Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks

Weaveworks
WeaveworksWeaveworks
Securing Developer Workflows March 2019 Webinar Brice Fernandes – brice@weave.works – @fractallambda Simon Maple - simon@snyk.io – @sjmaple 1
● Building cloud-native OSS and commercial products since 2014 (Weave Net, Moby, Kubernetes, Prometheus) ● Founding member of CNCF ● Weave Cloud runs on Kubernetes since 2015 ● We developed “GitOps” - more later! ● Kubernetes support subscriptions, training and consulting 2 About Weaveworks
snyk.io About Snyk Snyk helps developers use open source code and stay secure ● Detect: Uncover vulnerabilities & license violations in the libraries your apps use ● Fix: Seamlessly fix discovered issues through automated upgrades and custom patches ● Monitor: Get alerted when new vulnerabilities affect your apps and fix them before attackers act
Transform your CICD pipeline with GitOps 4
Typical CICD pipeline Continuous Integration Cluster API Continuous Delivery/Deployment Container Registry CI Code Repo Dev RW CI credsGit creds RW CR creds3 RO RW API creds CR creds1 Shares credentials cross several logical security boundaries. Boundary RO RW Container Registry (CR) creds2
The GitOps Model 6
7 GitOps is... An operation model
8 GitOps is... An operation model Derived from CS and operation knowledge
9 GitOps is... An operation model Derived from CS and operation knowledge Technology agnostic (name notwithstanding)
10 GitOps is... An operation model Derived from CS and operation knowledge Technology agnostic (name notwithstanding) A set of principles (Why instead of How)
11 GitOps is... An operation model Derived from CS and operation knowledge Technology agnostic (name notwithstanding) A set of principles (Why instead of How) Although Weaveworks can help with how
12 GitOps is... An operation model Derived from CS and operation knowledge Technology agnostic (name notwithstanding) A set of principles (Why instead of How) A way to speed up your team
13 1 The entire system is described declaratively.
14 1 The entire system is described declaratively. Beyond code, data ⇒ Implementation independent Easy to abstract in simple ways Easy to validate for correctness Easy to generate & manipulate from code
15 The canonical desired system state is versioned (with Git) 2
16 The canonical desired system state is versioned (with Git) Canonical Source of Truth (DRY) With declarative definition, trivialises rollbacks Excellent security guarantees for auditing Sophisticated approval processes (& existing workflows) Great Software ↔ Human collaboration point 2
17 Approved changes to the desired state are automatically applied to the system 3
18 Approved changes to the desired state are automatically applied to the system Significant velocity gains Privileged operators don’t cross security boundaries Separates What and How. 3
19 Software agents ensure correctness and alert on divergence 4
20 Software agents ensure correctness and alert on divergence 4 Continuously checking that desired state is met System can self heal Recovers from errors without intervention (PEBKAC) It’s the control loop for your operations
21 1 The entire system is described declaratively. 2 The canonical desired system state is versioned (with Git) 3 Approved changes to the desired state are automatically applied to the system 4 Software agents ensure correctness and alert on divergence
22 Canonical source of truth People Software Agents Software Agents
Cluster API GitOps pipeline Container Registry CI Code Repo Dev RO CR creds2 CI credsGit creds RO Deploy CR creds3 RO RW Config repo creds CR creds1 Credentials are never shared across a logical security boundary. RW RW RW Cluster API creds Can al re s a s e Config Repo
Cluster API GitOps pipeline Container Registry CI Code Repo Dev RO CR creds2 CI credsGit creds RO Deploy CR creds3 RO RW Config repo creds CR creds1 Credentials are never shared across a logical security boundary. RW RW RW Cluster API creds Operator RW Config Repo
Cluster API GitOps pipeline Container Registry CI Code Repo Dev RO CR creds2 CI credsGit creds RO Deploy CR creds3 RO RW Config repo creds CR creds1 Credentials are never shared across a logical security boundary. RW RW RW Cluster API creds Operator RW Config Repo Pro s & co t t en c e t
Cluster API GitOps pipeline Container Registry CI Code Repo Dev RO CR creds2 CI credsGit creds RO Deploy CR creds3 RO RW Config repo creds CR creds1 Credentials are never shared across a logical security boundary. RW RW RW Cluster API creds Operator RW Config Repo Ex e t a di g an t ut
27 GitO n p a t
Secure your GitOps pipeline 28
Move from access to cluster to access to repository. ...So how to secure your repository? Controls 29
Securing your repositories 30
Mitigating user impersonation 31 1. Enforce Strong Identity in VCS (GitHub/GitLab) with GPG Signed Commits 2. Use Physical GPG Keys to increase security 3. Run GPG-Validating Code in CI
Prevent History Rewrites 32 1. Prevent Force Pushes to Master Branch 2. Backup Git Repositories
Prevent Removal of Security Features 33 1. Configure Git Provider with Infrastructure as Code 2. Monitor Git Provider’s Audit Logs 3. Verify Commits to Master
Don’t use deprecated software 34
snyk.io 35
snyk.io Do You Know Which Dependencies You Have?
snyk.io Your App
snyk.io Your Code Your App
snyk.io Each Dependency Is A Security Risk
snyk.io Direct Deps only All Deps (410!) What is NPM Inception? Package within a package within a package?
snyk.io Do you know, for EVERY SINGLE DEPENDENCY if its developers have any Security Expertise?
snyk.io Do you know, for EVERY SINGLE DEPENDENCY if it underwent any Security Testing?
snyk.io Do you know, for EVERY SINGLE DEPENDENCY if it has any Known Vulnerabilities?
snyk.io Going Terminal
Get in touch brice@weave.works simon@snyk.io @fractallambda @sjmaple 45 Thank you Back to you, Sonja!
1 of 45

Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks

Download to read offline
Technology

Together with Snyk, the Weaveworks team will explain and demonstrate how GitOps continuous delivery pipelines combined with good security practices improves the overall security of your development workflow - from Git to production. In the webinar we will: - Examine security concerns in a typical CICD pipeline - Operate continuous delivery via pull request - Discuss Read/Write access in a GitOps pipeline - Share 5 tips and tricks on securing your source code repos from the beginning Blog on this topic: https://www.weave.works/blog/secure-gitops-pipelines-for-kubernetes-with-snyk-and-weaveworks

Weaveworks
WeaveworksWeaveworks

Recommended

Continuous Security for GitOps by
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOpsWeaveworks
664 views60 slides
Speeding up your team with GitOps by
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOpsBrice Fernandes
300 views88 slides
Hardening Your CI/CD Pipelines with GitOps and Continuous Security by
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityWeaveworks
404 views38 slides
Delivering Quality at Speed with GitOps by
Delivering Quality at Speed with GitOpsDelivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsWeaveworks
1.3K views98 slides
Gitops Hands On by
Gitops Hands OnGitops Hands On
Gitops Hands OnBrice Fernandes
924 views102 slides
GitOps - Modern best practices for high velocity app dev using cloud native t... by
GitOps - Modern best practices for high velocity app dev using cloud native t...GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...Weaveworks
12.1K views36 slides

More Related Content

What's hot

Intro to Kubernetes & GitOps Workshop by
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopWeaveworks
142 views56 slides
Continuous Lifecycle London 2018 Event Keynote by
Continuous Lifecycle London 2018 Event KeynoteContinuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event KeynoteWeaveworks
4.1K views122 slides
The journey to GitOps by
The journey to GitOpsThe journey to GitOps
The journey to GitOpsNicola Baldi
327 views22 slides
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura by
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturasparkfabrik
533 views102 slides
Security: The Value of SBOMs by
Security: The Value of SBOMsSecurity: The Value of SBOMs
Security: The Value of SBOMsWeaveworks
339 views21 slides
Hands-on GitOps Patterns for Helm Users by
Hands-on GitOps Patterns for Helm UsersHands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm UsersWeaveworks
220 views39 slides

What's hot(20)

