On Friday, December 10th, wgtwo and many others became aware of a critical severity zero-day exploit, CVE-2021-44228, known as “Log4Shell” in the Log4j library, which is widely used in numerous systems around the internet. We immediately opened a security incident and have been actively taking steps to mitigate and monitor the situation.
5 posts tagged with "infrastructure"
View All TagsForbidden lore: hacking DNS routing for k8s
At WG2 we’re coming close to having everything running in Kubernetes, which means that almost everything we deploy needs to be pulled from a registry. We have run our own local registry for some time now, to host both locally-built images and cached images from Docker Hub.
Extending Kubernetes for our needs
We are using Kubernetes as our cluster scheduler and this serves us well. However we have a few cases where we need to do some additional work.
Towards observability nirvana: infinite metric retention with Thanos
In the current DevOps world, our industry relies on the ability to observe and monitorize our infrastructure and services. wgtwo is no exception here and as we are operating in the TelCo space we wanted to know more about the usage patterns of our platform over days, months and even years.
We killed the butler: Replacing Jenkins with Concourse
At wgtwo, we try to use CI/CD pipelines to automate all of our repetitive tasks when it comes to code and infrastructure deployment and testing, such as: