Data retention or lifecycle configuration for S3 buckets is done by the S3 provider directly. The provider keeps track and files are automatically rotated after the requested time. This article is a simple step-by-step guide to configure such lifecycle for OpenShift Data Foundation (ODF), where buckets are provided by Noobaa. Knowledge about ODF is assumed, however similar steps can be reproduced for any S3-compliant storage operator ..read more

One of the most popular questions asked before adopting the GitOps approach is how to deploy an application to different environments (Test, Dev, Production, etc.) in a safe and repeatable way. Each organisation has different requirements, and the choice will depend on a multitude of factors that also include non-technical aspects. Therefore, it is important to state: " There is no unique “right” way, there are common practices ..read more

When managing one or more clusters, the question arises as to how cluster configurations and applications can be installed securely, regularly, and in the same way. This is where the so-called GitOps approach helps, according to the mantra: " If it is not in Git, it does not exist The idea is to have Git as the only source of truth on what happens inside the environment. While there are many articles about how to get GitOps into the deployment process of applications, this series of articles tries to set the focus on the and tasks system administrators usually have to do, for example: Setup an ..read more

Author: Toni Schmidbauer Published: 2023-11-26 ( Lastmod: 2023-11-29 ) , Falco is a security tool to monitor kernel events like system calls or Kubernetes audit logs to provide real-time alerts. In this post I'll show to customize Falco for a specific use case. We would like to monitor the following events: An interactive shell is opened in a container Log all commands executed in an interactive shell in a container Log read and writes to files within an interactive shell inside a container Log commands execute via `kubectl/oc exec` which leverage the ..read more

In this article, I am trying to explain how I solved this issue by using a Kubernetes Job and a Helm Chart ..read more

In this article, I am trying to explain how I solved this issue by using a Kubernetes Job and a Helm Chart ..read more

In this article, I am trying to explain how I solved this issue by using a Kubernetes Job and a Helm Chart ..read more

(SBOM) offers an insight into the makeup of an application developed using third-party commercial tools and open-source software. It is a machine-readable, formally structured list of all components. This list is important to gain visibility into what risks might exist in a package and their potential impact. It allows to prioritize the risks and define a remediation path. The teams can use the SBOM to monitor all components that are used across an application. We will create a Task that will generate a SBOM and uploads it into an SBOM repository ..read more

Finally, after pulling and checking the code, we are going to create the image. During this process the image will be signed and uploaded to the public registry ..read more