reason, it is easy to find platforms offering Kubernetes as a managed service. In this article, we will analyze three of the most popular services currently available: Google Kubernetes Engine, Azure Kubernetes Service, and Amazon Elastic Container Service for Kubernetes.

An emerging use case for containerized platforms has been the ability to deploy applications in what is termed as an air-gapped deployment. This deployment pattern is particularly pronounced around edge computing (more on that later in the blog series) – though there exist significant differences between edge clusters and air-gapped deployments. Air-gapped applications are those that run isolated from datacenter or internet connectivity.

Calico provides users flexibility by detecting and choosing the right tool for the right job. One of our core values at Tigera is Our customer is the hero of our story. We consider the OpenSource users of Project Calico our customers and we intently listen to their needs to continuously deliver new capabilities and enhanced performance.

Coming back from Monitorama, I had a chance to sit back and start playing with some tools to see how they worked. Prometheus is a pretty ubiquitous tool in the monitoring space, it's pretty easy to spin up, and is open-source. Having a very active community of engaged developers means finding help articles or guides is easy. We are also going to use Grafana to build nicer looking graphs based on API queries from Prometheus.

Custom compliance filters is now GA as part of the SaaS and on-prem release. With Sysdig Secure, enterprises can enforce compliance filters across the container lifecycle. Teams can automate regulatory compliance controls for PCI, NIST, CIS, for Kubernetes and container environments at scale.They also gain visibility into the performance, health, compliance, and security posture of an on-prem and/or multi-cloud environment from a single dashboard.