Tag: technical blogs

Deploying Prometheus and Grafana on Kubernetes

Monitoring a Kubernetes Cluster is the need of the hour for any application following a microservices architecture. There are a bunch of solutions that one can implement to monitor their Kubernetes workload and one of them is Prometheus and Grafana. This article will help you to deploy Prometheus and Grafana in your kubernetes cluster with the help of prometheus-operator.

But before setting up these components let’s understand a bit about each of them.

Prometheus

Prometheus is a pull-based open-source monitoring and alerting tool originally built by SoundCloud. It works on a time-series database and scrapes metrics at a given interval from HTTP endpoints. After Kubernetes, Prometheus joined the Cloud Native Computing Foundation in 2016 as the second hosted project.

Alertmanager

The Alertmanager takes care of alerts sent by alerting tools such as the Prometheus server. It handles grouping, silencing, and routing them to the correct receiver integration such as email, PagerDuty, Slack, etc. It also supports the inhibition of alerts.

Grafana

Grafana is the visual representation of metrics collected by a data source which in our case happens to be Prometheus. We can create or import dashboards for grafana which will make use of promQL to visually represent metrics collected by Prometheus.

Continue reading “Deploying Prometheus and Grafana on Kubernetes”

Securing Kubernetes Traffic with Cert-Manager & Lets Encrypt 

why do we need to use cert-manager?

Cert-Manager simplifies the process of creating & renewing certificates. It makes sure your certificate is valid and up to date by renewing the certificate automatically for you in your kubernetes cluster. So that your domain certificate never expires.

What is Cert-Manager?

Cert-Manager is a Kubernetes native certificate management controller consisting of a set of CustomResourceDefinitions. When we add cert-manager in our Kubernetes cluster it adds on the certificate & certificate issuers as custom resource types in the Kubernetes cluster. which helps in adding or renewing the certificate. It also ensures that your certificate is valid and up to date. Cert-manager can issue certificates from a variety of sources such as let’s encrypt, Vault, and SelfSigned, Venafi.

How cert-manager is related to HTTP & HTTPS?

As cert-manager helps in assigning the certificate from certificate Issuers to our domain. Now that certificate will be used by HTTPS protocol where “S” stands for secure. HTTP protocol was developed in the early 1990s and was initiated by Tim Berners-Lee. HTTP gives users a way to interact with web resources such as HTML files by transmitting hypertext messages between clients and servers. However, it does not provide a single level of security when exchanging information between client and server. Therefore it is more prone to attackers as it sends that data as plain text.

Continue reading “Securing Kubernetes Traffic with Cert-Manager & Lets Encrypt “

Increasing Code Reusability Using Task Groups in Azure DevOps

Introduction

Let’s assume a scenario in which you are repeating a few tasks from your pipeline into multiple stages and/or pipelines or projects. In that case, it gets really tiring to repeat and configure each task individually over and over again. Azure DevOps provides the feature of Task Group in which we can encapsulate a sequence of tasks from our build or release pipelines and reuse those tasks in other pipelines. Continue reading “Increasing Code Reusability Using Task Groups in Azure DevOps”

Monitoring and Release tracking with Sentry

Before we deep dive into the topic let’s focus on why we need this tool and why we need this feature in our toolbox. In the world of errors and bugs, we will find many errors to debug and keep our system stable. So many applications need monitoring to analyze the performance of running application but what if:

  • we are not getting 100% analysis
  • only got the handled error exceptions
  • our applications have some anonymous errors which weren’t tracked in our system status error code and that continuously increased the load or downtime, and many more.

Will you actually debug that kind of error? How difficult is it to identify what caused Application Crash? Some organizations have set custom status codes for similar or multiple look-alike error strings but what if they are actually not similar, and you would be like “ignore, that’s our handled one we are throwing that status code”.

Continue reading “Monitoring and Release tracking with Sentry”

Introduction to Azure Security

DevOps Security or DevSecOps is a set of practices and tools that bring together software development (Dev), IT operations (Ops), and security (Sec) to increase an organization’s ability to deliver applications and services securely. DevOps presents new risks that create security challenges that cannot typically be addressed by conventional security management solutions and practices. One of the prominent security challenges in DevOps environments is privileged access management. DevOps processes require human and machine privileged credentials which are quite powerful and highly susceptible to
cyber-attacks. So strong security practices should be inserted throughout the application lifecycle to reduce vulnerabilities, improve security posture and mitigate risk.

Continue reading “Introduction to Azure Security”