Accessing a Private GKE Cluster Using Bastion Host and Service Account Impersonation
Private cluster diagram from google Accessing a private cluster while impersonating a service account was a bit more challenging than expected. This blogpost describes the challenges and solutions with connecting kubectl from your local computer to a private GKE cluster. The GKE cluster is configured with master auth networks, and general access to the master node […]
How Systems Coaching Helps Organizations Discover and Develop Their Unique Strengths
Companies like Zappos, Spotify, Amazon and Netflix have not become world-wide successes by adopting an agile framework like SAFe. Instead, they are continually working on improving the whole organization by helping employees see and understand the entire value-generating system they are a part of, embrace agile values and principles, and to develop the capabilities needed […]
GCP Workload identity federation on Gitlab passing authentication between jobs
GCP Workload Identity Federation on Gitlab Passing Authentication between Jobs Gitlab (late 2022) is relatively new to workload identity federation, and there are not many good templates or guides out there. The official guides explain how to set up the federation pool and authenticate with it, but not really how to use this in an enterprise […]
Automatic renewal of TLS certificates for loadbalancers in Kubernetes
Secure web traffic over the HTTPs protocol is a must-have, but not something you want to spend too much time on. It should simply just work — and maintain itself from there on. However, this is not always as straight-forward as it sounds. This blog post will show how to have a fully-automated architecture of […]
The Saga of Private Registries
Authentication to a private NPM registry made easy Have you ever had to use private NPM packages? If you have, you probably know how big of a bother it can be if they’re not hosted on the default NPM registry. Setting up NPM to point to the registry; handling authentication; making sure everyone has the right […]
Hvor er alle nye programmeringsspråk?
Det slo meg for et par uker siden at det er lenge siden jeg har hørt om et nytt programmeringsspråk som på en grunnleggende måte legger om på ting. Det siste store må ha vært funksjonell programmering og utvikling av mobile apper, og så har det kommet et par programmeringsspråk som retter seg mot kvanteinformatikk. Men alle disse tingene er i mellomtiden minst fem år gamle…
Seamless OpenId Connect / OAuth 2.0 security on HttpClient in .NET 6
Handling authentication and authorization when communicating with external services such as web APIs is a necessity in terms of security, but may be cumbersome, require a great deal of configuration and boiler-plate code, and is usually not the core of the business requirements that need to be solved.
Fem lærdommer fra Log4Shell
Det har nå gått litt over en måned siden det ble publisert en sårbarhet i Apache Log4j-rammeverket. Sårbarheten, som går under kallenavnet Log4Shell, ble utnyttet ganske raskt, og mange virksomheter, både her i Norge og i resten av verden, måtte stenge ned en stund.
Vlog: Java + Containers = ❤
Want to get started with containers for your Java applications or improve on that? Rustam Mehmandarov and Mads Opheim had the pleasure of chatting with OpenJDK committer Dmitry Chuyko. They talk about Java in containers, tiny containers, native images and slightly touch upon the topic of monitoring and JDK Flight Recorder.