Charles-Edouard BrétéchéKyverno — Verify Kubernetes control plane imagesIn this story we are going to deploy a local Kubernetes cluster using kind, then we will deploy Kyverno and use it to verify Kubernetes…Apr 14, 2023Apr 14, 2023
Charles-Edouard BrétéchéKyverno 1.7 — Idempotent policies are comingBefore Kyverno 1.7May 25, 2022May 25, 2022
Charles-Edouard BrétéchéKubernetes Security — Explore Cilium host firewall and host policiesIn this story I’m going to explore the Cilium host firewall and host policies, and see how we can use them to harden communications in a…Mar 15, 20223Mar 15, 20223
Charles-Edouard BrétéchéKubernetes Security — Benefits of Cilium clusterwide network policiesI wrote about Cilium network policies in a previous story.Mar 6, 20221Mar 6, 20221
Charles-Edouard BrétéchéKubernetes Security — Control pod to pod communications with Cilium network policiesIn this article we’re going to explore Cilium network policies and how we can use them to control pod to pod communications.Mar 5, 20222Mar 5, 20222
Charles-Edouard BrétéchéKubernetes Security — Use Kyverno Policy Reporter to fix Kyverno deploymentIn this story I will show how to deploy Kyverno components in a local Kubernetes cluster, and use policy-reporter to spot violations in…Feb 28, 2022Feb 28, 2022
Charles-Edouard BrétéchéUsing Kyverno policies with ArgoCDKyverno and ArgoCD are two great Kubernetes tools.Feb 25, 2022Feb 25, 2022
Charles-Edouard BrétéchéKubernetes Security — Pod Security Standards using KyvernoThe Pod Security Standards define three different policies to broadly cover the security spectrum. These policies are cumulative and range…Feb 24, 2022Feb 24, 2022
Charles-Edouard BrétéchéSecuring Grafana with Keycloak SSOIn this story i will show how to deploy and configure Keycloak in a local Kubernetes cluster, then deploy Grafana and use the Keycloak…Feb 22, 20222Feb 22, 20222
Charles-Edouard BrétéchéManage SSL certificates for local Kubernetes clusters with cert-managerI use local Kubernetes clusters extensively and often need to browse websites or call APIs hosted in my local cluster.Feb 9, 20221Feb 9, 20221