Setup a CloudWatch event to detect any status changes in your CI/CD Pipeline and have them sent as messages to a Slack channel of your choice

It’s not exactly an efficient engagement when DevOps and application developers have to go back and forth about status updates for ongoing deployments or in-progress builds. I don’t think either team should really be watching pipelines as they progress. I suspect most people would want to get notified in real-time through an appropriate channel. The principle of sending out status notifications from your pipeline using cloud functions to target some kind of channel with the relevant stakeholders is something that can be applied with different types of technologies. …


Secure your Kubernetes cluster on AWS by integrating IAM users and roles with RBAC to restrict actions that get carried out on resources

You may have heard people refer to Kubernetes as API centric. That is, what happens in the cluster revolves around a core component in the control plane (or master node) known as the API Server. The API server is like a gatekeeper for your entire cluster. If you want to CRUD (Create, Read, Update, Delete) any Kubernetes objects, it has to go through this API. The API Server validates and configures the API objects such as pods, services, replication controllers and deployments. All of the interaction that takes place between the different clients and the API Server are REST based…


Setup your Kubernetes cluster in an AWS VPC, deploy an application server to the node group in your private subnet and access it through an LB service

In my most recent post, I demonstrated how to deploy a containerised application onto ECS Fargate in a private subnet of a VPC and how to securely expose the deployed application via API Gateway. This time around I want to explore another COE (Container Orchestration Engine) that AWS has to offer, Amazon EKS. Both are managed, highly available and highly scalable container platforms. However, EKS is essentially Kubernetes as a service and thus requires an understanding of the powerful engine and its components in order to get the most out of it. It has a steeper learning curve than ECS…


Build a secure and private VPC network infrastructure for your ECS Fargate application and setup a secure private integration with API Gateway

Coming up with a title for this post was a tricky one, and I can hardly say that I nailed it. I definitely tried to craft it to capture the attention of potential readers to “sell it”. However, my goal wasn’t just to signal you with buzzwords. If any of the services mentioned in the title caught your attention then I think this post can be of value to you, primarily if you are concerned about not merely deploying containerised applications to the cloud, but also ensuring performant and secure accessibility to your containerised applications. …


Learn how to ensure that you only push secure Docker Images to production by detecting security vulnerabilities in your pipelines

Containerising applications offers numerous benefits. However, you want to make sure that your containers are based on secure images and that you can be aware of any vulnerabilities in your applications and their dependencies. A security platform like Snyk offers this kind of in-depth container image scanning and security.

In this post, I’ll be demonstrating how you can setup a two stage pipeline in AWS with GitHub as the source along with the CI/CD tools CodeBuild and CodePipeline using Terraform. In addition, we will create an application that we will create a Docker image from to scan, test and configure…


Learn how containerisation technology works and how it differs from Virtual Machines for the next time it comes up at the dinner table

Some of my family members and friends tuned in to watch my virtual talk at DockerCon 2020 and I was highly appreciative of it. The discussion I had with most of them afterwards, however, wasn’t about how I over simplified certain concepts or conveyed a wrong idea of something specific in my talk. For the most part they had absolutely no idea what I was talking about, but did walk away with at least one word they clung to, ‘containers’.

I must say, I certainly enjoyed trying to breakdown the concept of containerisation and Docker to each of them. I…


I had the awesome opportunity of speaking at DockerCon 2020, and I did so from my lounge 😃 somewhere in Johannesburg, South Africa. The crew at Docker Inc and the Cube deserve a lot of credit for pulling off such a great free digital experience for thousands around the world. If you didn’t get a chance to watch the live streaming event, you can still catch all the recordings here.

I must say, I was quite ambitious with how much I hoped to cover with my talk. Regardless, I wanted to impart knowledge to help others go from a local…


Learn how to create and deploy a serverless static site to S3 with an AWS CI/CD workflow

Static sites have somewhat become the de facto front-end solution with modern web apps. Hence the increasing popularity of frameworks and libraries such as React, Angular and Vue, amongst others. Their power (static sites that is) lies in how simple they are to serve whilst eliminating some of the vulnerabilities that you would encounter with sites that take user data, and then execute code on that data server side. In contrast, the attack surface is much smaller in static sites because there’s no code that’s running on the server other than the code that sends out static content in response…


Caching is one of the most effective techniques or strategies to optimise application performance and user experience. It can be implemented both on the frontend and on the backend. Frontend caching involves storing response data (data returned from requests) on the client side which results in faster navigation and reduces the the number requests sent to the backend. Backend caching can dramatically increase the read performance of an application and can be used with any type of database.

In this post, I’ll be focusing on the latter and demonstrating how to make use of Redis as our caching layer and…


Learn what’s going on under the hood of MySQL, PostgreSQL, and other relational databases

At first glance, this might appear to be a pointless read to some. Why bother with such an elementary topic? Furthermore, in the midst of an increasing number of cool managed database services, is it still worth knowing the nuts and bolts of how databases work?

I would argue that it is. Indeed, this post may not be directly applicable to you, and that’s fine. However, data is integral to a number of modern applications and you want to know how best to store, manage, and query it.

Even if you do go the route of a managed database service…

Lukonde Mwila

Senior Software Engineer at Entelect | Speaker | AWS Container Hero

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store