The last fifteen years have seen huge increases in developer productivity for several reasons, including the arrival of open source into the mainstream and the ability to better emulate target environments. In addition, the process of resetting a development environment back to the last known stable version has been vastly improved by Vagrant and then Docker.
Having completed a series of twelve Lighthouse Roadshow events across Europe and North America over the past six months, I’ve had time to reflect on what I’ve learnt about the rapid growth of the Kubernetes ecosystem, the importance of community and my personal development.
Yesterday, we announced the beta release of Logz.io Infrastructure Monitoring — our Grafana-based monitoring solution, and the planned release of a Jaeger-based tracing solution. These additions to our platform complement our ELK-based Log Management product, together constituting what is the world’s only open source-based observability platform for monitoring, troubleshooting and securing distributed cloud workloads.
AWS Fargate has steadily gained traction in Amazon Elastic Container Service (ECS) environments because it allows users to run containerized applications without thinking about their underlying infrastructure. Today, AWS announced that support for Amazon Elastic Kubernetes Service (EKS) on AWS Fargate is now generally available, giving Amazon EKS users the option to seamlessly manage their infrastructure with AWS Fargate instead of manually provisioning EC2 worker nodes.
Microservices have been gaining popularity since they were introduced in 2015. But they come with challenges for both developers and users because of the intricate configuration and deployment which often leave developers longing for the simplicity of monolithic applications.
Authorization to Operate (ATO) in a day and on-going authorization are compliance nirvana. The ATO is the authorizing official’s statement that they accept the risk associated with the system running in production environments using live business data. The idea that all of the information necessary to make a risk decision is at hand and can be consumed by decision makers is what every compliance program is trying to achieve.
Whether you sat out this KubeCon or were too busy working the hallway track to make it to all the sessions on your list, never fear. You can catch up on all the talks given by Grafanistas here.
Last week’s container event of the year, KubeCon, hosted by the Cloud Native Computing Foundation, attracted more than 12,000 attendees to the San Diego convention center. While there, I attended numerous sessions but I also spent a good portion of time chatting with DevOps professionals, Kubernetes practitioners, and vendors to understand the practicalities behind deploying and managing containerized workloads and microservices.
In this blog post you’ll learn how to set up image vulnerability scanning for AWS CodePipeline and AWS CodeBuild using Sysdig Secure DevOps Platform. AWS provides several tools for DevOps teams: CodeCommit for version control, CodeBuild for building and testing code, and CodeDeploy for automatic code deployment. The block on top of all these tools is CodePipeline that allows them to visualize and automate these different stages.
As container adoption in AWS takes off, ECR scanning is the first step towards delivering continuous security and compliance. You need to ensure you are scanning your images pulled from AWS ECR for both vulnerabilities and misconfigurations so that you don’t push applications running on AWS that are exploitable.
