DevOps Principles & Best Practices by Kayan Azimov
One of the issues when using personal secrets in vault is the admin/root user being able to access everything in vault, thus making usage of personal secret less secure.
In order to protect the personal secret from root/admin access we can however keep secret in an encrypted way, using private key, gpg, or just a password. Below is an example how to protect the secret with a password.
Comments closedI just ran my tool to get the-most-demanded-devops-skills-stats and noticed a small (or may be not that small) change:
jobstats -c -2 | head -20 azure 212 aws 194 kubernetes 66 terraform 56 gcp 55 git 48 docker 43 python 40 ci/cd 30 jenkins 28 linux 18 bash 10 ansible 10 scripting 9 unix 3 puppet 3 groovy 2 elk 2 chef 2 zabbix 1Comments closed
This blog post demonstrates how anything in Jenkins could be configured as a code through Java API using groovy code, and how changes could be applied right inside Jenkins job. I particularly will demo how to configure Kubernetes plugin and credentials, but the same concept could be used later to configure any Jenkins plugin you are interested in. We will also look at how to create custom config which could be used either for all
or only specific Jenkins instances so you can setup different instances differently based on security policy or any other criteria.
The Why…
Recently I have been working on a task to improve deployment of our master Jenkins instances on Kubernetes.
On of the requirements was to improve the speed, as we have more than 40 Jenkins masters running on different
environments like test, dev, pre-prod, perf, prod etc and deployed in Kubernetes over AWS cluster. The deployment job took around an hour, involved downtime and required multiple steps.
