Efficient resource management of a fleet of OpenShift cluster with Hosted Control Planes / HyperShift

When managing several Kubernetes/OpenShift clusters, one must also deal with issues like resource and cost optimisation. How can we establish a more effective balance between the resources that are available and those that are allotted to workloads? How can you achieve that new clusters are provisioned more quickly? What steps can be taken to create a more independent lifecycle management for a fleet of clusters? All those questions have a significant impact on how to maintain and manage a large number of clusters. This article gives an overview of the solution that is being pursued with HyperShift.

[Read More]

Java Flight Recording / Cryostat and OpenShift

Java and JVM performance monitoring and application profiling is essential not only for critical production workload. JDK Flight Recorder (JFR) and JDK Mission Control are the established solutions here. This article covers the Kubernetes/OpenShift solution Cryostat to bridge the gap to JVM applications in a Kubernetes runtime.

[Read More]

Overview of Secret injection solutions

Secrets management in a cloud/Kubernetes and CI/CD context is crucial and should covers various aspect like

  • how to maintain secrets in a secured way and avoid persistence in insecure repositories like git
  • administrate access using a RBAC and enable segregation of duties
  • life cycle management of secrets
  • inject secrets automatically into application runtime

Existing solutions provides features to some of the mentioned aspects. One of the most widespread solution is HashiCorp Vault. HashiCorp Vault provides a solution to manage and protect secrets. Additional extensions and open source solutions interacts with HashiCorp Vault to inject secrets into an application context running in a Kubernetes/OpenShift runtime. This article explains some of the options and ends with a comparison.

[Read More]