Photo by Ryan Quintal on Unsplash

Implementing distributed tracing is fast becoming a fundamental expectation when building modern (distributed) systems. However, this is yet another thing for developers to learn, and configuring distributed tracing on Kubernetes is hard, right? Actually, no. Getting started with Jaeger on Kubernetes has never been easier. Using the K8s Initializer, you can create a sandbox environment for your Kubernetes installation with a pre-configured Ambassador Edge Stack ingress controller, a Jaeger deployment for storing and visualizing distributed traces, and an OpenTelemetry Collector for granular control over observability. You can even install ArgoCD for deploying your own apps.

Taking 5 minutes to install…


I’ll have the honour to present an introduction to Serverless, Knative and the Ambassador API Gateway at the next All Day DevOps on November 12th, 2020.

It’s an exciting opportunity for me to showcase this talk at a global world-wide event. As I’ve put together a similar session over a year ago and presented it a few times at events in my local community — I’m based out of Montreal, Canada — , I recently had to refresh some of the content as technologies have matured over time and inspired my proposal to All Day DevOps (ADDO).

While I can’t…


Experience OpenTelemetry’s power in a simple Kubernetes sandbox environment

Photo by Patrick Hendry on Unsplash

Everyone loves hooking up 42 different types of observability tooling to all of their infrastructure and apps, right? No? Me neither, and this is why I’m so excited about OpenTelemetry. Not only is OpenTelemetry a specification that all of the observability/monitoring/APM vendors appear to be rallying around, it’s also a framework of standardized tools, APIs and SDKs. This truly has the potential to be the one observability standard to rule them all!

Accordingly, we are excited to announce an OpenTelemetry integration in the K8s Initializer project to enable observable application-ready Kubernetes playgrounds. Although the OpenTelemetry observability framework has not yet…


KUBERNETES MONITORING

A one-click option to narrow down the technology selection and simplify the adoption of distributed tracing in service-based architectures

The Kubernetes monitoring and distributed tracing landscape is hard to grasp. Although this conceptual approach to observability is nothing new — companies like New Relic revolutionized single-application performance monitoring (APM) over a decade ago — it took a few years and the Dapper publication for this idea to migrate to distributed applications. The importance of this technology is only increasing, as more and more of us are building “deep systems”.

As the industry is slowly but surely maturing, standardization is underway. Standardization means proprietary vendor solutions and open source projects are able to collaborate, making our lives easier. …


Towards a modern approach for addressing security threats, mitigating risks and shielding application deployments on Kubernetes

A web application firewall (WAF) is a network security component that inspects, sanitizes and redacts malicious HTTP requests for applications. Since WAFs are operating on the application layer (layer 7 in the OSI model), traffic payloads originating from users and bots can be analyzed, in the hopes of blocking malicious clients and letting legitimate client requests proceed. WAFs are a critical part of any enterprise platform as they’ll protect against Distributed Denial of Service (DDOS) attacks, OWASP Top Ten security risks, and apply advanced rate limiting strategies. A WAF will typically be used to safeguard dynamic services and APIs alongside…


When you are building Kubernetes applications, it’s easy to end up in with “authentication sprawl” where all of your services have different authentication mechanisms. This tutorial walks through how to centralize your authentication mechanisms using an IdP and an API gateway.

Keycloak is a widely adopted Identity and Access Management (IAM for short) open-source solution. 2014 was a big year for groundbreaking technologies as both the Keycloak and Kubernetes projects were initially released a few weeks apart. Unsurprisingly, many Kubernetes end-users are turning to Keycloak as the preferred way to manage access to the secure APIs and services of their platform.

Simply running Keycloak in Kubernetes won’t however make your platform secure. A lot of concerns are left to the user to configure and implement: from exposing the Keycloak API endpoints using TLS and an ingress-controller, to enforcing security policies on…


When you are building Kubernetes applications, it’s easy to end up in with “authentication sprawl” where all of your services have different authentication mechanisms. This tutorial walks through how to centralize your authentication mechanisms using an IdP and an API gateway.

Keycloak is a widely adopted Identity and Access Management (IAM for short) open-source solution. 2014 was a big year for groundbreaking technologies as both the Keycloak and Kubernetes projects were initially released a few weeks apart. Unsurprisingly, many Kubernetes end-users are turning to Keycloak as the preferred way to manage access to the secure APIs and services of their platform.

Simply running Keycloak in Kubernetes won’t however make your platform secure. A lot of concerns are left to the user to configure and implement: from exposing the Keycloak API endpoints using TLS and an ingress-controller, to enforcing security policies on…


Photo by Ihor Dvoretskyi on Unsplash

Kubernetes is a fantastic foundation for an application platform, but it is just that — a foundational component. In order for it to be useful for application developers Kubernetes must be augmented with continuous delivery, ingress and an API gateway, and observability. You need to get your apps onto Kubernetes, you need to get user traffic into your applications, and you need to be able to understand what is going on.

The abstractions provided within Kubernetes are fantastic. They are clearly defined, and they enable you to swap in and out various components like container runtimes, networking, storage, and observability…

Alex Gervais

Outdoorsy, data-driven, eternal student, not so geeky creative mind and traveler. Working by day as a remote Software Developer for Ambassador Labs.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store