In this blog post I share my opinioated version of provisioning a Kubernetes cluster in the Google Cloud Platform (GCP) using nothing but Opentofu.
The principles discussed here are the ones I have learned while dealing with production setups at the same scale.
If you enjoy Kubernetes or want to learn more about GCP, this is for you.
Packer is a powerful tool to create immutable images, with support for various cloud providers.
In this blog post, I share how I built a NixOS 24 snapshot using Packer on Hetzner Cloud.
If you're a fan of NixOS or want to learn more about Packer, this post is for you.
Most of the modern software deployment these days benefit from containerization and Kubernetes as the de-facto orchestration platform.
However, occasionally, I find myself in need of some Ansible provisioning and configuration management.
In this blog post, I will share how to create Ansible dynamic inventory in a way that avoids the need to write hard-coded IP addresses of the target hosts.
In this blog post, I will demonstrate how to use Ory Oathkeeper and Ory Kratos to protect upstream services behind authentication, especially the ones that do not have native authentication built-in, e.g., Prometheus, Hubble UI, Alertmanager, etc.
In today's digital landscape, protecting sensitive administrative interfaces is crucial for organizations delivering services over the internet. This guide offers a practical approach to implementing secure, authenticated access for admin pages using Ory's proxy and authentication (micro)services.
We'll explore how to leverage Ory Oathkeeper and Kratos to create a robust authentication system that aligns with current security best practices and regulatory requirements.
If you're looking for an efficient way to enhance the security of your admin services, you'll find value in the steps outlined here.
If you're a software engineer in any tier, there's a good chance that you're already familiar with the language and syntax of JavaScript. It has a very low barrier for entry and that is one of its strongest suits and what makes it so widely adopted and popular.
In this article, you'll learn how to deploy a JavaScript application to AWS Lambda using the principles of GitOps and with the help of OpenTofu as the Infrastructure as Code and GitHub Actions for the CI/CD pipeline.
Stick till the end to find out how.
Discover how Azure Bastion can revolutionize your cloud security strategy. This comprehensive guide explains what a Bastion host is, why it's crucial for secure access to your Azure resources, and provides a step-by-step walkthrough for implementation.
You'll learn how to enhance your network security, simplify remote access, and automate Bastion deployment using tools like OpenTofu and Azure CLI. Dive in to unlock the full potential of secure, scalable cloud access for your organization.
Monorepo is the practice of storing all your code in a single repository, which can be beneficial for code sharing, dependency management, and version control.
However, there is no free lunch! As your codebase grows, managing builds become unavoidably complex and time-consuming. This build time is billed on your organization and it can get quite costly.
In this blog post, we'll explore the challenges of building only changed applications in a monorepo and discuss strategies to optimize your workflow with selective builds.
If this gets you excited, let's dive in!
Internet has come a long way since its inception. The first few years might have been a new adventure for those building web applications, but in the modern day software development and in 2024, you rarely stop to question most of the common practices around the industry.
One of the most frequent requirement for any application is to have some sort of access control policy. The most used approach in today's world is the use of RBAC. It makes a lot of sense to treat a group of one or multiple identities of a system the same way and grant or deny them a specific set of permissions.
Ory Keto comes with all the batteries included. It provides a fearless authorization platform, friendly API for developers, and scalable stateless application.
If you're creating an application over HTTP these days, chances are, Ory Keto has a lot to offer you. Stick around till the end to find out how.
Have you ever been frustrated at long merge queues? Did you ever wish there was a better and faster way to get feedback on your code changes and approval from your team members?
You may have also been on the other side of the table, reviewing pull requests and wishing there was a better way to actually test the revisions before approving it; giving you a sense of what it would feel and look like if it were to merge.
Netlify and other frontend hosting services have spoiled us with the ability to spin up a live instance of the application for each pull request for static files. But what about backend applications? How can we achieve the same and deploy our backend for every new proposed change in pull requests?
In this blog post, we will explore how to set up preview environments for each pull request using GitHub Actions and Kubernetes. This guide includes spinning up the application as a live instance with an internet accessible URL to preview and verify the changes before they find their way into the main trunk.