Containers

Centralized logging for Windows containers on Amazon ECS using Fluent Bit

Centralized logging for Windows containers on Amazon ECS using Fluent Bit

Introduction Today, Amazon Web Services (AWS) announced the support for Fluent Bit container images for Windows operating system. This support eliminates the need for Windows customers to implement any custom logging solutions in their application code or manage custom agents on their Windows instances to scrape the logs. For more details about the supported Windows […]

Deploying IPFS Cluster using AWS Fargate and Amazon EFS One Zone

Deploying IPFS Cluster using AWS Fargate and Amazon EFS One Zone

Introduction Image source: https://ipfscluster.io/ IPFS (InterPlanetary File System) is a popular decentralized storage solution used for many use cases like decentralized applications, p2p data sharing, or immutable file systems. For more usage ideas see these examples. IPFS Cluster is another application that runs alongside IPFS and provides data orchestration across a swarm of IPFS daemons […]

Automatically enable group metrics collection for Amazon EKS managed node groups

Automatically enable group metrics collection for Amazon EKS managed node groups

Introduction Amazon Elastic Kubernetes Service (Amazon EKS) managed node groups automate the provisioning and lifecycle management of Kubernetes nodes (Amazon Elastic Compute Cloud (Amazon EC2) instances) for Amazon EKS Kubernetes clusters. Managed nodes are provisioned as part of an Amazon EC2 Auto Scaling group that’s managed for you by Amazon EKS. Amazon EKS doesn’t enable […]

Building Amazon Linux 2 CIS Benchmark AMIs for Amazon EKS

Building Amazon Linux 2 CIS Benchmark AMIs for Amazon EKS

Introduction The Center for Internet Security (CIS) Benchmarks are best practices for the secure configuration of a target system. They define various Benchmarks for Kubernetes control plane and the data plane. For Amazon EKS clusters, it is strongly recommended to follow the CIS Amazon EKS Benchmark. If the data plane of an Amazon EKS cluster uses Amazon Linux […]

Announcing Amazon ECS Task Scale-in protection

Introduction We are excited to launch Amazon Elastic Container Service (Amazon ECS) Task Scale-in protection, which is a new capability that gives customers control over protecting Amazon ECS service tasks from being terminated by scale-in events from Amazon ECS service Auto Scaling or deployments. Customers can simply mark their mission-critical tasks as protected from scale-in […]

Deep Dive on AWS App Runner Private Services

Deep Dive on AWS App Runner Private Services

AWS App Runner is a fully managed service for running web applications and API servers. App Runner simplifies the experience to build and run secure web applications with little to no infrastructure in your account. You provide the source code or a container image, and App Runner builds and deploys your application containers for you, […]

Announcing AWS App Runner Private Services

Earlier this year we announced the general availability of App Runner VPC support. This feature enabled your services to communicate with databases and other applications hosted in an Amazon Virtual Private Cloud (Amazon VPC). Today, we released App Runner private services, and now customers can strengthen the security posture of their applications and meet their […]

Multi-cluster management for Kubernetes with Cluster API and Argo CD

Multi-cluster management for Kubernetes with Cluster API and Argo CD

Introduction Customers are moving to cloud thanks to its scalability and cost-effectiveness. Some are adopting Kubernetes to modernize their workloads for a more agile way to iterate and deliver time-to-market services or product features to their customers. As the number of clusters to be managed increases, customers struggle with different deployment mechanisms and application programming […]

Implementing Pod Security Standards in Amazon EKS

Implementing Pod Security Standards in Amazon EKS

Introduction Securely adopting Kubernetes includes preventing unwanted changes to clusters. Unwanted changes can disrupt cluster operations and even compromise cluster integrity. Introducing pods that lack correct security configurations is an example of an unwanted cluster change. To control pod security, Kubernetes provided Pod Security Policy (PSP) resources. PSPs specify a set of security settings that […]

Announcing general availability of cdk8s+ and support for manifest validation

Announcing general availability of cdk8s+ and support for manifest validation

This post was co-written by Shimon Tolts, CEO and Co-Founder, Datree. Introduction On July of 2020, we introduced the beta version of cdk8s+, a high-level intent driven application programming interface (API) designed to simplify Kubernetes resource configuration. Since its release, we’ve been working on adding capabilities and collecting feedback from our customers. Today, we’re happy […]