Argo Rollouts vs. Flagger: The Ultimate Kubernetes Canary Cage Match
Argo Rollouts vs. Flagger: The Ultimate Kubernetes Canary Cage Match Let’s be honest. Throwing a new version of your application into production and just hoping it works is the software...
Infrastructure as code with Terraform CDK
Why infrastructure as code? As a response to the fast changing pace of nowadays market, development teams should spend less time on routine drudgery, but even with modern tools, the...
Static Container Scanning with Clair and Klar (or Trivy)
Introduction Recently I came across this eye-opening post about native security scanning in Amazon’s Elastic Container Registry (ECR), and inspired by the architecture proposed by the authors I decided to...
AWS: API Gateway Cognito Authorizer
Scenario Imagine you want to build and expose a REST API on AWS. At this moment your API’s only requirement is to support a single resource (domain.com/default/greetings), and whenever this...
CloudStack: Site-to-Site VPN between regions
Problem How can I interconnect VPCs from different regions knowing that each region is controlled by its own cluster of management servers. Our scenario involves two different regions, for the...
Gateway Load Balancing Protocol
If you came this far you probably have seen acronyms such as VRRP (Virtual Router Redundancy Protocol) and perhaps HSRP (Hot Standby Router Protocol). They all share the same denominator: first hop...
Notes on Isometric Projection
The concept of an isometric projection (from the Greek, ísos: “equal” and metrikós: “measure”), or simply: parallel perspective, had existed in a rough empirical form for centuries as a method...
Python: Yum Security Updates
I have seen a lot of engineers attempting to come up with ways to deal with security reports, automated patching and so on. Every scenario requires tailored solutions driven by...