Intro to Kubernetes & GitOps Workshop by Weaveworks
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps Workshop
Weaveworks142 views
Continuous Lifecycle London 2018 Event Keynote by Weaveworks
Continuous Lifecycle London 2018 Event KeynoteContinuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event Keynote
Weaveworks4.1K views
The journey to GitOps by Nicola Baldi
The journey to GitOpsThe journey to GitOps
The journey to GitOps
Nicola Baldi327 views
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura by sparkfabrik
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
sparkfabrik533 views
Security: The Value of SBOMs by Weaveworks
Security: The Value of SBOMsSecurity: The Value of SBOMs
Security: The Value of SBOMs
Weaveworks339 views
Hands-on GitOps Patterns for Helm Users by Weaveworks
Hands-on GitOps Patterns for Helm UsersHands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm Users
Weaveworks220 views
Gitops: the kubernetes way by sparkfabrik
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes way
sparkfabrik2.1K views
Docker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes by Andrew Phillips
Docker New York City: From GitOps to a scalable CI/CD Pattern for KubernetesDocker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Docker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Andrew Phillips449 views
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD by Sunnyvale
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Sunnyvale461 views
Openshift argo cd_v1_2 by RastinKenarsari
Openshift argo cd_v1_2Openshift argo cd_v1_2
Openshift argo cd_v1_2
RastinKenarsari103 views
Cloud Native Apps with GitOps by Weaveworks
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
Weaveworks1.9K views
Kubecon seattle 2018 workshop slides by Weaveworks
Kubecon seattle 2018 workshop slidesKubecon seattle 2018 workshop slides
Kubecon seattle 2018 workshop slides
Weaveworks969 views
Meetup 23 - 03 - Application Delivery on K8S with GitOps by Vietnam Open Infrastructure User Group
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Vietnam Open Infrastructure User Group462 views
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney by Weaveworks
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison DowdneySetting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Weaveworks1K views
GitOps Toolkit (Cloud Native Nordics Tech Talk) by Weaveworks
GitOps Toolkit (Cloud Native Nordics Tech Talk)GitOps Toolkit (Cloud Native Nordics Tech Talk)
GitOps Toolkit (Cloud Native Nordics Tech Talk)
Weaveworks1.7K views
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... by Weaveworks
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Weaveworks782 views
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern... by Andrew Phillips
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...
Andrew Phillips343 views
Scaling DevSecOps Culture for Enterprise by Opsta
Scaling DevSecOps Culture for EnterpriseScaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for Enterprise
Opsta239 views
GitOps & the deployment branching models - DevOps D-day Marseille 2021 by SoKube
GitOps & the deployment branching models - DevOps D-day Marseille 2021GitOps & the deployment branching models - DevOps D-day Marseille 2021
GitOps & the deployment branching models - DevOps D-day Marseille 2021
SoKube370 views
Making your app soar without a container manifest by LibbySchulze
Making your app soar without a container manifestMaking your app soar without a container manifest
Making your app soar without a container manifest
LibbySchulze337 views

Similar to Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks

Supply chain security - Develop quickly without inviting The Nefarious.pptx by
Supply chain security - Develop quickly without inviting The Nefarious.pptxSupply chain security - Develop quickly without inviting The Nefarious.pptx
Supply chain security - Develop quickly without inviting The Nefarious.pptxIvanMilchev1
9 views54 slides
GitOps 101 Presentation.pdf by
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfssuser31375f
430 views63 slides
Intro to GitOps with Weave GitOps, Flagger and Linkerd by
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdWeaveworks
85 views36 slides
Securing the Pipeline by
Securing the PipelineSecuring the Pipeline
Securing the PipelineThoughtworks
3.7K views37 slides
Deploy 22 microservices from scratch in 30 mins with GitOps by
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsOpsta
205 views46 slides
Slide DevSecOps Microservices by
Slide DevSecOps Microservices Slide DevSecOps Microservices
Slide DevSecOps Microservices Hendri Karisma
618 views48 slides

Similar to Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks(20)

