At Soluto, we have super-devs who have full ownership: from writing code to deploying it to monitoring. When we made the shift to Kubernetes, we wanted to keep our devs independent and put a lot of effort into allowing them to create services rapidly. It all worked like a charm – until they had to handle credentials. This challenge leads us to build Kamus – an open source, GitOps, zero trust, secrets solution for Kubernetes applications. Kamus allows you to…
Author: Omer Levi Hevroni (Page 1 of 2)
Short answer: YES (scroll to end to find out, or check out the sample repo). Long answer: Read along to find out! Kubernetes deployment seems pretty simple: all you need is just a bunch of YAML files, and by using kubectl (the Kubernetes command line utility) you’ll have your service up and running in your Kubernetes cluster. Although deploying one service is an easy task, how do you deploy hundreds of microservices? At Soluto, we have more than 100 live…
Recently, I caused a pretty big production issue. It was bad. It all happened when I tried to harden our APIs – by disabling weak cipher suites in the TLS protocol. If you’re not sure what that means – or how it is done, stay tuned! In this post, I’ll explain what happened, why it’s important to harden your APIs, and how to do it properly. Mmm, something looks weird here… A few months ago, while investigating a bug in…
Are you running security tests in your CI? You might be wondering – what does running security tests even mean? What does it do? Security tests just test your code for known vulnerabilities, to make sure hackers will not be able to hack into your system. This might sound complicated – but actually, it is pretty simple. There are many existing tools that you can use for running security tests – and in this blog post, I will introduce one of…
Do you have any experience with WordPress? Until recently, I never tried to develop something in the WordPress ecosystem. A few weeks ago, I found a cool plugin that I wanted to improve. While working on it, I realized how complex it is to write tests for WordPress – and I wanted to share my experience with you. Part of the complexity was running those tests in Docker containers – to make it easy to run them with a real…