Pod Security Policies (PSP) allow to use cluster wide settings that are used for all new containers. In comparison to the Security Context, the usage of PSPs not as easy, but especially for large organizations with large clusters it can be beneficial to use them, because they reduce the necessity for manual configuration.Read more
Archive of posts in year '2020'
Scroll down to see more ...
During the last years it became common to use agile methods in software development. The most widespread ones are Scrum and Kanban. The 2020 "State of Agile" survey found that a vast majority of companies (~65%) uses Scrum or Scrum hybrids. The second place is held by Kanban and "Scrumban" with about 15%. That is why we want to compare those two methodologies.Read more
On July 17th the Digital Transformation Forum took place for the very first time. In 18 sessions, the almost 100 participants had the chance to get a taste of, learn about and swap ideas on the versatile topics of the digital transformation. The goal of the event was to offer impulses, exchange and visions for the digital transformation of companies.Read more
The general challenges of working from home and beyond seem to have been considered in detail from all perspectives. That's why in this post we will focus on how to use the Scrum method for remote work based on the example of our company’s experience. Thus, the article will be very concrete and hands-on: How does Cloudogu address the issue?Read more
The team here at Cloudogu has also been put to the test by the outbreak of the Coronavirus pandemic and the changes that have come with it. The company implemented its first set of sanitation measures in the early days of March. We made employees aware of the situation and distributed disinfectants to them. Everything seemed a bit surreal. But then everything happened very quickly.Read more
A container is basically a normal Linux process that runs isolated from the rest of the system via certain kernel components. This makes containers lighter but more vulnerable than virtual machines (VMs). To reduce this vulnerability to attack, the container runtimes offer a variety of settings whose default values strike a compromise between usability and security.Read more
You can find out here how Clean Code Development can help you and what hurdles the integration of the approach entails in everyday lifeRead more
Whenever you start a project, the first step is to find out the initial requirements. Sometimes there is already a detailed functional concept, sometimes just a vague idea. The importatnt thing is that the requirements are explicit so that the final product will be able to meet them. If requriements are vague it is hard to be sure that they are being met.Read more
IT compliance in practice – correctly containing and deleting data and projects in B2B software development
Since compliance is about adhering to regulations of any kind, this is very complex and individual issue. That's why this post will be dealing with a very specific topic: the deletion of data when the contract ends. In B2B software development, it is customary for contracts to contain a clause on the delivery or destruction of all records and documents related to the project.Read more
The virtual construct of a “container” is a normal Linux process at its core that largely runs in isolation from the rest of the system using certain kernel components. This makes containers lighter but more vulnerable than virtual machines (VMs). To reduce this vulnerability to attack, the container runtimes offer a variety of settings whose default values strike a compromise between usability and security.Read more
The first part of this series demonstrated the use cases and benefits of delivering presentations with reveal.js. They are Docs As Code, and therefore they can be subjected to versioning management and of course delivered via Continuous Delivery. Furthermore, we demonstrate how the Jenkins pipelines can be used to deploy to GitHub Pages using a model concrete implementation. This article demonstrates additional alternatives for deployment (Sonatype Nexus and Kubernetes), while the general structure of the `Jenkinsfile` remains the same.Read more
In a Kubernetes cluster, everything (nodes, pods, Kubelets, etc.) can communicate with each other by default. If an attacker succeeds in exploiting a security vulnerability in one of the applications, he can easily expand his attack to all underlying systems in the same cluster. You can restrict this vulnerability using the on-board network policy features found in Kubernetes.Read more