Supply chain security - Develop quickly without inviting The Nefarious.pptx by IvanMilchev1
Supply chain security - Develop quickly without inviting The Nefarious.pptxSupply chain security - Develop quickly without inviting The Nefarious.pptx
Supply chain security - Develop quickly without inviting The Nefarious.pptx
IvanMilchev19 views
GitOps 101 Presentation.pdf by ssuser31375f
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdf
ssuser31375f430 views
Intro to GitOps with Weave GitOps, Flagger and Linkerd by Weaveworks
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Weaveworks85 views
Securing the Pipeline by Thoughtworks
Securing the PipelineSecuring the Pipeline
Securing the Pipeline
Thoughtworks3.7K views
Deploy 22 microservices from scratch in 30 mins with GitOps by Opsta
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
Opsta205 views
Slide DevSecOps Microservices by Hendri Karisma
Slide DevSecOps Microservices Slide DevSecOps Microservices
Slide DevSecOps Microservices
Hendri Karisma618 views
DevOps & DevSecOps in Swiss Banking by Aarno Aukia
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss Banking
Aarno Aukia167 views
Cncf checkov and bridgecrew by LibbySchulze
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
LibbySchulze1.4K views
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio... by Vietnam Open Infrastructure User Group
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Vietnam Open Infrastructure User Group74 views
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP by QAware GmbH
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
QAware GmbH20 views
DevSecOps with Confidence by VMware Tanzu
DevSecOps with ConfidenceDevSecOps with Confidence
DevSecOps with Confidence
VMware Tanzu308 views
Know What’s in Your Containers! Manage and Secure all Open Source that Compos... by DevOps.com
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
DevOps.com152 views
Securing microservices continuous delivery using grafeas and kritis by Vishal Banthia
Securing microservices continuous delivery using grafeas and kritisSecuring microservices continuous delivery using grafeas and kritis
Securing microservices continuous delivery using grafeas and kritis
Vishal Banthia6.5K views
CI/CD Pipeline with Kubernetes by Mukesh Singh
CI/CD Pipeline with KubernetesCI/CD Pipeline with Kubernetes
CI/CD Pipeline with Kubernetes
Mukesh Singh455 views
Continuous (Non-)Functional Testing of Microservices on K8s by QAware GmbH
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8s
QAware GmbH162 views
Controlled Evolution with Puppet and AWS by Puppet
Controlled Evolution with Puppet and AWSControlled Evolution with Puppet and AWS
Controlled Evolution with Puppet and AWS
Puppet1.3K views
Introduction to Kubernetes Security (Aqua & Weaveworks) by Weaveworks
Introduction to Kubernetes Security (Aqua & Weaveworks)Introduction to Kubernetes Security (Aqua & Weaveworks)
Introduction to Kubernetes Security (Aqua & Weaveworks)
Weaveworks502 views
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis... by Oleg Shalygin
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
Oleg Shalygin2.1K views
Pragmatic Pipeline Security by James Wickett
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
James Wickett286 views
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl... by sparkfabrik
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
sparkfabrik29 views

More from Weaveworks

Webinar: Capabilities, Confidence and Community – What Flux GA Means for You by
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWeaveworks
8 views37 slides
Six Signs You Need Platform Engineering by
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringWeaveworks
138 views26 slides
SRE and GitOps for Building Robust Kubernetes Platforms.pdf by
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfWeaveworks
153 views36 slides
Webinar: End to End Security & Operations with Chainguard and Weave GitOps by
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWeaveworks
54 views35 slides
Automated Provisioning, Management & Cost Control for Kubernetes Clusters by
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersWeaveworks
84 views20 slides
How to Avoid Kubernetes Multi-tenancy Catastrophes by
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesWeaveworks
83 views20 slides

More from Weaveworks(20)

