Why Zero Trust in the Cloud is the Only Way to Stay Secure

| December 2, 2019

article image
Forget “feel good” concepts of responsibility and motivation when it comes to cyber security. Here’s the big difference between feel good and finding the right trust partner for your organization. In cloud and IT security, we’re not talking about trust in the workplace. We’re talking about the critical need to prevent security attacks from both inside and outside your IT network. Even within your network, trust is no longer a cyber security option.

Spotlight

DataStax

DataStax helps companies like Netflix, ING, British Gas, Intuit power data management for their cloud applications. The customers of these companies have billions of defining moments each second around the globe. The moment they get that personalized online deal, watch a streamed movie, manage their finances with ease, know exactly when a package will arrive, efficiently manage a manufacturing process or visit a new physician who already has all the information she needs about her patient. DataStax is the power behind these moments.

OTHER ARTICLES

IMPORTANCE OF CLOUD COMPUTING IN 2020

Article | February 17, 2020

Cloud computing has rapidly developed throughout the years and has demonstrated to be a boon for small entrepreneurs as well as enormous aggregates. The term has been settling in the market for 10 years, however, it picked up acknowledgment and prominence as of late. Cloud computing has all the information, messages, applications and considerably more in a virtual software like Google Drive and Dropbox, which are speedy and safe to access regardless of time and geological boundaries. Intel Security researched a sample universe of 1400 IT security experts. This research report uncovered that out of this sample, 93% of experts utilize hybrid (Private/Public) cloud computing services to operate their business operations. As per Gartner research, the cloud service industry is anticipated to reach $411 Bn by 2020, which was $260 Bn in 2017.

