In this post, I’ll discuss how I’m currently working to migrate a suite of apps from Docker Swarm to Kubernetes. The client chose this migration to align with more contemporary standards of container deployment and gain a more comprehensive feature set. Also, some products that they recently purchased were best supported as a Kube package. So you have a fuller …
A new trend of creating applications is emerging called Jamstack. No, this isn’t slapping together your favorite flavor of jelly (grape is the best) with peanut butter and two pieces of bread. The intent is an architecture that is faster, more secure, and easier to scale. It focuses on pre-rending and decoupling. This way, the solutions created are more reliable and resilient than before.
Pre-rendering comes by the way of using a static website via a CDN for high availability and security. No more serving your React app via web server like we’ve become accustomed to. It reduces cost and complexity by eliminating the regular maintenance and configuration of traditional servers.
Also, the idea of APIs and the ability to move them to things like Serverless functions creates more cost savings, elimination of traditional servers, and use of features only when they are requested. For more information, check out the Serverless website.
A one-hour discussion of Continuous Delivery with GitOps (using Kubernetes) with key concepts and real-time examples featuring trunk-based development and feature flags.
Developing custom applications is one of the hardest professional endeavors, and making them secure is even harder. Malicious actors are constantly changing tactics and strategies, which, unfortunately, makes it impossible to completely eliminate any security threat.
There needs to be a balance between delivering features quickly to meet business objectives and mitigating security risks. Thankfully, these two goals are not mutually exclusive. This blog post dives into the top mistakes that can be made while developing custom applications.
These recommendations are different from what would commonly be seen in an OWASP list, and they should be used in addition to whatever security practices and procedures are already in place by an organization’s infosec department. These recommendations are also written from an application architect’s (rather than an enterprise infrastructure) perspective, so most of them aren’t covered by existing security checklists.
In this post, I’ll show you how to use the new, web-based interface in Cloudflare to quickly configure a tunnel to your local resources for free. I’ll share some resources to improve the security and resiliency of the tunnel if you need it on a more permanent basis as well.