Webinar: Capabilities, Confidence and Community – What Flux GA Means for You by Weaveworks
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Weaveworks8 views
Six Signs You Need Platform Engineering by Weaveworks
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform Engineering
Weaveworks138 views
SRE and GitOps for Building Robust Kubernetes Platforms.pdf by Weaveworks
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
Weaveworks153 views
Webinar: End to End Security & Operations with Chainguard and Weave GitOps by Weaveworks
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Weaveworks54 views
Automated Provisioning, Management & Cost Control for Kubernetes Clusters by Weaveworks
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Weaveworks84 views
How to Avoid Kubernetes Multi-tenancy Catastrophes by Weaveworks
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy Catastrophes
Weaveworks83 views
GitOps Testing in Kubernetes with Flux and Testkube.pdf by Weaveworks
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
Weaveworks120 views
Implementing Flux for Scale with Soft Multi-tenancy by Weaveworks
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancy
Weaveworks153 views
The Story of Flux Reaching Graduation in the CNCF by Weaveworks
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCF
Weaveworks33 views
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp... by Weaveworks
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Weaveworks116 views
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv... by Weaveworks
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Weaveworks125 views
Flux’s Security & Scalability with OCI & Helm Slides.pdf by Weaveworks
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Weaveworks26 views
Flux Security & Scalability using VS Code GitOps Extension by Weaveworks
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension
Weaveworks18 views
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps by Weaveworks
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Weaveworks44 views
Intro to GitOps & Flux.pdf by Weaveworks
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
Weaveworks331 views
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr... by Weaveworks
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weaveworks59 views
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic... by Weaveworks
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Weaveworks71 views
DevOps Automation with GitOps: Consistent and Secure End to End Deployments by Weaveworks
DevOps Automation with GitOps: Consistent and Secure End to End DeploymentsDevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
Weaveworks55 views
Trusted Application Delivery: Achieving Ultimate Security by Weaveworks
Trusted Application Delivery: Achieving Ultimate SecurityTrusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate Security
Weaveworks70 views
Terraform and Weave GitOps: Build a Fully Automated Application Stack by Weaveworks
Terraform and Weave GitOps: Build a Fully Automated Application StackTerraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application Stack
Weaveworks298 views

Recently uploaded

Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...ShapeBlue
158 views20 slides
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT by
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITUpdates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITShapeBlue
166 views8 slides
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ by
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericConfidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericShapeBlue
88 views9 slides
The Power of Heat Decarbonisation Plans in the Built Environment by
The Power of Heat Decarbonisation Plans in the Built EnvironmentThe Power of Heat Decarbonisation Plans in the Built Environment
The Power of Heat Decarbonisation Plans in the Built EnvironmentIES VE
69 views20 slides
Data Integrity for Banking and Financial Services by
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial ServicesPrecisely
78 views26 slides
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates by
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesKeynote Talk: Open Source is Not Dead - Charles Schulz - Vates
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesShapeBlue
210 views15 slides

Recently uploaded(20)

Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by ShapeBlue
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
ShapeBlue158 views
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT by ShapeBlue
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITUpdates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
ShapeBlue166 views
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ by ShapeBlue
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericConfidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
ShapeBlue88 views
The Power of Heat Decarbonisation Plans in the Built Environment by IES VE
The Power of Heat Decarbonisation Plans in the Built EnvironmentThe Power of Heat Decarbonisation Plans in the Built Environment
The Power of Heat Decarbonisation Plans in the Built Environment
IES VE69 views
Data Integrity for Banking and Financial Services by Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely78 views
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates by ShapeBlue
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesKeynote Talk: Open Source is Not Dead - Charles Schulz - Vates
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates
ShapeBlue210 views
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T by ShapeBlue
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TCloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
ShapeBlue112 views
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit... by ShapeBlue
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
ShapeBlue117 views
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue by ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlueElevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
ShapeBlue179 views
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue by ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlueCloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
ShapeBlue94 views
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O... by ShapeBlue
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue88 views
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue by ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlueCloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
ShapeBlue93 views
Uni Systems for Power Platform.pptx by Uni Systems S.M.S.A.
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptx
Uni Systems S.M.S.A.61 views
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue by ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
ShapeBlue103 views
DRBD Deep Dive - Philipp Reisner - LINBIT by ShapeBlue
DRBD Deep Dive - Philipp Reisner - LINBITDRBD Deep Dive - Philipp Reisner - LINBIT
DRBD Deep Dive - Philipp Reisner - LINBIT
ShapeBlue140 views
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ... by ShapeBlue
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
ShapeBlue123 views
Business Analyst Series 2023 - Week 4 Session 7 by DianaGray10
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
DianaGray10126 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Network Automation Forum50 views
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... by ShapeBlue
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
ShapeBlue144 views
Ransomware is Knocking your Door_Final.pdf by Security Bootcamp
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdf
Security Bootcamp90 views

Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks