The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...
DigitalOcean announced its DigitalOcean Kubernetes product, an easy way to run containerized applications in the cloud.
Designed for developers and businesses who want a simple way to deploy and manage container workloads, DigitalOcean Kubernetes removes the headache involved in setting up, managing and securing Kubernetes clusters while incorporating DigitalOcean’s trademark simplicity and ease of use.
“Over the last year, Kubernetes has emerged as the container orchestration platform of choice, and as one of the leading public clouds, investing in supporting our customers’ adoption of containers was a natural evolution to our roadmap,” said DigitalOcean VP of Product Shiven Ramji. “We’ve always been devoted to providing simple solutions for developers — starting with our cloud servers, Droplets. This product is no exception, allowing developers to focus on successfully shipping their applications while not being burdened by the complexity involved with creating and running a highly scalable and secure cluster across multiple apps.”
The application container market is estimated to grow to $2.7B by 2020, according to 451 Research. Further, developers and those in DevOps are growing more committed to Kubernetes: in 2016, just under half said they were committed to the system but by 2017, 77 percent said the same, according to the Cloud Native Computing Foundation. Despite Kubernetes’ growing popularity, on its own, it can be complex for developers to manage.
By offering Kubernetes integrated with DigitalOcean’s core product suite — which includes Compute Servers, Block Storage, Object Storage, Firewalls, Load Balancers and more — businesses will have the freedom to run their existing workloads on DigitalOcean without special configuration.
Key features and benefits of DigitalOcean Kubernetes include:
- Dedicated Managed Kubernetes Cluster: Each customer receives their own cluster, which provides security and isolation for their containerized applications with access to the full Kubernetes API.
- Integrated Storage Scalability: DigitalOcean products for block storage and object storage are built in, providing storage for any amount of data.
- Included Security: Cloud Firewalls are included, making it easy to manage network traffic in and out of the Kubernetes cluster. Additionally, DigitalOcean will provide cluster security scanning capabilities to alert users of flaws and vulnerabilities.
- Continuous Delivery: Simple integration with popular continuous integration services; developers can easily set up a full continuous delivery pipeline in two clicks, providing faster and more robust rollout of new application functionality.
- Team Management: Kubernetes deployments can be a large team effort. DigitalOcean’s “teams” feature allows development teams to easily manage access and permissions to the cluster.
- Extended Insights: In typical Kubernetes environments, metrics, logs and events can be lost if nodes are spun down. To help developers learn from the performance of past environments, the DigitalOcean Kubernetes product will store this information separate from the node indefinitely.
- One-click Integrations: Similar to the existing one-click setups and integrations for Droplets, the product includes one-click integrations to deploy an entire application stack so developers can focus on solving their business problems and worry less about their Kubernetes cluster setup.
DigitalOcean Kubernetes will be available through an early access program starting in June with general availability planned for later this year.