Blog

Deep Dive into Policy Controllers and their impact on Cluster Management

Posted on July 3, 2024 by Andreas Ttofi

What is a policy engine in Kubernetes? In this article, we are going to look at how Policy Engines can help enforce organisational standards in Kubernetes. We will do a deep dive into the most popular available open-source solutions and compare their approaches and strengths, to enable readers to more rapidly make informed decisions when faced with the need for enforcing standards.

Best-Practice Security, Automation & Operability, with mTLS

Posted on June 10, 2024 by CECG

Discover how we designed a robust authentication approach which can flexibly handle a diverse range of communication protocols and which scales efficiently.

How onboarding at CECG is different

Posted on May 20, 2024 by Ilia Chernov

What this post is about I recently joined CECG and the onboarding process looked and felt different compared to other companies I worked at.

Securing the Unseen - Comprehensive Strategies for Kubernetes Secret Management

Posted on May 10, 2024 by Neofytos Zacharia

Introduction In the digital landscape, where security breaches and data leaks are ever-looming threats, the art of managing secrets within Kubernetes takes on a paramount importance. “Securing the Unseen” delves into the comprehensive strategies essential for the effective management of Kubernetes secrets, offering a beacon of guidance for security and software professionals alike. This guide is meticulously crafted to uncover the layers of complexity in secret management, presenting a panoramic view of the tools and practices at the forefront of Kubernetes security.

Scaling an http stub for load testing

Posted on April 25, 2024 by Sergei Sizov

Introduction Stubbing is a powerful technique that helps developers write focused, fast and deterministic tests, leading to higher quality software.

Identity-based Authentication for a Developer Platform

Posted on April 19, 2024 by Tomasz Bartosiewicz

As well as the increase of developer productivity (which equals more frequent releases) and enhanced developer experience, one of the key goals of the platform team is to provide architectural solutions and tools to very often complex but common problems encountered by application developers. One of the common challenges is an authentication and authorisation layer not only required for the team’s developed services but also for the platform’s internal applications.

Building the Foundation: Our Take on Training

Posted on March 29, 2024 by Savvas Michael

Introduction Imagine acquiring sought-after engineering skills that could significantly boost your expertise and confidence, in a matter of weeks.

Navigating the Maze: Challenges in Seeking Support in Big Tech Companies

Posted on March 7, 2024 by Andreas Ttofi

In an era where technology is the backbone of business operations, the role of support teams within big tech companies is more critical than ever. At CECG, we understand the labyrinthine challenges faced not only by our support professionals but also by the users navigating our custom platforms.

Interfaces for Internal Developer Platforms

Posted on March 6, 2024 by Ilia Chernov

A few of the reasons Internal Developer Platforms (IDPs) are built are to enable self-service for developers and to enable efficient collaboration between developers and other departments. One way to do it is through automation of certain processes which involve people’s communication or just may take an unnecessarily long time to finish. In this article, we will take a look at examples of the routines which developers often face and the ways the developers can interact with the IDP to optimize those routines.

Crossplane: the good, the bad and the ugly

Posted on February 27, 2024 by Simon Aquino

Crossplane is an infrastructure provisioning tool engineered to bridge the gap between infrastructure automation, Kubernetes and reconciliation on steroids. Its main ethos is to provide a unified declarative API to abstract different cloud implementations and leverage Kubernetes to run the provisioning workload.