As our enterprise customers build out large, multi-cluster Kubernetes environments, they are encountering an entirely new set of security challenges, requiring solutions that operate at scale and can be deployed both on-premises and across multiple clouds.
Talks focused on Open Policy Agent (OPA) are featured prominently in the agenda for KubeCon + CloudNativeCon Europe—15 OPA-focused sessions were accepted from users at Google, City of Ottawa, Ada Health and more—signaling the importance of authorization in the cloud. While the event and those talks are now on hold until August, that doesn’t mean we should postpone learning more about authorization within applications, across Kubernetes clusters and on top of service mesh.
Innovative companies are looking to take advantage of cloud-native technologies beyond the data center to deliver faster innovation and competitive advantage at the edge. Recognizing the need for a common approach to create, deploy, run, secure, monitor, maintain and scale business logic and analytics applications wherever your business takes you, IBM today announced its edge computing offerings, including the IBM Edge Application Manager.
Chances are, if you’re not already moving applications to containers and Kubernetes, you’re considering it. However, it’s likely that security and compliance implications are something you haven’t fully thought through. Addressing container security risks later in the development life cycle negatively impacts the pace of cloud adoption while simultaneously raising security and compliance risks. The use of containers and Kubernetes changes your security calculus.
In this blog post, we’re going to explain how to monitor Open Policy Agent (OPA) Gatekeeper with Prometheus metrics. If you have deployed OPA Gatekeeper, monitoring this admission controller is as relevant as monitoring the rest of the Kubernetes control plane components, like APIserver, kubelet or controller-manager. If something breaks here, Kubernetes won’t deploy new pods in your cluster; and if it’s slow, your cluster scale performance will degrade.
It’s clear from the latest Cloud Native Computing Foundation survey that containerized environments have become mainstream, increasing automation at scale for companies. But, in the cloud-native environment, changes are constant and runtime is extremely dynamic. And while automation can help eliminate manual work, it can also replicate mistakes and risk at cloud scale.
