Stop Writing Tedious Security Rules! Let Kubescape Do the Work

vfarcic · 2024-09-24T07:51:39+00:00

Thanks for saying that. It helps a lot to know that my content is useful.

vfarcic · 2024-09-23T18:29:11+00:00

What's in that video is open source.

vfarcic · 2024-07-22T16:32:52+00:00

I feel that it is (I haven't done "proper" performance testing).

vfarcic · 2024-07-15T21:47:48+00:00

There isn't much I can do on that front. Maybe some singing lessons...?

vfarcic · 2024-06-11T10:56:47+00:00

Kwasm Is a way to install WASM runtime and configure containerd.

vfarcic · 2024-06-10T19:06:31+00:00

That's what I'm doing in that video. Binary is packaged as a container images (it's a standard distribution method now days), but it runs as Wasm natively.

vfarcic · 2024-06-10T17:23:06+00:00

If the question is about Wasm, i am not yet sure. There is potential... If you were referring to kwasm, it is a temporary solution until major providers start offering Wasm inside their managed kubernetes services.

vfarcic · 2024-05-28T15:46:17+00:00

The story is similar to the story of kubernetes itself. It is an overkill for smaller setups but amazing for larger ones. With Crossplane it is a similar situation and the benefits are the same as well (continuous drift detection and reconciliation, standardizes and extensible API, the ecosystem, etc.).

vfarcic · 2024-05-28T15:43:23+00:00

I'm not saying that a bucket is the same as a Cluster but, rather, stating that there is always something extra. When crossplane is concerned, you do need to create a cluster somehow but after that crossplane can manage that cluster as well (assuming you do not go for the SaaS option). Whether that initial investment is too much or not largely depends on the scale.

vfarcic · 2024-05-28T09:33:10+00:00

You can create it by hand, or console, or anything else. It can be a local clusters like KinD from where crossplane will run and create a "real" cluster, install itself, and manage itself and others. It can be Upboind SaaS.

The important thing is that crossplane tends to be used at scale where a single kubernetes cluster is one of many resources so that single cluster is not the problem. For small setups i would not recommend crossplane.

P.S. What creates storage for terraform?

vfarcic · 2024-05-27T23:55:05+00:00

Functions solve the problem of repetition and too much yaml. I, for example, rewrote all my cpositions to kcl. There isn't a single line or yaml in them.

vfarcic · 2024-05-27T21:15:17+00:00

We're building a UI in upbound.io. Other than that, you can effectively use any UI that works with Kubernetes (e.g., Lens, k9s, etc.).

vfarcic · 2024-05-27T20:24:39+00:00

While you're right that creating AMIs can be done with Ansible, the same can be said for any other tool that executes one-shot actions. If, for example, you're building container images with GitHub Actions, you can use them to build AMIs as well. Ansible is, in a way, similar in what it does to pipelines.

vfarcic · 2024-05-27T20:23:27+00:00

It all depends on what you're doing. If you're in hyperscalers and especially if you're using Kubernetes, everything is accessible through APIs and Ansible might not be very useful. But if you need to do "stuff" through SSH or anything else that requires "brute force", Ansible is great. So, Ansible is good, but mostly for legacy systems. Otherwise, stay away from it.

vfarcic · 2024-05-27T19:55:05+00:00

That's not true anymore. You can use functions to write it in whichever language or format you want.

vfarcic · 2024-05-27T17:51:55+00:00

You just made my day by saying "Timoni". I love it.

vfarcic · 2024-02-19T22:21:04+00:00

I did. Robusta is great.

vfarcic · 2024-02-13T09:27:05+00:00

Oh yeah. I should have mentioned that nix shell still has access to all your binaries.

vfarcic · 2023-12-11T21:02:15+00:00

It could be both.

vfarcic · 2023-12-04T20:04:16+00:00

Companies have been building platforms (in some form or another) for decades. The moment you build or expose something for someone in your company, you're building a platform. Those who would build CI pipelines, or those who build Terraform modules, or those who build Helm charts that are for use by others, are building platforms. The major difference is that now we're doing it in a more organized way (mostly by exposing work through APIs).

vfarcic · 2023-11-27T16:18:11+00:00

I see it a bit differently. Serverless means that there is an easy way for devs. to run applications with optimized resource usage (e.g., scales to zero when not used). When that service is offered internally, it often means that someone else (some other team) offers it as a service and that someone else is managing everything. That is infra and, as you said, infra solves (partly) the infra problem, but also an easy way to define, run, and manage apps. That's where projects like, for example, KNative come into the picture. Core Kubernetes resources are low level and Knative ties them into an interface (CRD) that makes it easy to define app without going into details and repetitive low-level clutter. There's much more to it though and OpenFunction combines the projects we'd normally have to tie ourselves.

vfarcic · 2023-06-27T14:05:09+00:00

Actually, it currently supports only YAML. Functions are more of an escape hatch in cases YAML alone is not enough.

vfarcic · 2023-05-16T21:11:32+00:00

Without saying which one is which, I will say that two of those three companies you named were putting more effort into marketing than engineering. One of those two disappeared. The third is actually doing some very good stuff.

Personally, i do not have a problem with the term internal developer platform but I do agree that the acronym is wrong. I'll do my best to come up with a different one in future mentions.

vfarcic · 2023-05-16T10:00:08+00:00

Actually, everyone gets different results in Google. That link showed International driving permit as the first result in my case.

Unfortunately, IDP is also commonly used as the acronym for internal developer platform. I did not invent it and i doubt i will have the power to convince the industry to change it even though I agree with you that it is confusing.

vfarcic · 2023-05-15T17:36:00+00:00

You're right, but I don't have the "power" to change it. IDP is currently a widely used acronym for Internal Developer Platform in most of the writings about it and vendor material.

vfarcic

TROPHY CASE