Michael Levan 👨🏻💻☕️
@mikelevan.bsky.social
Independent Consultant | Implementing Scalable, Secure, & Performant Environments | Microsoft MVP (Azure) | AWS Community Builder | Trainer • Author • Speaker • Podcast Host | Kubernetes v1.28 & v1.31 Release Team
Ohhh, I have to hear more. I have a finished basement that I haven't done anything with since I bought my house and I've been thinking of doing this exact same thing.
May 6, 2025 at 1:39 PM
Ohhh, I have to hear more. I have a finished basement that I haven't done anything with since I bought my house and I've been thinking of doing this exact same thing.
1. Continuous monitoring of networks.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
May 6, 2025 at 1:03 PM
1. Continuous monitoring of networks.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
One of the biggest pieces to remember with CDR is how data is being traversed and who has access to what.
Network Detection and Response (NDR) provides two primary capabilities:
Network Detection and Response (NDR) provides two primary capabilities:
May 6, 2025 at 1:03 PM
One of the biggest pieces to remember with CDR is how data is being traversed and who has access to what.
Network Detection and Response (NDR) provides two primary capabilities:
Network Detection and Response (NDR) provides two primary capabilities:
This could be larger cloud-based environments like Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS), or smaller clouds like Vultr and Digital Ocean (DO).
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
May 6, 2025 at 1:02 PM
This could be larger cloud-based environments like Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS), or smaller clouds like Vultr and Digital Ocean (DO).
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
That means the apps/tools you're running locally to reach the k8s Service won't be able to reach it either.
May 1, 2025 at 1:39 PM
That means the apps/tools you're running locally to reach the k8s Service won't be able to reach it either.
That means if you're trying to access the resource locally (for example, connecting to the DB running in k8s), you have to do it from your local terminal.
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
May 1, 2025 at 1:39 PM
That means if you're trying to access the resource locally (for example, connecting to the DB running in k8s), you have to do it from your local terminal.
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
Here are a few tips when thinking about what platforms to use, how to use them, and what to think about when managing them.
April 21, 2025 at 7:42 PM
Here are a few tips when thinking about what platforms to use, how to use them, and what to think about when managing them.
And the goal is to add AWS EKS and AWS ECS.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
April 20, 2025 at 7:23 PM
And the goal is to add AWS EKS and AWS ECS.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
The current recommendations it gives you are between:
✅ Azure Kubernetes Service (AKS)
✅ Azure Container Apps (ACA)
✅ Azure Container Instance (ACI)
✅ Azure Kubernetes Service (AKS)
✅ Azure Container Apps (ACA)
✅ Azure Container Instance (ACI)
April 20, 2025 at 7:23 PM
The current recommendations it gives you are between:
✅ Azure Kubernetes Service (AKS)
✅ Azure Container Apps (ACA)
✅ Azure Container Instance (ACI)
✅ Azure Kubernetes Service (AKS)
✅ Azure Container Apps (ACA)
✅ Azure Container Instance (ACI)
Instead of scanning a Kubernetes Manifest to tell you the best place to deploy, it'll read a description that you add in or an architecture doc you upload.
April 20, 2025 at 7:23 PM
Instead of scanning a Kubernetes Manifest to tell you the best place to deploy, it'll read a description that you add in or an architecture doc you upload.
However, before using ArgoCD, it has to be deployed to the cluster.
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
Keeping The Lights On: Pipeline Differentiations for CICD
buff.ly
April 16, 2025 at 3:18 PM
However, before using ArgoCD, it has to be deployed to the cluster.
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
and a few other aspects that are super crucial to implementing EKS (and Kubernetes in general) within any environment.
In this blog post, I break it all down.
buff.ly/WYBXgqU
In this blog post, I break it all down.
buff.ly/WYBXgqU
Optimizing AWS Elastic Kubernetes Service (EKS)
As you develop environments, infrastructure, and orchestration platforms (like k8s), you'll begin to notice that there are several directions to go in. There's a joke that goes something like "line up...
buff.ly
April 15, 2025 at 2:33 PM
and a few other aspects that are super crucial to implementing EKS (and Kubernetes in general) within any environment.
In this blog post, I break it all down.
buff.ly/WYBXgqU
In this blog post, I break it all down.
buff.ly/WYBXgqU
Therefore, security really just ensures that there are people on the team who know the system/platform/application exceptionally well.
If they do, they can secure it.
If they do, they can secure it.
April 14, 2025 at 6:23 PM
Therefore, security really just ensures that there are people on the team who know the system/platform/application exceptionally well.
If they do, they can secure it.
If they do, they can secure it.
More importantly - security, and I mean proper cyber security, can only occur when you know a system/platform/application VERY well.
You must know the ins and outs in every capacity.
(cont)
You must know the ins and outs in every capacity.
(cont)
April 14, 2025 at 6:23 PM
More importantly - security, and I mean proper cyber security, can only occur when you know a system/platform/application VERY well.
You must know the ins and outs in every capacity.
(cont)
You must know the ins and outs in every capacity.
(cont)