I write this article for sharing my experience in the configuration of kubernetes services to expose outside, explaining advantages and disadvantages of the two different solutions most used: NodePort and Ingress controller. In this direction, after different years to work with kubernetes, I can say that the best solution doesn’t exists and it depends on ..
In this article I will go deeper into the implementation of networking in kubernetes cluster explaining a scenario implemented wit Calico network plugin. Calico is a open source networking and network solution for containers that can be easily integrated with kubernetes by the container network interface specification that are well described here. I chose ..
In this article I would like to share my experience of these last years in the management of microservices architecture making a comparison with monolithic applications, through the point of view of service operation, coherently to my experience. I’m very passionate about the system and network concepts behind the scenes – kernel namespace, onion ..
In this article I explain how to discovery new microservices in kubernetes balancing them automatically without loosing the sticky session feature necessary for managing stateful services. In order to archive it, I will use a new feature of haproxy, present starting from 1.8 version, that can update an HAProxy configuration during run time, and ..
In this article I will try to explain the best practises to follow in the implementation of docker containers running in cluster mode (swarm, kubernetes or something different) or not. I’m very passionate of the docker world because there are a lot of systems and network aspects very interesting to explore, manage and deep ..
I present in this article a simple HAProxy configuration to balance dynamically the http traffic to set of containers associated to a swarm docker service. You can find the project at this git hub link: https://github.com/stefano-gristina/haproxy–swarm. The reason to make it cames from fact the the microservices should be stateless, and it should permit ..
Docker swarm and kubernetes are the most widespread container orchestrators for running micro services spanned on different nodes of a cluster. They provide high availability, scalability, security and easy management to complex software architectures. The goal is reached from docker swarm using the stack concept that is a set of docker services related together; ..
This article has the goal to improve the awareness about the risks of a pivot attack where the target system is exploited through another compromised system. The classic defense against these type of attacks based on the company’s perimeter is obsolete and it requires new solutions and approaches. The systems are compromised generally by phishing attack forcing ..
WordPress is a free content management system used for hosting web sites. The web application written in php can running under apache or nginx. Whatever the solution adopted, it’s necessary to have a reverse proxy for better managing the web site and for performing SSL termination. In this article a solution with nginx as reverse ..
KVM is a virtualization solution for linux largely used in enterprise environment. It’s permits to define overlay networks scalable over public network by open virtual switch. Layer 2 networks encapsulated over udp packet, by VXLAN or GRE tunnel, enable an use efficient and versatile of network infrastructure. Docker is a open platform that permits to run ..