top of page
Rafael Natali
DevOps, K8s, Cloud, and more...
Search


Using Linux kernel hardening tools to secure a K8s cluster
Using AppArmor and seccomp to harden your Kubernetes nodes.
Rafael Natali
Mar 36 min read
49 views
0 comments

Securing the Kubernetes Host Operating System
It is crucial to prioritise Kubernetes security by safeguarding the Kubernetes host from the containers operating on it.
Rafael Natali
Feb 194 min read
169 views
0 comments

Restrict K8s Secret access to a specific ServiceAccount
Restrict K8s Secret access to a specific ServiceAccount. Good practices for Kubernetes Secrets.
Rafael Natali
Oct 4, 20242 min read
130 views
0 comments

Hands-on: Assigning Pods to Nodes using Affinity Rules
Create a highly available and resilient Kubernetes platform using Pod Affinity/Anti-affinity.
Rafael Natali
Sep 21, 20242 min read
98 views
0 comments

Handling Kubernetes vulnerabilities with CIS Benchmark
In this article, I will use a tool called kube-bench to evaluate a Kubernetes cluster for vulnerabilities covered in the CIS benchmark.
Rafael Natali
Sep 13, 20244 min read
32 views
0 comments


Securing your Azure Kubernetes Services Cluster with RBAC
In this article, I will present my perspective on securing an Azure Kubernetes cluster with the principle of least privilege as a top priori
Rafael Natali
Sep 7, 20242 min read
24 views
0 comments


Kubernetes Certification Learning Path
Kubernetes  is a widely adopted technology, with 84% of organisations actively using or evaluating it, according to the 2023 Cloud Native...
Rafael Natali
Aug 31, 20245 min read
13 views
0 comments


Unlocking Kafka Security with Access Control Lists (ACLs)
Apache Kafka employs Access Control Lists (ACLs) as a vital component of its security infrastructure. ACLs regulate access to Kafka...
Rafael Natali
Mar 16, 20244 min read
128 views
0 comments


Kubernetes Network In Action - 3/3
This is the third and final articles explaining and detailing the Kubernetes Network model with a hands-on approach. In the first article...
Rafael Natali
Feb 5, 20242 min read
58 views
0 comments


Kubernetes Network In Action - 2/3
This is the second of three articles explaining and detailing the Kubernetes Network model with a hands-on approach. In the first...
Rafael Natali
Jan 30, 20243 min read
63 views
0 comments


Kubernetes Network In Action - 1/3
This is the first part of three articles explaining and detailing the Kubernetes Network model with a hands-on approach. The series will...
Rafael Natali
Jan 22, 20242 min read
113 views
0 comments


Monitoring Kafka Container Health with Probes
This article will describe how to use Kubernetes Probes to monitor the health of your Kafka pods. Container Health K8s provides a number...
Rafael Natali
Jan 15, 20242 min read
129 views
0 comments


Backing up an etcd cluster
All Kubernetes objects are stored on etcd. Periodically backing up the etcd cluster data is important to recover Kubernetes clusters...
Rafael Natali
Dec 18, 20231 min read
26 views
0 comments

Monitoring Kafka with Prometheus and Grafana
This page describes the steps to quickly implement basic monitoring for Kafka Brokers using Prometheus and Grafana. Enabling Prometheus...
Rafael Natali
Nov 23, 20232 min read
73 views
0 comments


Automate the AWS Cost Report creation
This article describes how to automate the AWS Cost Report creation and send it via email to specific subscribers.
Rafael Natali
Nov 14, 20233 min read
11 views
0 comments

Automatically Reassigning Partitions in Apache Kafka Cluster
When you need to reassign a partition to another broker or brokers, the kafka-reassign-partitions tool comes in handy. It's particularly...
Rafael Natali
Oct 9, 20233 min read
144 views
0 comments

Improving the performance of a Kafka Connect CSV source connector
When you create a source connector in Kafka Connect, by default it will use the broker's default batch.size which is 16384 bytes (16Kb)....
Rafael Natali
Oct 2, 20232 min read
39 views
0 comments

Running Kafka in Kubernetes with Kraft mode and SASL authentication.
Learn how to launch an Apache Kafka with the Apache Kafka Raft (KRaft) consensus protocol and SASL/PLAIN authentication. This article is...
Rafael Natali
Sep 26, 20233 min read
1,184 views
0 comments


Running Kafka in Kubernetes with KRaft mode and SSL
Learn how to launch an Apache Kafka with the Apache Kafka Raft (KRaft) consensus protocol and SSL encryption. This article is a...
Rafael Natali
Sep 20, 20233 min read
180 views
0 comments

Running Kafka in Kubernetes with KRaft mode
Learn how to launch an Apache Kafka with the Apache Kafka Raft (KRaft) consensus protocol, removing Kafka's dependency on Apache...
Rafael Natali
Sep 14, 20233 min read
2,128 views
0 comments
bottom of page