Automating helm releases with helmfile & helmfile-deploy

If you deploy applications to Kubernetes, you probably have brushed shoulders with Helm charts and have likely even developed a chart on your own. Helm charts are a great way to custom tailor each installation/upgrade of a given application by dynamically generating all the Kubernetes YAML based on the set of values that you pass … Continue reading Automating helm releases with helmfile & helmfile-deploy

Slack Slash Command security

Slack "Slash Commands" can be a very useful tool to write a CLI to interact with other applications that you manage. In short the contract works something like this; from within a slack channel that the commands are available you would type: /my-command [text arguments] Seems simple enough, however you need to implement a REST … Continue reading Slack Slash Command security

Batch processing testssl.sh commands

If you secure your entire infrastructure at the transport layer with end to end SSL for both internal and external traffic, then you likely have a ton of endpoints, each with their own SSL software stacks and a wide array of different certificates, some CA signed, others not etc. Both the amount of these and … Continue reading Batch processing testssl.sh commands

Docker Swarm Traefik state analysis

Recently I've been working on a toolset (see github swarm-traefik-state-analyzer) intended to aid in the health analysis of Docker Swarm services that are proxied by Traefik in an Docker swarm footprint architecture I previously described in a previous post (click here to read). In short you have 1-N docker swarm clusters, each segmented into 1-2 … Continue reading Docker Swarm Traefik state analysis

Safely build docker images with git svn ssh private keys

Often when building a docker container, your Dockerfile needs to pull down some code from a privately secured source control system like Git or SVN via SSH. In order to do this, the build process will need a valid ssh configuration local to the build that includes the necessary components to make this work (such … Continue reading Safely build docker images with git svn ssh private keys