23 min read

    Using Kubernetes Monitoring Mixins

    The term Kubernetes monitoring mixins appears in many Kubernetes related projects involving Prometheus and Grafana. Despite its broad usage, the details about it cannot be easily found. There are many...

    9 min read

    Building Multiplatform Container Images the Easy Way

    While doing some work on Trow, our image management solution for Kubernetes, we discovered how easy new tooling makes it to produce container images for multiple architectures. This post will show how...

    WTF is Cloud Native Data Security?

    If you’ve got something valuable, you can pretty much guarantee that someone will be looking to carry out unauthorised activities around it, and cloud workloads are exposed to just as many security ri...

    DevSecOps: Not the Tools, the Other Bits

    If you Google “DevSecOps”, and in particular if you read the typical security vendor blogs, you’d be forgiven for thinking that the term is all about automation and tooling. However, in much the same ...

    WTF…Can You Do about Software Supply Chain Attacks without Killing Open Source?

    When the White House says something is a threat, many people’s first reaction is to work out precisely what it is that the president and his aides are really trying to distract us from.

    SLO Strategy: Balancing Strategic Vulnerability with Uptime and Engagement

    We can get overly obsessed with uptime. We can actually set service level objectives (SLOs) too high. If we zero in on five-nines across the board, we risk compromising our teammates’ ability to innov...

    Tutorial: How to Set External-Secrets with Azure KeyVault

    In this tutorial, the last in our series on the External Secrets project, we will configure Azure KeyVault in order to have a safe way to access secrets, and then configure External-Secrets to fetch i...

    Key Results and Findings from the 2021 State of DevOps Reports by Humanitec, Google and Puppet

    The pandemic accelerated the economic transition to digital-native services and products. Across industries and categories, organisations aspired to scale their development performance in the face of ...

    WTF Is Our Most Critical Cybersecurity Resource? And How Can We Preserve It?

    A few years ago, I managed a user-experience designer who excelled at design but was wholly unfamiliar with the user end of cybersecurity software. It mystified him why I would overrule a straightforw...