Skip to content

2024

Fortify Your Kubernetes Clusters: Encrypting Secrets with Sealed-Secrets

Introduction

In today's cloud-native world, Kubernetes has become the de facto standard for container orchestration. Kubernetes secrets are essential for storing sensitive data like passwords, API keys, and database credentials for workloads running on Kubernetes clusters.

However, many teams encounter a common issue while interacting with Kubernetes secrets:

  • The inadvertent exposure of the sensitive secrets when stored in version control systems.
  • Kubernetes secrets are base64 encoded. Base64 encoding can be easily decoded, leading to significant security vulnerabilities, including unauthorized access and potential data breaches.

To address this issue, various solutions exist, but in this blog, we will focus on one: sealed-secrets.

We will walk through a practical example of how to use sealed-secrets to secure your Kubernetes secrets, ensuring they are both version-controlled and protected.

Choosing Your Kubernetes Guardian: Ingress Controllers, Envoy GatewayAPI, or Istio?

Introduction

In the ever-evolving landscape of cloud-native applications, effectively managing traffic within a Kubernetes cluster is essential for optimizing performance, enhancing security, and achieving scalability. Several popular solutions have emerged to address these challenges, including Envoy, Envoy GatewayAPI, Ingress Controllers, and Istio. However, users often face confusion when deciding which solution best suits their specific use cases. In this blog post, we will explore the differences and similarities assisting you in selecting the optimal tool based on your requirements.

Getting Started With Rackspace OpenStack Flex

We're now mid-way through 2024, and the Rackspace Public Cloud team has been hard at work building and delivering the successor to the Rackspace OpenStack Public Cloud (OSPC) first launched in 2012. As Limited Availability (LA) access to our latest multi-tenant OpenStack-based public cloud approaches and content begins to build up here on the blog, I thought it prudent to provide guidance on how one might onboard themselves and build resources on the platform.

Dealing with SSH MAC Limitations in Modern Systems

Modern SSH configurations can sometimes lead to MAC (Message Authentication Code) limitations when connecting between systems with different client setups. I've recently run into this issue when operating from a Mac and connecting to newer operating systems, like NixOS. These limitations can be frustrating, but they are fixable with minimal effort. This post will show you how to change your SSH client to use an appropriate MAC, even if it's not explicitly allowed in your configuration.

Building NixOS from Another OS to Use as NixOS on OpenStack

A wordy title, but it was fun to write and hammers on "OS;" OpenStack / Operating System. With the release of OpenStack Flex, we have opened up some much needed ease of operation and functionality into our multi-tenant OpenStack platform. One of the many new features in our public cloud is the ability to simply create and manage custom images. In this blog post, we will guide you through creating a NixOS 24.05 QCOW2 image which is cloud ready. We'll use resources found in the nixos-openstack GitHub repository and we'll build all of this from Ubuntu within OpenStack Flex.

What is Rackspace Public Cloud (Flex)?

In 2006, before 'The Cloud' became a ubiquitous term, Rackspace launched one of the first utility-based computing services known as Mosso (later Rackspace Cloud). Move ahead to 2010, and you'll find Rackspace partnering with NASA to deliver the first release of OpenStack - a fully open-source and open standard cloud computing platform. In 2012, Rackspace launched the Rackspace Public Cloud based on OpenStack, and shortly thereafter began delivering private (hosted) clouds based on OpenStack. To say OpenStack runs through our veins is an understatement.

Welcome to the New Rackspace Cloud Blog!

Hello and welcome to the newly launched Rackspace Cloud blog! As a space dedicated to the latest innovations and insights in cloud technology, this blog is your go-to source for all things cloud computing at Rackspace. Whether you’re a seasoned cloud professional or just starting your journey into the cloud, we’re here to guide, inform, and inspire you with cutting-edge content.