Read More

Top 8 Kubernetes Best Practices to Get the Most out of It

Article | June 23, 2021

With the growth of cloud technology, several enterprises are now aware of the benefits of adopting hybrid and multi-cloud models. However, when shifted between different cloud environments, they face a set of challenges to ensure the applications' reliable performance. Thus, the introduction of the concept of containers in cloud computing comes into action. Containerization is simply the clustering of an application and all its components into a single, portable suite. With containerization rapidly gaining popularity in cloud computing, leading providers, including Amazon Web Services (AWS), Azure, and Google, offer container services and orchestration tools to accomplish container creation and deployment. Based on Forrester's 2020 Container Adoption Survey, about 65% of entrepreneurs are already using or are planning to implement container orchestration platforms as part of their IT transformation approach. Kubernetes is one of the most known and future-ready, portable container orchestration platforms developed by Google. It is a scalable, reliable, robust, and secured platform, which can manage and accommodate high traffic for cloud applications and microservices. For optimal performance, implementing Kubernetes best practices and following a tailored configuration model is significant to ensure the optimal platform efficiency your enterprise requires. This article will highlight the top eight best practices of Kubernetes that will help you orchestrate, scale, control, and automate your enterprise applications. But before we start, let us know the basic concept of Kubernetes. What is Kubernetes? Kubernetes (a.k.a. k8s or "Kube") is Google's open-source container management platform spanning public, private, and hybrid clouds that automates numerous manual processes involved in scaling, deploying, and managing the containerized applications. Kubernetes is an ideal platform for hosting cloud-native applications that require quick scaling, like real-time data streaming through Apache Kafka. In simple words, you can cluster together groups of hosts running Linux containers, and Kubernetes supports you in managing those clusters quickly and efficiently. Gartner forecasts that worldwide container management revenue will grow sturdily from a small base of $465.8 million in 2020 to register $944 million by 2024. It seems that the popularity of Kubernetes across the enterprises will make the forecast achievable. Using Kubernetes, outsourcing the data centers to public cloud service providers, or providing web hosting to optimize software development processes can become manageable. Moreover, website and mobile applications with intricate custom codes can deploy Kubernetes on their product hardware for a cost-effective solution. Moreover, it helps you completely implement and trust a container-based infrastructure in production environments, where you need to manage the containers that run the applications and ensure zero downtime. For example, if a container goes down and another container needs to start, Kubernetes handles the situation with its distributed system framework efficiently. Reasons Behind the Popularity of Kubernetes Strategy Kubernetes is in the headlines, and we hear about it on social media or at user groups and conferences. So, what is the reason behind its popularity? According to the Kubernetes service providers, it has become the standard for container management platform as it offers several advantages: Scalability: It offers easy scalability of the containers across many servers in a cluster through the auto-scaler service, thereby maximizing resource utilization with a simple command, with a UI, or automatically based on CPU utilization. Flexibility: The flexibility of Kubernetes expands for applications to operate consistently and efficiently irrespective of the complexity of the requirement. Storage Orchestration: The open-source attribute of Kubernetes gives you the liberty to take advantage of storage orchestration from different cloud environments and shift the workloads effortlessly to their destinations. Automation: Using Kubernetes, you can automatically place containers as their resource requirements without any availability concerns. It helps to combine critical and best-effort workloads, to drive the utilization and save resources. Health-Check and Self Heal: Kubernetes allows you to perform the health-check and self-heal your containers with auto-replacement, auto-restart, auto-replication, and auto-scaling properties. Reliability and Security: Kubernetes offers tolerance and clustering of significant errors, bringing stability and reliability to the project. Built-in data encryption, vulnerability scanning, etc., are some of the services of Kubernetes that enhance its security aspect. Self-discovery: Kubernetes allows self-discovery by providing their IP address to the containers and providing a single DNS name to a group of containers. Roll Out and Roll Back Automation: Kubernetes gradually rolls out changes to your application or its configuration while monitoring the application's health to ensure it does not kill all your instances at the same time. Kubernetes rolls back the changes in case of any discrepancy. 8 Kubernetes Best Practices for Efficient Deployment According to Red Hat's "The State of Enterprise Open-Source Report," 85% of the interviewees agree that Kubernetes is the key to cloud-native application strategies. Kubernetes has evolved from the code that Google used to manage its data centers at scale. Nowadays, organizations use Kubernetes for complete data center outsourcing, web/mobile applications, SaaS support, cloud web hosting, or high-performance computing. For any platform to operate and perform at its optimum capacity, there are certain best practices that you should consider. In this article, we will discuss a few of the best practices of Kubernetes that can improve the efficiency of your production environment. Use The Latest Version and Enable RBAC Kubernetes releases new features, bug fixes, and platform upgrades with its consistent version update. As a rule, you must always use the latest version to make sure that you have optimized your Kubernetes. By upgrading to the newest release, you will get technical support and a host of advanced security features to control the potential threats while fixing reported vulnerabilities. Enabling RBAC (Role-Based Access Control) will help you control access and admittance to users and applications on the system or network. The introduction of RBAC in the Kubernetes 1.8 version helped to create authorization policies using rbac.authorization.k8s.io API group. It allows Kubernetes to permit access to the user, add/remove approvals, set up regulations, etc. Organize With Kubernetes Namespaces A namespace is a kind of virtual cluster that helps your Kubernetes environment organize, secure, and perform. Thus, it can be considered one of the Kubernetes best practices that enables you to create logical partitions and apply separation of your resources and restrict the scope of user permissions. Thus, you can use it in a multi-user environment spanning multiple teams or projects. Namespaces cannot be nested inside one another, and each Kubernetes resource must be in its own unique namespace. However, it is not essential to use multiple namespaces to distinguish slightly unlike resources, such as different releases of the same software: use labels to separate resources within the identical namespace. Consider Small Container Images Using base images may include the unnecessary inclusion of additional packages and libraries. Hence it is significant to use smaller container images as it helps you to create a high-performing platform quickly. As one of the Kubernetes best practices, you can consider Alpine Linux Images, which are much smaller than the base images. Alpine Images have access to a package repository that has necessary add-ons. You can add essential packages and libraries for your application as required. Smaller container images are also less vulnerable to security threats as they have lesser attack surfaces. Setting Up Health Checks Managing extensive distributed systems can be complex, especially when things are not running perfectly. The primary reason for the complication in the distributed system is that multiple operations work together for the system to function. So, in case of any discrepancy, the system has to identify and fix it automatically. Kubernetes health checks are simple ways to ensure that application instances are