Code rots. The day you release it, your software becomes a legacy. Some call this technical debt. You have to maintain actively. This article shows you how.
Today's software contains many dependencies. Typically, you use a plethora of open-source libraries for your programming language of choice. Your build tool will introduce additional dependencies. Moreover, you’ll probably use container technology to ship your program, adding even more dependencies.
Those dependencies impose the core problem: New versions get released quickly. There are different drivers: bugs are fixed, features are added—changes may be downwards compatible or breaking. …
Let’s assume you have a GitLab CI/CD pipeline that changes a repository. Or maybe you want to leverage full access to the GitLab API. What are the options?
You can create a personal access token and define it as a custom environment variable. You could put it in .gitlab-ci.yml, but this would be the wrong choice because your token is not protected. Another option is to define the variable in the UI where it is possible to restrict the usage to protected branches and mask the output in job logs.
This approach has two drawbacks. First, the personal access token…
Let’s assume you want to deploy a simple containerized application or service to the Azure cloud. Additionally, your service needs to be reachable publicly via HTTPS. This technical article shows you how to achieve this goal.
Container Instances: The fastest and simplest way to run a container in Azure, without having to provision any virtual machines and without having to adopt a higher-level service.
Kubernetes is the de facto standard for container orchestration and Vault by HashiCorp is the de facto standard for secrets management. Now the question is: how do you combine those technologies so that you can use secrets from your central Vault instance in your Kubernetes applications?
One solution would be to use the AppRole auth method. Boostport provides a nice integration of AppRoles in Kubernetes. Another possibility is to use the Kubernetes auth method. This auth method establishes a trust relationship between Vault and your Kubernetes cluster so that you can use a service account to authenticate to Vault. …
Kubernetes is designed to run stateless workloads. These workloads typically come in the form of a microservices architecture, are lightweight, scale well horizontally, adhere to the 12-factor app principles, and can deal with circuit breakers and chaos monkeys.
Kafka on the other side is essentially a distributed database. This means you have to deal with state and it is much more heavyweight than a microservice. Kubernetes supports stateful workloads but you have to treat it with caution as Kelsey Hightower points out in two recent tweets:
Open source turns 20 this year — happy birthday! In this blog I will touch on several aspects of open source software (OSS) and tell you why I think it’s so important.
There are a number of reasons:
First of all, you don’t have to pay license fees or subscriptions. You can just download and use the software.
Second, you avoid vendor lock-ins and increase the flexibility of your technology choices. It’s easier to replace OSS with an alternative.
Third, you can innovate. This doesn’t seem to be so obvious an advantage, but open source is often leading-edge, and you…
Recently, I was asked if I could help implement a prototype based on the Corda blockchain technology. The idea was to build a novel type of document management system (DMS) which can be used to securely share legal documents between companies or business units. I had never heard of the Corda platform before and was pretty much sceptical. So I dug into it and tried to understand the key concepts and then started to code. Now I’d like to share some of my insights during this endeavour:
In a blockchain such as Bitcoin all ledger entries are public and can…
Computing in distributed systems is difficult. However, we live in a distributed world: the Internet, web apps, and most mobile apps would not be able to run on only one huge central server. So if your solution isn’t a niche for a handful of users you’re better off with a stateless architecture.
There are three major benefits:
How do you manage your database passwords for your application when applying the DevOps practice Everything as Code? This article gives you some directions.
Before we can dive into Secure Config as Code we have to know what “… as Code” means:
Config as Code is about treating the configuration of your application (or service) the same way you treat your source code: you keep it in version control, you make it testable and you apply continuous integration and delivery (CI/CD) principles.
Infrastructure as Code (IaC) is often used interchangeably but has a different scope. It is about applying the…
DevOps is difficult to explain as there is no exact definition. Here’s my attempt to give a quick explanation and an overview of the pillars of DevOps.
DevOps is a cultural movement that aims to improve the collaboration between development and operations, resulting in getting changes faster and more frequently into production, while running more sustainably in production.
The pillars of DevOps are first and foremost cultural and organizational aspects. Applying proven principles and practices and using suitable technology and tools complement DevOps with practical factors.
“You build it, you run it” says Werner Vogels, CTO of Amazon, the same…