Cloud-Native

Hello there! Just a quick post to share that KCD Italy has been announced and will take place in Bologna on 20 June 2024! I’m not directly involved in organizing this event, but my company is, so I’m publishing this post to help spread the word! The CFP (Call for Proposals) is open and available at this link. English sessions are welcome! We are also still looking for new sponsors. If you’re interested, please contact one of the organizers or reach out to me, and I’ll put you in touch with them. ...

Yesterday, KubeCon NA in Chicago came to a close, so now we can start looking forward to KubeCon EU 2024, which will take place in Paris from March 19th to 22nd, 2024 😊. For Paris, early bird registrations are open until November 28th, and it’s still possible to submit proposals for the call for papers. I wanted to share an interesting initiative called Kubetrain, which aims to help attendees reach Paris in a more environmentally sustainable way by choosing trains over planes. ...

I’ll start with a premise for those who may not already be familiar: the open-source software ecosystem often revolves around foundations, with the most famous probably being the Linux Foundation. In the cloud-native domain, the reference foundation is the Cloud Native Computing Foundation, commonly known as CNCF. CNCF is a foundation created by the Linux Foundation in 2015, specifically to manage projects in the cloud-native domain. In simple terms, it can be defined as a third-party, vendor-neutral entity that oversees the development and activities related to major projects involving containerized technologies like Kubernetes. ...

During the past few weeks, I have described what a secrets manager is and provided an overview of the architecture and system requirements of CyberArk Conjur. A secrets manager can’t do its job if it can’t communicate with those who need to request secrets, and that’s where Conjur’s magic comes in! The “authenticators” are responsible for the authentication process in Conjur and are specialized to do this in the most secure way, depending on the service. Here is the list of authenticators currently supported: ...

Security is always a complex topic to address, as an error or omission in processes can lead to serious economic or reputational damage for a company. When we talk about “secrets,” consider the following examples: Usernames Database passwords SSL certificates and keys SSH keys Cloud credentials Simply reading through this list helps to explain why this topic needs to be considered and handled carefully. Some common bad practices or risks include: ...