An inside look at how we designed a discovery protocol for Teleport.
Find out how SAML 2.0 Authentication works. SAML implements corporate single sign-on (SSO) solutions and acts as the single source of identity.
How are some big, well-known companies approaching SSH? We took a look at three who are setting an example for others to follow.
In the last of this three part series comparing SaaS and Open Core software, we will evaluate the S-1 filings of a few SaaS and Open Core companies to determine if either model has any inherent advantage.
Secure Shell (SSH) is a widely used Transport Layer Protocol to secure connections between clients and servers. In this post we explain how SSH handshake works.
In post 2 of 3, we clarify the differences between proprietary SaaS and Open Core software and discuss the advantages and disadvantages of each from the customer's perspective.
What next after SaaS? Is a significant alternative for marketing and selling software starting to emerge?
How to restrict SSH sessions to specific commands? How to have a restricted shell for some users? In this article we cover some common ways to answer these questions.
What is a microservice? What is Kubernetes for? In this post, we try to explain microservices, containers and Kubernetes in 10 minutes
How to keep up with Kubernetes releases? Unabated releases of vanilla Kubernetes every three months could continue forever. In this article, we discuss where this pace comes from, how it's a key ingredient in Kubernetes' success and what it means for end-users
An overview of Teleport's SSH certificate authority pinning capability and discussion of how HTTP public key pinning (HPKP) can be used to improve SSH CA user experience.
The universe of serverless-wielding software architects and Kubernetes cluster operators has started to collide and, yet again, Google is in the driver's seat. In this article we'll wander down the CNCF's Serverless Landscape in chronological order, quickly discovering that Knative is the sweet mamba jamba of open source lambda competitors.
In this post we'll explore K8s community decision making process by looking underneath the hood of the 'kerfluffe' of Google LLC being called out by Samsung SDS engineers for skipping 'graduation criteria' while merging the new 'kustomize' subcommand into upstream 'kubectl'.
The recently discovered xterm.js vulnerability shows how bugs are hard to kill as technology evolves.
An overview into CVE-2018-1002105's root cause and a program to test if your clusters are affected
A brief explanation of a common problem that could happen while creating new Kubernetes clusters with Kubeadm, Flannel and installing the Dashboard tool.
Proud new Kubernetes cluster owners are often lulled into a false sense of operational confidence by its consensus database’s glorious simplicity. In this Q&A, we dig into the challenges of in-place upgrades of etcd beneath autonomous Kubernetes clusters running within air-gapped environments.
A customer recently asked how to utilize Teleport's RBAC mechanism to restrict access to critical nodes within an OpenSSH cluster. This blog post explains how to do this.
We review the impact of the GDPR on SaaS vendors and their data collection practices and how it may reduce the operational cost disparity between hosted SaaS and on-prem Private SaaS
The Teleport Proxy requires a valid x509 certificate to serve content like the Web UI via HTTPS. In this post we show how to configure the Teleport Proxy to use Let's Encrypt for this.
In this post we show you how to use Github as an identity manager to control who has access to your server infrastructure through SSH
An interview about our experience running PostgreSQL on on-premises Kubernetes, covering the challenges involved, open source and commercial tools that can help and other alternatives to managing stateful applications on Kubernetes.
We cover the difference between OpenSSH servers and Teleport SSH node service for Teleport clusters.
Learn about common problems when migrating your application to Kubernetes.
How do you let your employees access company AWS infrastructure using their Github credentials? How do you restrict parts of your infrastructure to certain Github teams? How do you configure SSH to use Github credentials? This blog post covers it all.
We review the Vendor Security Alliance's security questionnaire to look at the security related costs of running SaaS vs On-prem.
It might be mundane and boring but keeping track of your FOSS license usage can save you from a big headache at the least opportune time.
Going on-prem can be a handful, especially maintaining those deployments. Here's how we use Kubernetes and our own tooling to help scale those efforts.
In this post we talk about using every day engineering activities to better market our company and our products.
Kubernetes has great built-in application monitoring features. But how to make sure Kubernetes itself is healthy after you upgrade it to the next version?
We are playing with Elastic Beats, doing structured logging with Golang and Elastic Search
We discuss effective ways to handle errors in Go programming language.