Devops

CyberArk Conjur is released as an appliance and distributed as container images to enable fast, error-free setup. The supported container runtimes include: Docker 20.10 or later Mirantis Container Runtime 20.10 Podman 3.x, 4.x While working with multiple Conjur environments in our labs and at customer sites, we noticed that log rotation (for Conjur, Nginx, cluster, etc.) did not function correctly on Podman, although it worked as expected on Docker. After some investigation with the excellent CyberArk support team, we identified the solution: ...

During our work with a CyberArk Conjur environment, we encountered strange behavior during the Conjur follower setup. The setup process on the follower would start, the seed was received, imported, and expanded, but after a few more steps, the process would hang and end with a generic “System Error.” After displaying the error message, the Conjur follower would restart. We performed troubleshooting inside the Conjur Follower pod and verified that the follower could connect to the Conjur API leader successfully, but it was unable to connect to the Postgres database and complete the initial replication. ...

During the past few weeks, I have described what a secrets manager is and provided an overview of the architecture and system requirements of CyberArk Conjur. A secrets manager can’t do its job if it can’t communicate with those who need to request secrets, and that’s where Conjur’s magic comes in! The “authenticators” are responsible for the authentication process in Conjur and are specialized to do this in the most secure way, depending on the service. Here is the list of authenticators currently supported: ...