About Me

Site Reliability Architect, Supply Chain Security Advocate, System Whisperer, Tech Enthusiast, Open-Source Contributor, Trail Trekker, Speaker, etc.
Openshift Container Platform

Did You Forget these Crucial Day 2 Operations after OpenShift Deployment?

Day 2 operations come into play after the initial installation of an OpenShift cluster. These operations involve a series of essential settings and configurations that prepare your cluster for developers’ deployments. By performing these tasks, you ensure that the cluster remains healthy, secure, and efficient. Key activities include monitoring and logging, scaling resources, managing backups and recovery, enhancing security, optimizing resource allocation, and maintaining network configurations. These steps are crucial for maintaining the overall stability and performance of your OpenShift environment, making it ready for seamless development and deployment activities....

August 30, 2024 Â· 8 min Â· Rahul Bajaj
Openshift Compliance

Navigating OpenShift’s Compliance Operator

Introduction to the Compliance Operator The OpenShift Compliance Operator is all about keeping your OpenShift cluster secure and in line with governance policies. It does this by scanning both the OpenShift Platform 4 (ocp4) and Red Hat Core OS 4 (RHCOS4). Now, let’s break down the types of compliance checks it can handle: Platform (Cluster) Related Checks: These checks use the OpenShift API to make sure everything is shipshape. Node Related Checks: These scans take a closer look at the filesystem of each node....

June 22, 2024 Â· 9 min Â· Rahul Bajaj
secure-k8s-cluster

Unlocking RHACS: Vulnerability Management and Workload Hardening Policies

Recently, I have been working on Red Hat Advanced Cluster Security (RHACS) to identify security vulnerabilities and implementing cluster hardening rules within OpenShift clusters. Inspired by my experiences, I decided to share my insights through this blog post. Join me as we delve into the world of RHACS and explore its functionality. Introduction to RHACS Red Hat Advanced Cluster Security (RHACS) is the downstream project for the upstream Stackrox project. In other words, enhancements to the source code are initially made in Stackrox, and then they undergo testing and packaging to become part of RHACS....

March 14, 2024 Â· 5 min Â· Rahul Bajaj
mend-renovate

Enhancing Security: Using Renovate in Gitlab Pipelines for Automated Dependency Updates

Open Source Software (OSS) projects have been distributed in packages for decades. Using packages allows developers to focus on new feature implementation. Major software distributions, such as Fedora, Debian, etc, typically consist of thousands of packages. These packages depend on each other to perform tasks efficiently by avoiding code duplication. The inter-dependence amongst the packages creates a software supply chain. Examples of software security principles such as using software binaries that are signed by the software vendor, keeping binaries regularly updated, and constantly monitoring software behaviour are general to any software system....

December 21, 2023 Â· 4 min Â· Rahul Bajaj
Container Build Images

Slimming Down Containers: The Art of Minimizing Image Bloat

Need for slimming down containers OpenShift, an enterprise-ready Kubernetes platform, offers a multitude of benefits. One such advantage is the Source-to-Image (S2I) build strategy, that simplifies the process of converting source code into deployable container images. This strategy enables developers to build container images without the need to define a container file explicitly. OpenShift clones the application’s source code into a builder image that utilizes builder scripts, ultimately generating a container image deployable within the cluster....

October 28, 2023 Â· 4 min Â· Rahul Bajaj