July 03, 2022
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques Part 1
Learn about the first four threat vectors in Kubernetes: initial access, execution, persistence, and privilege escalation.
July 01, 2022
How to Configure your Repos for Multi-Tenancy and GitOps: Zscaler’s Use Case
In this talk Flux end user Zscaler explains how they adopted Flux to achieve multi-tenancy requirements. Multi-tenancy was not only a security but also a customer requirement and GitOps was a crucial component in this journey.
June 30, 2022
Add GitOps Without Throwing Out Your CI Tools
Many teams are hesitant to introduce changes to their CI pipeline to not disrupt the often complex continuous deployment (CD) patterns. GitOps however is more than CD, it provides automation, eliminates unpredictability of configuration drift and enhances security.
June 24, 2022
What is the Enterprise Market Perspective of GitOps?
In the GitOps Days keynote session “GitOps is the Way to Overcome the Scaling Wall by Introducing New Operational Models? An Enterprise Market Perspective” Philippe Ensarguet, CTO of Orange Business Service discusses why enterprises want to automate infrastructure management today. Costs and scale are the driving factors.
June 21, 2022
Getting Started With Weave GitOps
Weave GitOps Core is a free and open source continuous delivery product to run apps in any Kubernetes. It is powered by Flux but provides additional dashboarding functionality for a superior dev experience. Get started with GitOps today.
June 17, 2022
GitOps Days 2022 Recap: Intro to Kubernetes, GitOps, & Observability Tutorial
If you have missed last week’s GitOps Days 2022, you can now find a recap of our hands on workshop on the blog today. Seasoned Kubernetes and GitOps experts will lend you a hand in setting up K8s, a GitOps pipeline and observability for deployments.
June 14, 2022
Weave Policy Library: Introducing HIPAA Policies
In our latest Weave GitOps release, we added trusted application delivery and policy-as-code capabilities to Weave GitOps. Part of this release is the Weave Policy Library, which includes HIPPA compliance standards among other compliance family policies such as CIS Benchmarks and PCI DSS. Read on to learn more about the Weave Policy Library and HIPAA policies.
June 09, 2022
GitOps - The Path to A Fully-Automated CI/CD Pipelines
Automation is key to optimizing software delivery lifecycles. Learn how GitOps automates every step of a CI/CD pipeline for end-to-end automation.
June 07, 2022
Instrumenting Real-World Pre-Deployment Checks for GitOps
GitOps is a revolutionary practice that adopts philosophies of CI/CD and Infrastructure-as-a-code, but it needs a systematic approach. In this article, we’ve curated a list of pre-deployment checks that’ll ensure seamless deployment.
June 02, 2022
GitOps Days 2022 (June 8-9) - You’re Invited!
GitOps Days 2022 returns for 2 days (June 8-9) and the schedule is packed with visionary and educational talks from GitOps practitioners and thought leaders. Check out our speaker line up and register for our virtual event today!
May 31, 2022
Security for Application Delivery shifts left with GitOps for Visual Studio Code
The VS Code extension adds a Weave GitOps button in the sidebar of your IDE that allows you to access GitOps features without switching to another dashboard. You can view GitOps components and components as well as trigger reconciliation- read our latest blog for details.
May 26, 2022
James Governor from Redmonk discusses: DX, Guardrails, Golden Paths & Policy Management in Kubernetes
Watch our latest on demand webinar where James Governor, Redmonk discusses the increasing importance of DevEx. How can organizations embrace a superior developer experience that results in production excellence? What about security implications when enabling self service? Is platform engineering the golden path forward?
May 25, 2022
The New GitOps Extension on AKS and Azure Arc Enables Trusted Delivery and Control
GitOps is now an extension to Microsoft Azure Kubernetes Service (AKS) and Azure Arc-enabled Kubernetes to govern and control hybrid and multi-cloud environments. Learn more about the latest integration with Microsoft in this blog.
May 23, 2022
Lunar Bank Uses GitOps to Standardize Workflows and Enhance the Developer Experience
Lunar Bank needed to remove obstacles inhibiting their developer experience and autonomy while ensuring security and compliance is baked-into the deployment process. To enable this, they turned to GitOps and policies.
May 19, 2022
The 16-point Checklist for GitOps Success
For efficient GitOps management in your organization you need a GitOps checklist. Here’s a handy 16 point checklist you and your team can use when getting started. Build better code faster with GitOps.
May 17, 2022
Liquid Metal is Here: Supported, Multi-Cluster Kubernetes on micro-VMs and Bare Metal
Liquid Metal simplifies scaling Kubernetes clusters across multiple environments. Provision Kubernetes clusters dynamically across both lightweight VMs and bare metal with GitOps.
May 24, 2018
GitOps Workflows for Istio Canary Deployments
Read how GitOps workflows can be implemented to rollout and manage non-atomic canary releases to an Istio service mesh. Stefan Prodan then takes you through the steps of setting up a canary with GitOps workflows to Istio.
May 22, 2018
GitOps for Istio - Manage Istio Config like Code
Read how GitOps workflows can be implemented to rollout and manage non-atomic canary releases to an Istio service mesh. Stefan Prodan then takes you through the steps of setting up a canary with GitOps workflows to Istio.
February 20, 2018
Promote Container Images across Environments with Weave Cloud: Deploy
Weave Cloud Deploy is a Continuous Deployment/Delivery operator for Kubernetes which makes it super easy to automate releases to a cluster - but what about multiple clusters? Weave Cloud Deploy can filter tags - by tagging each image with an environment specific prefix, it’s possible for the same image build to be automatically released to each environment in turn.
February 15, 2018
How secure is your CICD pipeline?
Looking at a CICD pipeline with security in mind, reveals some interesting concerns. Consider the credentials and access typically assigned to each step, and what’s actually required for each step - Read Write access, and Read Only access. The CI system can be a target, because it’s got credentials for the source code, the image repo and the cluster, and it crosses two logical security boundaries. Learn how you can mitigate this with a GitOps approach.