Microservices and microsegmentation
Microsegmentation and microservices
- found this article on DZone and wanted to quickly share my thoughts on it.
“Micro is big these days” - This statement is from a article showing the similarities and differences between microservices and microsegmentation. Of course we all know the differences, but we might have never thought about the similarities between the two approaches.
Microservices are about dissecting applications to smaller units and run those units independently instead of running them in a monolithic application. This creates the ability to decouple those functions and makes the service more scalable, independent from the other services and easier to maintain a single functionality. Often one team is responsible for one microservice. They maintain their interface, but consumers of the service do not have to worry about the inner workings as long as they stick to the public interface.
Kubernetes podcast on attacking k8s
The current Kubernetes Podcast gives a great view into how to attack kubernetes clusters. I have been talking about this all the time when i see OpenShift or kubernetes clusters that are trying to protect the container infrastructure with tools made for protecting pods, but hardly protect the container orchestration platform itself.
Securing the container infrastructure is hard and not doing it may lead to things like cluster takeover or host escapes.
