SonarQube Custom Quality Profiles

 

Source code quality analysis is a basic piece of the Continuous Integration process. Along with automated tests, it is the key component to deliver reliable software without numerous bugs, security vulnerabilities, or performance spills.

There are many open source as well as commercial tools available in the market for static code analysis such as LGTM, PMD,Graudit, reshift, Codacy, and many more. One of the best static code analyzer you can find on the market is SonarQube.

Continue reading “SonarQube Custom Quality Profiles”

IP Whitelisting Using Istio Policy On Kubernetes Microservices

Recently, we explored Preserving the Source IP address on AWS Classic Loadbalancer and Istio’s envoy using the proxy protocol in our first Part. Continuing to the second part of this series, we will look at How can we apply IP whitelisting on the Kubernetes microservices!

Problem Statement:

There are some microservices behind an internet-facing loadbalancer that we want to have limited access to, based on source IP address. This will prevent our microservices from unauthorized access.

Continue reading “IP Whitelisting Using Istio Policy On Kubernetes Microservices”

Terraforming The Better Way: Part-I

We often face complications after a certain point when we can not change the foundation layer of our code because we haven’t thought it through and didn’t plan or strategize the way of writing code in the beginning, there are certain points which should be taken under consideration similarly there are some common mistakes which we should avoid.

Continue reading “Terraforming The Better Way: Part-I”

Fasten Docker build

Gif for Fasten Docker Build

Context

Recently I started working on a microservices project, as a DevOps engineer my responsibility was to ensure smooth build and release of the project. One of the challenges that I was facing was the image building process of the projects was painfully slow. Following true Opstree spirit of continuous improvement I started exploring how I can fix this problem and finally got a decent success, I was able to reduce docker image build time from 4 minutes to 20 seconds. In this blog, I would like to showcase various ways through which image building can be reduced drastically.

Continue reading “Fasten Docker build”

Docker Networking – Containers Communication

In the modern world, the container is a fascinating technology, as it has revolutionized software development and delivery. Everyone is using containers because of its dynamic, scalable, and isolated nature.

People do use some orchestration software such as Kubernetes, Openshift, Docker Swarm, and AWS ECS, etc to run their production workloads on containers.

But the question is how these containers communicate with each other in various situations? Continue reading “Docker Networking – Containers Communication”

Linux OS Hardening: CIS Benchmarks

As we’re going through a pandemic majority of business have taken things online with options like work from home and as things get more and moreover the internet our concerns regarding cybersecurity become more and more prominent. We start to dig a little to have standards in place and terms like  Compliance, Hardening, CIS, HIPPA, PCI-DSS are minted out. Today we’ll be discussing why to have CIS benchmarks in place in the least and how we at Opstree have automated this for our clients.

Before moving forward get familiar with basic terms:

CIS Benchmarks are the best security measures that are created by the Centre of Internet Security to improve the security configuration of an organization. Continue reading “Linux OS Hardening: CIS Benchmarks”

GitOps with Jenkins and Kubernetes

While tools like Kubernetes is becoming an essential need for modern cloud-based infrastructure, there is a high potential for cloud-native CI/CD. To achieve that there is a philosophical approach has emerged i.e. GitOps. As we have discussed the important principles of GitOps in our previous blog, So in this blog, we will see how to implement GitOps in our current DevOps processes, and finally GitOps implementation in a light manner. If you haven’t gone through our previous blog, here you can take a look at it.

Continue reading “GitOps with Jenkins and Kubernetes”