Your time spend on code review should be optimized as much as possible. Automation is something that can help you with this, and detecting security bugs within go code can be done using tools such as gosec. This post looks into configuring reviewdog to assist in gitlab merge request reviews using tools such as gosec.
Gitlab CI
When you work on infrastructure, develop helm charts or simply want you run your tests in a more production like environment, running Kubernetes on your Gitlab CI may a good fit for you. Luckily, it’s only a little bit of configuration to set-up!
Kubernetes Gitlab CI k3s kind
This post is about enabling the ModSecurity feature for ingress-nginx in practice.
ModSecurity is an open source web application firewall (WAF). It can help you provide an additional layer of security in front of your application. I will leave the the what and how on usnig a WAF for others to talk about (there quite a few good blog posts available on the web on this topic), and this post will soley focus on enabling the functionality in ingress-nginx.
Kubernetes Nginx Security WAF
One awesome tool that I got to learn a great deal more about during KubeCon EU is Linkerd 2. It’s simple to use and looks really promising. This post is about setting it up and the things I encountered during that process.
Kubernetes Linkerd Service Mesh
The past few months I’ve heavily invested into learning Kubernetes. So far, I’ve loved every part of it. At work I am constraint at the environments we run our systems in. We’re not able to move to the public cloud for various reasons, and do not have any persistent storage available through an API that can be easily mounted and controlled using a storage plugin / driver. So I started browsing around.
Kubernetes Rook Storage
I have various Terraform modules for many purposes and often they end up using CentOS with a Docker install script. While demoing something to a co-worker, we had to wait ~7 minutes for a Terraform apply it to finish with an install script. This should be a lot faster, so I sat down this sunday and looked into Packer.
DigitalOcean Packer Terraform
There are many solutions for performing log collection or log management. Personally I’ve got experience with using the ELK stack. So this post will focus on ELK with Logspout for log collection.
Docker Swarm mode Logspout
Here’s how to upgrade Docker in a Swarm mode cluster without cluster down time.
Docker Swarm mode
I recently started playing around with Terraform. Since I often manually spin up a couple of droplets on DigitalOcean to set up a Swarm mode cluster to try out some projects or set ups, I figured I should put all of that into code as my first Terraform project. I created a Terraform module for provisioning a basic Swarm mode cluster during this project. Ideal for labs or development clusters.
Terraform Orchestration DigitalOcean Swarm mode