Tagged articles

13 articles

Page 1 of 1

Dec 10, 2025 · Information Security

How to Build a Zero Trust Security Architecture: Principles, Code Samples, and Step‑by‑Step Guide

This article explains why traditional perimeter security fails in modern distributed environments and presents a comprehensive zero‑trust model, covering core design principles, technical implementation layers, practical YAML and Python examples, phased rollout strategies, technology choices, common challenges, and future trends.

IAMNetwork PolicyZero Trust

0 likes · 10 min read

How to Build a Zero Trust Security Architecture: Principles, Code Samples, and Step‑by‑Step Guide

Cloud Native Technology Community

May 22, 2025 · Information Security

How to Prevent Common Kubernetes Security Mistakes and Harden Your Cluster

This article analyzes typical Kubernetes security pitfalls—from weak authentication and overly permissive network policies to missing real‑time monitoring, exposed services, outdated versions, and default component settings—and provides concrete, layered mitigation steps and tool recommendations.

Cloud NativeKubernetesNetwork Policy

0 likes · 13 min read

How to Prevent Common Kubernetes Security Mistakes and Harden Your Cluster

Linux Ops Smart Journey

Apr 25, 2025 · Cloud Native

How to Seamlessly Migrate Calico from etcd to Kubernetes Datastore

Learn step‑by‑step how to transition Calico’s data store from etcd to Kubernetes, covering prerequisite checks, locking the datastore, exporting and importing data, reconfiguring calicoctl, applying the new manifests, and unlocking the store, while highlighting benefits and tips for a smooth migration.

CalicoKubernetesNetwork Policy

0 likes · 11 min read

How to Seamlessly Migrate Calico from etcd to Kubernetes Datastore

Ops Development & AI Practice

Mar 4, 2025 · Cloud Native

Mastering Calico BGP Mode: High‑Performance Networking for Large Kubernetes Clusters

This article explains the core principles, advantages, suitable scenarios, and step‑by‑step configuration of Calico's BGP mode, showing how it delivers high‑performance, scalable, and secure networking for large Kubernetes deployments.

BGPCalicoCloud Native

0 likes · 7 min read

Mastering Calico BGP Mode: High‑Performance Networking for Large Kubernetes Clusters

MaGe Linux Operations

Oct 30, 2023 · Cloud Native

Mastering Antrea: A High‑Performance Kubernetes CNI Plugin Guide

This article offers a comprehensive overview of the Antrea CNI plugin for Kubernetes, covering its core concepts, pros and cons, typical use cases, and a step‑by‑step installation and testing workflow to help you secure and optimize container networking.

AntreaCNICloud Native

0 likes · 12 min read

Mastering Antrea: A High‑Performance Kubernetes CNI Plugin Guide

Cloud Native Technology Community

Sep 7, 2023 · Information Security

Kubernetes Security Testing: Importance, Methods, and Best Practices

This article explains why security testing is critical for Kubernetes clusters, outlines key testing approaches such as SAST, DAST, container image scanning, configuration audits, and network policy testing, and provides practical steps for integrating these methods into CI/CD pipelines to ensure robust cloud‑native security.

Configuration AuditContainer ScanningDAST

0 likes · 9 min read

Kubernetes Security Testing: Importance, Methods, and Best Practices

Cloud Native Technology Community

Jan 4, 2023 · Cloud Native

Configuring External Egress Gateways in Kube-OVN

This guide explains how to route outbound container traffic through a centralized external gateway using Kube-OVN by defining a Subnet resource with specific routing and policy settings, and clarifies each required field for proper configuration.

CNICloud NativeExternal Gateway

0 likes · 4 min read

Configuring External Egress Gateways in Kube-OVN

Efficient Ops

Aug 10, 2022 · Cloud Native

How Kubernetes Ensures Seamless Pod Networking with CNI and Network Policies

This article explains Kubernetes' fundamental network requirements, the pod networking model, the role of CNI plugins, common implementation approaches, and how Network Policies provide fine-grained traffic control, offering a comprehensive overview of container networking within cloud-native clusters.

CNICloud NativeKubernetes

0 likes · 11 min read

How Kubernetes Ensures Seamless Pod Networking with CNI and Network Policies

MaGe Linux Operations

Sep 29, 2021 · Cloud Native

Why Cilium Is the Coolest Kubernetes CNI Plugin and How to Deploy It

This article introduces Cilium, the eBPF‑based Kubernetes CNI that replaces kube‑proxy, explains its security and scalability advantages over traditional iptables, and provides step‑by‑step guidance for deploying Cilium, testing its connectivity, and using Hubble for deep network visualization integrated with Grafana and Prometheus.

CNICiliumHubble

0 likes · 17 min read

Why Cilium Is the Coolest Kubernetes CNI Plugin and How to Deploy It

Ops Development Stories

Aug 17, 2021 · Operations

Running Kubernetes Without kube-proxy Using Cilium: Step‑by‑Step Guide

This article walks through installing Cilium as a CNI on a Kubernetes v1.21.3 cluster, disabling kube-proxy, and verifying network connectivity with an Nginx deployment, providing commands, configuration details, and validation steps for a kube‑proxy‑free setup.

CNICiliumKubernetes

0 likes · 9 min read

Running Kubernetes Without kube-proxy Using Cilium: Step‑by‑Step Guide

Architecture Digest

Jan 14, 2021 · Cloud Native

Understanding Kubernetes Components Through an Aquarium Analogy

The article uses an aquarium metaphor to explain Kubernetes fundamentals—including Pods, Nodes, Scheduler, ReplicaSets, Services, Network Policies, and ConfigMaps—by comparing applications to fish, tanks to Pods, rooms to Nodes, and the control plane to the aquarium manager, making complex concepts easier to visualize.

Cloud NativeConfigMapContainers

0 likes · 7 min read

Understanding Kubernetes Components Through an Aquarium Analogy

Sohu Tech Products

Feb 5, 2020 · Cloud Native

Deploying Calico Network Policies on Hardware in Container Cloud Environments

The article answers a technical question about using Calico as the network mode in container cloud networks, explaining that Calico relies on three‑layer routing with BGP, requiring hardware BGP support and sufficient processing capacity to host the full‑mesh routing for all nodes.

BGPCalicoCloud Native

0 likes · 2 min read

Deploying Calico Network Policies on Hardware in Container Cloud Environments

Huawei Cloud Developer Alliance

Jul 17, 2015 · Information Security

How a Centralized Network Policy Solved Security Management for China Construction Bank

China Construction Bank faced fragmented security policy management across its thousands of branches, but by leveraging Huawei eSDK and a centralized controller, Qianfang Technology enabled the head office to configure and distribute policy templates, allowing flexible, region‑specific terminal security while maintaining unified oversight.

BankingCentralized ManagementHuawei eSDK

0 likes · 3 min read

How a Centralized Network Policy Solved Security Management for China Construction Bank