Blog>>Deep dive

BLOG / Deep dive

Thumbnail of an article about Continuous monitoring and observability in CI/CD
OPERATIONS

Continuous monitoring and observability in CI/CD

Deploying a CI/CD pipeline is only a half success. To complete the deployment, you need to establish continuous monitoring and observability which will allow you to collect metrics and actionable insights. In this blogpost you will learn about the principles of monitoring and observability, how they are related and how automation can streamline the entire deployment process. DevOps culture is a good starting point here, as understanding the DevOps advantages and its principles will allow you to contextualize continuous monitoring and observability.
Thumbnail of an article about How to build a test automation framework in the cloud
QUALITY ASSURANCE
CLOUD

How to build a test automation framework in the cloud

Have you ever wondered how to set up a test automation framework directly in the cloud? Well, in this blog post you will learn about everything you’ll need to successfully create such a framework. We’re going to look at the pros and cons of preconfigured testing environments and those that are created dynamically. We’ll then show you how to include software testing in a CI/CD pipeline and achieve high level automation. Finally, we’ll break down what a message broker is and how it can be used when creating a testing architecture.
Thumbnail of an article about Kubernetes workloads — using multiple networks
NETWORKS

Kubernetes workloads — using multiple networks

Since there is no separate networking object among Kubernetes objects enabling the running of multiple networks, a workaround is required. Using a Container Network Interface (CNI) is a good place to start. Read this blog post to learn how you can use it to get multiple networks for Kubernetes workloads. I also describe my proposal for changes in source code that will enable native handling of multiple networks in Kubernetes. This blog post is based on the presentation which Doug Smith from Red Hat and I gave at the KubeCon+CloudNativeCon North America 2019 conference.
Thumbnail of an article about Seamlessly transitioning to CNFs with Tungsten Fabric
NETWORKS

Seamlessly transitioning to CNFs with Tungsten Fabric

Cloud-native Network Functions (CNFs), by all appearances, seem to be the next big trend in network architecture. They are a logical step forward in the evolution of network architecture. Networks were initially based on physical hardware like routers, load balancers and firewalls. Such physical equipment was then replaced by today’s standard, VMs to create Virtualized Network Functions (VNFs). Now, a lot of research is going into moving these functions into containers. In such a scenario, a container orchestration platform would be responsible for hosting CNFs.
Thumbnail of an article about Uncontainerizable VNFs in a CNF environment
NETWORKS

Uncontainerizable VNFs in a CNF environment

Cloud-native network functions (CNFs, for short) are a hot topic in network architecture. CNFs use containers as the base for network functions and thus would replace today’s most widely used standard, Virtual Network Functions (VNFs). In such a scenario, a container orchestration platform--Kubernetes, say--could be responsible not only for orchestrating the containers, but also for directing network traffic to proper pods. While this remains an area under research, it has aroused considerable interest among industry leaders.
Thumbnail of an article about How can DPDK access devices from user space?
SOFTWARE DEVELOPMENT
NETWORKS

How can DPDK access devices from user space?

DPDK (Data Plane Development Kit) is a set of libraries for implementing user space drivers for NICs (Network Interface Controllers). It provides a set of abstractions which allows a sophisticated packet processing pipeline to be programmed. But how does DPDK work? How is it able to access the hardware directly? How does it communicate with the hardware? Why does it require a UIO module (Userspace input-output)? What are hugepages and why are they so crucial? In this blog post I will try to explain, with a reasonable amount of detail, how a standard kernel space NIC driver works, how a user space program can access hardware and what can be gained from having it do so.
Thumbnail of an article about Security in Kubernetes — overview of admission webhooks
CLOUD

Security in Kubernetes — overview of admission webhooks

This blog post is a continuation of two previous posts on security mechanisms in Kubernetes. If you have not yet read them, click here for part 1 and part 2 to see how you can provide an adequate level of security in Kubernetes deployments. Existing admission controllers are very useful, as they allow you to validate or modify requests to a Kubernetes API server. However, they have two limitations: They have to be compiled into an API server and can be configured only on the API server startup. The flexibility of admission webhooks helps solve these problems.Once enabled, their behavior depends on the special application running inside the Kubernetes cluster.
Thumbnail of an article about How to make your Kubernetes cluster secure
CLOUD

How to make your Kubernetes cluster secure

In the last couple of years Kubernetes (K8s) has become one of the most popular tools for running containerized applications. Many cloud companies, major ones among them, have adopted it to orchestrate their container-based workloads. Given its popularity, the problem of K8s security is becoming even more pressing. Read our two-part blog post series on how to make a Kubernetes cluster secure. Part one provides a brief history of virtualization, presents admission controllers and how they work and shows how Pod Security Policies, a powerful admission controller, can help you manage user actions on Kubernetes cluster.
Thumbnail of an article about The benefits of Pod Security Policy — a use case
CLOUD

The benefits of Pod Security Policy — a use case

In the previous post I looked at how security is handled in Kubernetes. Let’s now see how it works in practice. One of the most powerful controllers is the Pod Security Policy admission controller (PSP). PSP is a cluster-level security mechanism that enables control over sensitive aspects of pod specification. It allows you to define a set of conditions a pod must meet in order to be accepted into the system.The following use case illustrates how it works. Let’s assume that we have a shared file system
Thumbnail of an article about How to use NVIDIA GPUs with Kubernetes — CodiLime approach
CLOUD

How to use NVIDIA GPUs with Kubernetes — CodiLime approach

The combination of NVIDIA GPUs, to allow computing power to be harnessed, and Kubernetes, responsible for managing containerization, may seem like a perfect marriage of two complementary tools, and an obvious solution. Yet, at the technical level, this combination, like many marriages, turned out to be more tricky than might have been expected. Read this blogpost to find out how CodiLime managed to find a way to deal with this matter. Let’s introduce the main characters then: NVIDIA GPUs (Graphic Processing Units) are powerful tools used to accelerate computationally-intensive tasks.
arrow

Get your project estimate

For businesses that need support in their software or network engineering projects, please fill in the form and we’ll get back to you within one business day.

For businesses that need support in their software or network engineering projects, please fill in the form and we’ll get back to you within one business day.

We guarantee 100% privacy.

Trusted by leaders:

Cisco Systems
Palo Alto Services
Equinix
Jupiter Networks
Nutanix