Joseph's Cloud Library

Software supply chain security- Kritis

In our previous posts we saw what binary authorization is and then ran a sample pipleline using cloud build. In this post, we will look at extending that pipeline with few additional checks using opensource admission controller knows as ‘kritis’. Kritis Kritis is an admission controller that when you’re deploying to Kubernetes specifically, it will run the policy checks that your cluster admin…

Software supply chain security – Binary Authorization & Cloud Build

In the last post, we saw the details of the binary authrorisation and how it works using an example policy. This is the follow-up post with a very simple demonistration. today we see how you can use ‘cloud build’ as an attestor for binary authorisation and let only images built by ‘cloud build’ to be deployed to your Google Kubernetes Engine (GKE) Clusters. This is a very useful starting point to…

Software supply chain security – Binary Authorization on Google Cloud

Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Google Kubernetes Engine (GKE) or Cloud Run.  Binary authorisation works based on the policies that you create. These policies can be scoped at the whole Google cloud project or target a specific Google Kubernetes Engine cluster. By using these policies, you can Require images to be…

Software supply chain security

Software supply chain security helps organizations detect, identify, analyze, and mitigate risks associated with the digital artifacts that enter their software via third parties like open source libraries, commercial software vendors, or outsourced development. A comprehensive supply chain security strategy combines risk management and cybersecurity principles to assess supply chain risks and…

Google Cloud products in 4 words or less (2022 edition)

It’s now easier than ever to quickly get up to speed on Google Cloud products, find those that you’re most interested in, and then take a deeper dive into documentation, videos, and other available resources The new cheat sheet even works as a flashcard quiz, which comes in really handy if you are preparing for Google Cloud certifications. This cheatsheet is also integrated into Google Cloud…

ISTIO on Google Kubernetes Engine #GKE #ISTIO

Google Kubernetes Engine now has a new option to install ISTIO. it is – you can now enable istio on your GKE cluster as an addon Istio on Google Kubernetes Engine is a tool that provides automated installation and upgrade of Istio in your GKE cluster. When you upgrade GKE, Istio on GKE is automatically upgraded to the most recent GKE-supported version of Istio. This lets you easily manage the…

Get AWS Certified: Solutions Architect Challenge – free training + 50% off exam coupan

Join this challenge and set a goal for earning AWS Certified Solutions Architect – Associate. Follow a recommended preparation path to earn your certification before AWS re:Invent 2021. Get exam ready with free training, including our new series on Twitch, AWS Power Hour: Architecting. By signing up, you’ll also be eligible for a 50% discount voucher for the exam. register @…

Deploying java based microservices to cloud- Runtimes

So .. which one is the best or right choice of the runtime for your java based applications ? There is no direct answer for this question as it depends on various factors. Most of this series deals with enterprise envrironments hence some runtimes havent been disucssed. If you feel it worth putting them into contention , please let me know in the comments section. What do you need to consider…

Deploying java based microservices to cloud

In this series , we will be looking at the deploying java based microservices to cloud. first we take a look at runtime options to package and run the microservices , then we look at the containerising/packaging the microservices to run on Kubernetes,cloud. During this series , we will talk about IBM WebSphere, Liberty Profile , Open Liberty , Docker, Kubernetes If you are new to Liberty…

Google Anthos vs AWS outposts vs Azure stack vs Openshift vs PKS

After my last few posts about Anthos , some of you have reached out to me asking how does it compare to the likes of Openshift , PKS, AWS outposts and Azure stack. To explain this in a simple way .. Lets classify these as 2 types. RedHat OpenShift and PKS, are categorized as container application platforms. These are software-based and are designed to run on multiple platforms and be…

Anthos clusters on VMware (GKE on-prem) #Anthos

Anthos clusters on VMware runs in your data center providing you an anthos on-prem option for Google Kubernetes Engine. Anthos clusters on VMware uses VMware’s vCenter Server to manage your clusters. With Anthos clusters on VMware, you can create, manage, and upgrade Kubernetes clusters in your on-premises environment. Connect allows you to connect any of your Kubernetes clusters to Google…

Anthos - Capabilities and Setup #Anthos

In the previous article, we learned about what is Anthos and Anthos main components. Today we take a look at Anthos architecture and where can you setup Anthis. Anthos capabilities Hybrid Cloud capability – Running Enterprise workloads which cannot be moved to Cloud can run on On-premise infrastructure with flexibility of accessing services from GCP and migrating workloads to & from…

Google Cloud Anthos – Essential introduction

Anthos is described by google on their documentation as Anthos is a managed application platform that extends Google Cloud services and engineering practices to your environments so you can modernize apps faster and establish operational consistency across them.Anthos Modern Application Platform  |  Google Cloud So, what is Anthos? Anthos is not a technology or tool but it’s a brand.…

Coming soon to this blog … Anthos!

After few months of inactivity … there is some exciting news! I’ll soon be running a series of posts about Google Anthos. Anthos is a managed application platform that extends Google Cloud services and engineering practices to your environments so you can modernize apps faster and establish operational consistency across them.

Microsoft Ignite Cloud Skills Challenge

Participate in the Microsoft Ignite Cloud Skills Challenge to earn a free Microsoft Certification exam and a chance to win prizes! Choose up to six different challenges to complete on Microsoft Learn. After you’ve completed your first challenge, you’ll earn a free Microsoft Certification exam. For each challenge you complete, you’ll earn five entries into a sweepstakes. One grand prize winner…

Microsoft Azure Virtual Training Day: Fundamentals training + free certification voucher

During this training event, you will explore how to:

Get started with Azure

Integrate Azure with your existing networks

Better understand key cloud concepts and core services, including pricing, support and cloud security

After completing this free training, you’ll be eligible to take the Microsoft Azure Fundamentals certification exam at no cost.

Here’s what you can expect:

Day 1Day…

Free course – AZ-500 : Microsoft Azure Security Technologies

This course introduces the skills required for through a series of Virtual Training Series (VTS) of between 1 and 2 hours each. To watch each VTS recorded session on demand, you’ll need to register at the link provided. From these VTS, you will learn how to how to implement security controls, maintain the security posture, and identify and remediate vulnerabilities by using a variety of security…