Bitnami Engineering Portal

Articles

Page 1 of 8

Running Helm in production: Security best practices

Published on February 25, 2019
by Andrés Martínez

Helm has become one the most popular package managers for Kubernetes. The goal of Helm is to help you manage Kubernetes applications using Charts. Helm charts are just "packages" that you can directly install in your Kubernetes cluster. They are really useful since they abstract all the complexity around ConfigMaps, Deployments, Volumes, etc. that otherwise you need to handle one by one, to deploy...

Read more

Best practices writing a Dockerfile

Published on February 18, 2019
by Juan Ariza Toledano

Since Bitnami published its first Docker container in 2015, the techniques for writing Dockerfiles have significantly evolved. As part of the team which maintains a container catalog with more than 130 apps, I have worked on adapting the containers and their Dockerfiles to meet the community requirements.

In this tutorial, I will go over these lessons learned, describing some of the best practices...

Read more

Automating component image updates in BKPR

Published on February 6, 2019
by Sameer Naik

The Bitnami Kubernetes Production Runtime (BKPR) is a curated collection of services running on top of your existing Kubernetes cluster with the aim of automating the configuration of public access, logging and monitoring, and management of DNS records and TLS certificates. Read the Bitnami Kubernetes Production Runtime announcement to learn more about the motivation behind the development of BKPR...

Read more

Practicing what we preach, benefiting from a move to Kubernetes

Published on December 21, 2018
by Raquel Campuzano Godoy

During 2018, Bitnami has been changing how we approach and utilize infrastructure to deliver our services, moving from a "single server per project" approach to one where we use Kubernetes. Doing so not only makes management easier, but also allows us to respond more quickly to infrastructure vulnerabilities. It also gives us the ability to utilize Bitnami Kubernetes Production Runtime (BKPR) and...

Read more

Production Ready Packaging with CNAB and Bitnami Kubernetes Production Runtime (BKPR)

Published on December 10, 2018
by Miguel Martinez Trivino

Last week, our friends at Microsoft launched Cloud Native Application Bundle (CNAB) and duffle, a CLI tool to manage CNAB bundles. CNAB is an open source, cloud-agnostic specification for packaging and running distributed applications. Because of our experience in application packaging, they asked Bitnami to partner with them to explore the benefits and limitations of the initial version.

Our goal...

Read more

Package and launch trusted apps on Kubernetes with Stacksmith and Kubeapps. Part 2: Setting Up and Using Service Catalog in Kubernetes Cluster

Published on November 28, 2018
by Wojciech Kocjan

This is the second of two blog posts which cover the whole process of defining a set of trusted applications and providing tools for your users to deploy said applications in a Kubernetes cluster using both Stacksmith and Kubeapps.

The first part of this blog post, Part 1: Creating a Trusted Set of Applications, introduces the concept of having a trusted set of applications and how it can help...

Read more

Package and launch trusted apps on Kubernetes with Stacksmith and Kubeapps. Part 1: Creating a Trusted Set of Applications

Published on November 28, 2018
by Wojciech Kocjan

Companies with large IT infrastructures need an end-to-end way to manage what is running in their environment. At Bitnami, we understand this challenge very well. In this article, we will show how creating a set of trusted applications simplifies managing compliance and governance in your environment. And we’ll show you how this can be applied to your Kubernetes clusters.

The process starts by...

Read more

Why non-root containers are important for security

Published on November 28, 2018
by Raquel Campuzano Godoy

As you probably already know, Docker containers typically run with root privileges by default. This allows for unrestricted container management, which means you can do things like install system packages, edit config files, bind privileged ports, etc. This is really useful for development purposes, but can expose you to high risk once you put your containers into a production environment.

Why...

Read more

Announcing the Bitnami Kubernetes Production Runtime (BKPR)

Published on November 20, 2018
by Angus Lees

At Bitnami, we have been using Kubernetes internally, and publishing applications targeting Kubernetes (such as Kubeapps!) for a few years now. Over that time, we have seen a recurring "gap" in the ecosystem from both directions:

  • As an application publisher, there are common cluster features that an application often requires (like functional Ingress, TLS, logging, monitoring). Explaining...

Read more

How Bitnami continuously scans container images to fix CVE-reported security issues

Published on November 12, 2018
by David Barranco

As a developer, if you are running a development set of containers to create proof of concepts or production workloads, you are probably aware of the amount of CVEs that may affect your container operating system packages.

Since its beginnings, Bitnami has worked to make sure every asset it publishes is up-to-date, not only everything related to the application versions, but also in security matter...

Read more

Next page