A Simple Reverse Proxy Might Turn out to Be Dangerous Sometimes we inadvertently make assumptions that undermine our infrastructure security. In today’s article I want to share with you one of the most common mistakes that are made when setting up a reverse proxy. As always, real world use cases are the best ones to…
Read MoreOne of the most annoying aspects of using Sealed Secrets is their encryption design. They are tightly coupled to the namespace and name of the target Secret, meaning any changes to either require re-encrypting the Sealed Secret. This rigidity complicates workflows, especially when you need to duplicate or promote Secrets across environments. It breaks the…
Read MoreWhen monitoring Kubernetes clusters using Elastic Stack, the volume of logs can be overwhelming, often reaching gigabytes per minute. This is particularly true for OpenShift clusters, where significant traffic originates from system namespaces you might not be familiar with. Optimizing log collection becomes crucial for maintaining system efficiency and resource utilization. Success in this endeavor…
Read MoreDuring the NetEye User Group in November 2019, I presented the future vision of a new, completely distributed architecture to allow more flexibility, performance and scalability. In particular, a more flexible and scalable architecture is helpful for large environments such as Managed Service Provider infrastructures or for monitoring solutions as a service (i.e., NetEye 4…
Read More