In the cloud-native ecosystem, decisions and changes are made on a rapid basis. Applications get adapted and deployed multiple times a week or even day. Microservices get developed decentralized with different peoples and teams involved. In such an environment, it is crucial to ensure that applications are developed and operated safely. This can be done by shifting security left into the developer lifecycle but also by using DevSecOps to empower operations with enhanced monitoring and protection for the application runtime.

In this article, I would like to show you how GitLab can help you streamline your application security from a…


Before I introduce you to Azure Service Operator and how it helps you to manage your Azure resources with Kubernetes let me briefly start with why you should use it and where it can help. Let me give you two examples:

Think of a common cloud-native application. Some microservices running on Kubernetes, using Redis for caching and a database to persist state. In such a scenario a common practice is to store and manage the application and its dependencies together. Until now you might have packed your microservices into a Helm chart for easier deployment and also created some Terraform…


Before I talk about Policy and Governance for Kubernetes let’s briefly talk about policy and governance in general. In short, it means to provide a set of rules which define a guideline that either can be enforced or audited. So why do we need this? It is important because in a Cloud ecosystem decisions are made decentralized and also taken at a rapid pace. A governance model or policy becomes crucial to keep the entire organization on track. Those definitions can include but are not limited to, security baselines or consistency of resources and deployments.

So, why do we need…


This blog post is not a kind of post I would normally publish. I’m normally focusing on technical blog posts around Cloud, Kubernetes and containers.

But normal is not normal anymore. In this post, I would like to talk about my new conference life. A life where I attend conferences and meetups without leaving my apartment. 😉

My last four weeks

So what did I do in the last four weeks? Everything started with the Azure Virtual Community Days which was a great world-wide event streamed on Youtube with multiple tracks. I had the pleasure to talk about Containers and Kubernetes on Azure.


This post is an updated version of my previous post “Using Terraform with Azure” that I published some time ago. Now, nearly one year later, I have learned a lot and also optimized and extended the examples and code snippets here and there. As a result, we decided to publish all code in this public GitHub repository. This post should provide you with some further details on the project and any details around it. All below code snippets are related to this project.

The project

As mentioned above, we decided to publish everything needed to scaffold a new production-ready Terraform project on…


Feature image via Pixabay.

In my previous article “Part:1 How Containerized CI/CD Pipelines Work with Kubernetes and GitLab”, I wrote about Kubernetes’ popularity and importance in 2019. I also described the advantages of containerized pipelines with GitLab CI/CD and Kaniko offer. In this post, I would like to introduce more open source projects and GitLab features that help you deploy and run your cloud native application.

Enhance Application Deployments

Now let’s get back to application deployment and introduce you to the open source project Kustomize. Kustomize, which is part of the Kubernetes project and sponsored by sig-cli, lets you customize raw and template-free YAML files for multiple…


Feature image via Pixabay.

It is hardly surprising Kubernetes’ popularity continued to grow in 2019 and this trend will likely continue in 2020.

However, while it offers so many advantages, Kubernetes adoption has also revealed new difficulties that have to be addressed — and fixed. One of them is how we automatically deploy and manage our applications. With the below examples, I will share useful tips and tricks on how to enhance your Kubernetes CI/CD pipelines with the help of GitLab and open source technologies.


There are already many articles out there that provide you with details on how to containerize your .NET Core application. Nevertheless, I still saw the need to write a bit more detailed post which helps you to build a production-ready container image based on container and .NET Core best practices. This article is a part of Applied Cloud Stories initiative.

For better understanding, I will explain everything in detail based on a small sample ASPNET Core web application. You will find more details on the application itself here. Of course, the shared best practices are not limited to .NET Core…


Ephemeral Containers are a new kind of container that runs temporarily in an existing Pod to allow easy user integrations like troubleshooting a container workload.

Why do we need Ephemeral Containers?

The advantages of containers are that they run isolated processes by providing all needed dependencies using an immutable approach. By adding only the required dependencies into the image a container lowers attack vectors and provides faster startups and deployments. Building container images using the “distroless” approach (building them from scratch) is taking this to the next level by only containing the compiled application binary. Unlike ordinary container images, these are not based on any kind…


Azure Kubernetes Service is a fully managed Kubernetes Cluster provided by Azure. This means that you don’t have to care about anything related to the Kubernetes infrastructure and just care about your apps deployed on it. Unfortunately, that is not entirely true with regard to your worker nodes as mentioned in the documentation:

To protect your clusters, security updates are automatically applied to Linux nodes in AKS. These updates include OS security fixes or kernel updates. Some of these updates require a node reboot to complete the process. AKS doesn’t automatically reboot these Linux nodes to complete the update process.

Nico Meisenzahl

Senior Cloud & DevOps Consultant at white duck. MVP, Docker Community Leader, GitLab Hero, blogger & speaker. 👨‍💻🙋‍♂️ Loves Kubernetes, DevOps & Cloud.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store