working. Health checks are the effective Kubernetes best practices to analyze whether your system is operational or not. If an instance is non-operational or failed, then other services should not access or communicate with it. As an alternative, the system can divert the requests to some other ready and operational instances. Moreover, the system should bring your app back to a healthy state. Kubernetes provides you two types of health checks, and it is significant to recognize their differences and utilities. Readiness probes allow Kubernetes to identify whether the application is ready to serve the traffic before permitting the traffic to a pod (most miniature Kubernetes objects). It fundamentally shows the availability of the pod to accept the workload traffic and respond to requests. In case the readiness probe fails, Kubernetes halts the traffic towards the pod until it is successful. The liveliness probe allows Kubernetes to perform a health check to verify whether the application operates as desired. In case it fails, Kubernetes removes the pod and initiates its replacement. Setting Kubernetes Resource Usage (Requests and Limits) Kubernetes uses the process requests and limits to control resource usages such as CPU and memory. If a container requests a resource, Kubernetes will only map the schedule on a node to provide the requested resource. Whereas limits help to make sure a container never goes beyond a specific request value. The container will be automatically restricted if it goes beyond the limit. To get a total resource value of Kubernetes pods (usually available in a group) comprising one or multiple containers, you need to add the limits and requests for each container. While your Kubernetes cluster might be operational without setting the resource 'requests and limits', you will start getting stability issues as the workloads start scaling. Adding 'requests and limits' will help you to get the optimal benefit of Kubernetes. Discovering External Services on Kubernetes If you want to discover and access the services living outside your Kubernetes cluster, you can do it by using the external service endpoint or Config Maps directly in your code. Even if you are unwilling to identify those today, there can be a compulsion to do so tomorrow. Mapping your external services to the internal ones will enhance the flexibility to transmit these services into the cluster in the future while reducing recoding efforts. Additionally, it will help you to easily manage and understand the external services your organization is using. Database Running- Whether to consider or not? Running a database on Kubernetes can get you some benefits regarding the automation Kubernetes provides to keep the database application active. However, it would help if you analyze them before you start. There can be failure incidents because the pods (database app containers) are susceptible to letdowns compared to a traditionally hosted or fully managed database. Databases with concepts like sharing, failover elections, and replication built into its DNA will be easier to run on Kubernetes. Thus, simple questions like the following will help to draw a Kubernetes strategy to consider whether to run a database or not. Are the features of the database Kubernetes-friendly? Are the workloads of the database compatible with the Kubernetes environment? What is the limit of the Ops workload acceptable in the Kubernetes environment? If the answers to all the questions are affirmative, your external database is ready to run on the Kubernetes environment. Otherwise, you should consider other platforms such as managed DB or VM. Termination Practices Addressing failures is inevitable in distributed systems. Kubernetes helps in handling failures by using controllers that can keep an eye on the state of your system and restart the halted services. However, Kubernetes can also often compulsorily terminate your application as part of the regular operation of the system. It can terminate Kubernetes objects for various reasons because enabling your application to handle these terminations efficiently is essential to create a steady plan and provide a great user experience. Winding Up The CNCF survey report 2020 highlights the progressive inclination towards adapting the Kubernetes platform. The survey received 1324 responses inferred in 2020, where 91% of respondents report using Kubernetes, 83% of them are in production, showing a steady upsurge of 78% from last year and 58% in 2018. Adhering to the Kubernetes best practices will provide you an opportunity to take your production environment to the next level and meet the business requirements. In addition, it will have a positive impact on the Kubernetes market size. Several top marketers and service providers are doing their best to ensure their customers get the desired benefits for Kubernetes deployment in production. Moreover, they also pitch for services on Kubernetes and allow businesses to gain the most out of it. In the latest interview with Media 7, Red Hat's Director of Product Marketing, Irshaad Raihan says, "We look to inspire great ideas and help our customers reach for the impossible. Once we have buy-in into the "why," we arm customers with the most relevant data points to help them make a purchase decision around product and vendor." FAQ’s What exactly is Kubernetes? Kubernetes is an open-source, portable, and scalable platform for container orchestration, automating several manual tasks for managing the containerized workloads. Kubernetes allows clustering running Linux containers and supports managing those clusters quickly and efficiently. Why is Kubernetes so popular? Kubernetes has become one of the efficient container management systems as it offers several advantages, such as easy scaling of the containers across many servers in a cluster. It helps in the easy movement of workloads between different types of environments. It also offers high error tolerance, which contributes to the stability and reliability of the workload and has built-in security tools that provide enhanced safety to the platform. What is an example of Kubernetes? One of the most popular Kubernetes use cases is the popular game Pokemon Go. Niantic Inc. was the developer and witnessed more than 500 million downloads with 20 million active users every day. Pokemon Go's parent company was not expecting this kind of traffic. As an advanced solution, they opted for Google Container Engine powered by Kubernetes. Where is Kubernetes used? You can use Kubernetes to manage microserver architecture. Kubernetes simplifies various facets of running a service-oriented application infrastructure. For instance, it can control the allocation of resources and drive traffic for cloud applications and microservices. { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [{ "@type": "Question", "name": "What exactly is Kubernetes?", "acceptedAnswer": { "@type": "Answer", "text": "Kubernetes is an open-source, portable, and scalable platform for container orchestration, automating several manual tasks for managing the containerized workloads. Kubernetes allows clustering running Linux containers and supports managing those clusters quickly and efficiently." } },{ "@type": "Question", "name": "Why is Kubernetes so popular?", "acceptedAnswer": { "@type": "Answer", "text": "Kubernetes has become one of the efficient container management systems as it offers several advantages, such as easy scaling of the containers across many servers in a cluster. It helps in the easy movement of workloads between different types of environments. It also offers high error tolerance, which contributes to the stability and reliability of the workload and has built-in security tools that provide enhanced safety to the platform." } },{ "@type": "Question", "name": "What is an example of Kubernetes?", "acceptedAnswer": { "@type": "Answer", "text": "One of the most popular Kubernetes use cases is the popular game Pokemon Go. Niantic Inc. was the developer and witnessed more than 500 million downloads with 20 million active users every day. Pokemon Go's parent company was not expecting this kind of traffic. As an advanced solution, they opted for Google Container Engine powered by Kubernetes." } },{ "@type": "Question", "name": "Where is Kubernetes used?", "acceptedAnswer": { "@type": "Answer", "text": "You can use Kubernetes to manage microserver architecture. Kubernetes simplifies various facets of running a service-oriented application infrastructure. For instance, it can control the allocation of resources and drive traffic for cloud applications and microservices." } }] }

Read More

VMware Cloud Foundation 4: Hybrid Cloud Infrastructure for Modern Apps

Article | March 27, 2020

Now, we at DSA are amazed by VMware’s new releases. At the same time, while we feel the concept is great, we don’t understand if you run VMware on public cloud, is the cost higher than simply running on the public cloud like AWS’ native virtual machines?According to VMware’s Sanjay K. Deshmukh, Vice President and Managing Director for Southeast Asia and Korea, “If you look at a total cost of ownership for a customer to run or to migrate an existing application to cloud and you compare that in situations where they run it on native cloud and VMware cloud (VMware cloud running on AWS or any provider), when you compare this two, we have seen our customers able to reduce their total cost of ownership to the upwards of about 25 to 30%.To be specific, Sanjay said the savings are, they don’t have to re-platform any of their applications in order to run in the cloud. Customers on their journey of application modernisation or moving applications to cloud will find that the amount of effort cost and energy they are saving in re-platforming and rearchitecting their applications to the cloud is massive. The costs are upward of a million-dollar per applications or more depending on the complexity of the application.

Read More

Google Cloud launches from Google I/O 2021

Article | May 25, 2021

And that’s a wrap for Google I/O 2021! Its virtual nature this year surely didn’t stop its viral nature, as we saw over 215,000 registrants, over 235 sessions, 186,565 badges earned, and dozens of workshops and AMAs. Viewers from around the world once again tuned in to learn about the latest launches from Google, including Android, WearOS, Flutter, and TensorFlow. Developers came to sharpen their skills by learning the newest tools, APIs, and improved experiences to help them build. Google Cloud has become a big part of the excitement as it unveiled a number of major launches around AI, Google Workspace, and sustainability, including a new unified AI platform, rich collaborative experiences, and breakthroughs in carbon-aware computing. If you couldn’t make it and want a quick list of the best cloud sessions, check out my cloud developer’s guide to I/O. To get to the heart of Google Cloud I/O announcements, read on.

Read More

Spotlight

DataStax

DataStax helps companies like Netflix, ING, British Gas, Intuit power data management for their cloud applications. The customers of these companies have billions of defining moments each second around the globe. The moment they get that personalized online deal, watch a streamed movie, manage their finances with ease, know exactly when a package will arrive, efficiently manage a manufacturing process or visit a new physician who already has all the information she needs about her patient. DataStax is the power behind these moments.

Events