The latest News and Information on DevOps, CI/CD, Automation and related technologies.
Today we released updates for a series of vulnerabilities termed ‘There’s a hole in the boot’ / BootHole in GRUB2 (GRand Unified Bootloader version 2) that could allow an attacker to subvert UEFI Secure Boot. The original vulnerability, CVE-2020-10713, which is a high priority vulnerability was alerted to Canonical in April 2020.
Deploying a new feature to production is a momentous occasion. It's important to ensure that everything goes properly at this stage, as deployments tend to be error-prone when not handled correctly. To examine why this is and how you can avoid it, let's take a look at the different types of deployments available and where some of them fall short.
Kubernetes is the most popular Open Source technology of the last five years. It was created by Google to allow companies to use container (Docker) applications in production. Today, Kubernetes is the new standard for running applications in the Cloud or on its servers (on-premise). I even heard from a Cloud architect from Azure: "our customers no longer come to us to do Cloud, but to do Kubernetes". That's to say how much a utility software* upsets a whole ecosystem.
Kubernetes provides a powerful networking model for microservices. One of the pillars of this model is that each pod has its own IP address and is directly addressable within the cluster. As a consequence, each Kubernetes cluster usually has a flat virtual network that external hosts can’t reach directly. That means routing traffic from clients outside the cluster to services deployed inside the cluster requires some additional work.
Deploying a new feature to production is a momentous occasion. It's important to ensure that everything goes properly at this stage, as deployments tend to be error-prone when not handled correctly. To examine why this is and how you can avoid it, let's take a look at the different types of deployments available and where some of them fall short.
