Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on DevOps, CI/CD, Automation and related technologies.

All About Log4j/Log4Shell + Mitigation (CVE-2021-44228 and Beyond)

This article discusses the background, impact, identification, and mitigation of Log4Shell, one of the worst vulnerabilities to arise in the past decade. Here at Cloudsmith, security and privacy are paramount. As a hosted package management service helping customers distribute millions of packages worldwide, we're part of the story for securing software supply chains. Read on further to see how the vulnerability works and what you can protect yourself and your users.

Share your failures with robots: surfacing activities with GitHub actions

In our previous announcement, we announced that activities on Upsun were now shareable. If you need to send a member of our support team something fishy going on in your build hook, or get help from another member of your team about a database migration taking longer than expected, you can send them to the exact logline you need help with.

How To Use Buildpacks To Run Containers

The high demand to deliver software that is both highly available and able to meet customer requests has, in part, led to the adoption of microservice architecture, a software architecture pattern that makes it easier to deploy applications as self-contained entities called containers. These containers are nothing but processes that run as long as the application in them is running.

Monitor Kubernetes with Fairwinds Insights' offering in the Datadog Marketplace

Fairwinds Insights is Kubernetes governance and security software that enables DevOps teams to monitor and prevent configuration problems in their infrastructure and applications. Not only does Fairwinds simplify Kubernetes complexity, but it also reduces risk by surfacing security and reliability issues in your Kubernetes clusters.

DBAle 39: Short stories- the beginning, Moet, and end of Season One

It’s the most wonderful time of the year, that’s right it’s International Short Story Day. Our narrative covers Agile stories, Developer stories, short girl appreciation, and of course a novel Unwin original…or 3. In ‘The News’ we read all about Log4j, Y2K and Minecraft, before our hosts drop a big bang bombshell, turning a page in the book of life. It’s true poetry in motion as Chris and Chris raise their Moet (reading) glasses in testament to a whopping 39.5 episodes of DBAle Season One. So, grab yourself a beer and join our legendary Chris duo for the last chapter – the end.

Help us help you with content usage telemetry

Let's rip off the bandaid and get the bad news out there first: we're rolling out telemetry for Puppet content. Read on to find out why I think that's actually good news for you, how you can see exactly what data it collects, and how to make sure it never runs if your corporate policy doesn't allow it. And maybe a free beanie if you choose to opt in?

Cloud misconfiguration: vulnerability hiding in plain sight

This post originally appeared on The New Stack and is re-published here with permission. In our technology-driven business climate, most companies have at least some, if not all, workloads on the cloud. And unlike on-premises networks, these cloud environments lack secure outer perimeters and specific off times. Cloud networks are always on and always available. While convenient, this also means hackers can access them at any time.

Harvester: A Modern Infrastructure for a Modern Platform

Cloud platforms are not new — they have been around for a few years. And containers have been around even longer. Together, they have changed the way we think about software. Since the creation of these technologies, we have focused on platforms and apps. And who could blame anyone? Containers and Kubernetes let us do things that were unheard of only a few years ago.