Everyone can contribute! Learn DevOps and Cloud Native in our cafe ☕
Technology is moving fast in the DevOps and Cloud Native community.
Join the conversation and add your thoughts, tips, experiences, stories.
"Everyone Can Contribute" is inspired by GitLab's mission.
43. #EveryoneCanContribute cafe: More Package Dependency Hunting with GitLab
Michael Friedrich starts with an introduction to Package Hunter. Niclas Mietz dives into the cloud provisioned Package Hunter instance, and how to test malicious dependencies. Dennis Appelt chimes in to help.
Recording Enjoy the session! 🦊
Highlights The cafe starts with quick introduction and recap of last week’s session with Falco and how Package Hunter uses it under the hood. The slidedeck provides more insights into the workflows.
We’ve then inspected the Terraform module for provisioning a VM in Hetzner Cloud, which mimics the same installation process as the local Vagrantfile for Package Hunter.
Read More…
Written by: Michael Friedrich
42. #EveryoneCanContribute cafe: Falco and GitLab Package Hunter
POP dives into Falco, the rules engine and a live deployment into a Kubernetes cluster. Michael Friedrich takes over with Package Hunter, using the Falco rules to monitor unexpected syscalls from package dependency installs.
Recording Enjoy the session! 🦊
Highlights POP started with the basics, showing the power of the ruleset of Falco to monitor many different events. He also shared how to customize Falco with Falcosidekicks:
A simple daemon for connecting Falco to your ecossytem.
Read More…
Written by: Michael Friedrich
41. #EveryoneCanContribute cafe: Kubernetes Cluster Image Scanning with Trivy & Starboard
Niclas Mietz walks us Aqua Security Starboard, installed into a Civo Cloud k3s cluster. Philip Welz takes over with Trivy in Estafette.
Reminder: GitLab Commit Virtual day 2 is today. Register now!
Recording Enjoy the session! 🦊
Highlights First, the Starboard Operator will be installed and collecting the cluster image reports in our Civo k2s cluster. You can specifiy the namespaces for the Starboard Operator in the configuration. If left empty, all namespaces are scanned - we defined the default namespace.
Read More…
Written by: Michael Friedrich
40. #EveryoneCanContribute cafe: Terraform and Helm Registries in GitLab
Niclas Mietz walks us through a Terraform module with Civocloud deployments, published to the GitLab registry. Philip Welz takes over.
Reminder: GitLab Commit Virtual happens next week. Register now!
Recording Enjoy the session! 🦊
Highlights The civo-k3s repository provides a minimal set of Terraform modules to provision a Civo Cloud Kubernetes cluster learned last week. Niclas creates the .gitlab-ci.yml configuration for Terraform, and uses additional scripts and jobs to package and push the Terraform module to the GitLab registy.
Read More…
Written by: Michael Friedrich
39. #EveryoneCanContribute cafe: Civo Cloud, k3s and GitLab
Anaïs Urlichs took us into cloud native deployments with Kubernetes clusters in Civo Cloud, insights how k3s works and integration into GitLab.
Recording Enjoy the session! 🦊
Highlights How to start learning together, and why 100 Days of Kubernetes came to life brought the story to k3s, and its architecture. From there, we’ve explored Civo Cloud, the Kube Quest tutorial and the cluster creation via the CLI.
The CLI failed with a host name error of 64 characters - we analysed the source code, and the Civo engineers fixed the problem during the session.
Read More…
Written by: Michael Friedrich
38. #EveryoneCanContribute cafe: Talos, a Kubernetes OS
Talos is a modern OS designed to be secure, immutable, and minimal. Its purpose is to host Kubernetes clusters, so it is tightly integrated with Kubernetes. Talos is based on the Linux kernel, and supports most cloud platforms, bare metal, and most virtualization platforms. All system management is done via an API, and there is no shell or interactive console.
Andrew Rynhard dives deep into Talos, the Kubernetes OS.
Recording Enjoy the session!
Read More…
Written by: Michael Friedrich