DevOps
Notes on moving Amazon Linux AMI to Amazon Linux 2
· β˜• 3 min read · ✍️ Sathyajith Bhat
I picked up a task to migrate our base image from Amazon Linux to Amazon Linux 2. Here's what I needed to get it to work.

Running Folding@Home on AWS with AWS CDK
· β˜• 3 min read · ✍️ Sathyajith Bhat
Folding@Home(aka FAH) is a distributed computing project. To quote from their website, FAH is a distributed computing project for simulating protein dynamics, including the process of protein folding and the movements of proteins implicated in a variety of diseases. Folding@Home involves you donating your spare computing power by running a small client on your computer. The client then contacts the Folding@Home Work Assignment server, gets some workunits and runs them, You can choose to have it run when only when your system is idle, or have it run all the time.

Setting up a secure Docker image scanning solution with Anchore and Drone CI
· β˜• 3 min read · ✍️ Sathyajith Bhat
A while back I had done a round up of a few container scanning solutions and had mentioned I wanted to take another look at Anchore. The past few days, I’ve been playing a bit with Anchore - this time, integrating it with Drone CI. Drone is a “Container-Native, Continuous Delivery Platform” built using Go. It makes use of a YAML file, .drone.yml to define and execute the pipeline. End Goal For this project, we will be integrating Drone and Anchore.

On Securing Containers and Open Source tools for scanning vulnerabilities in Docker images
· β˜• 1 min read · ✍️ Sathyajith Bhat
I recently published couple of articles elsewhere: How to Increase Container Security and Ward Off Threats - Adobe Tech Blog 5 OpenSource tools for container security - OpenSource.com Scanning Docker Images for Vulnerabilities with Aqua Microscanner - previously, on my blog Do give them a read.

Scanning Docker Image for Vulnerabilities with Aqua MicroScanner
· β˜• 3 min read · ✍️ Sathyajith Bhat
Containers are slowly becoming the standardized units of deployment. As containers become more popular, they also become the focus targets for attacking the system via vulnerabilities present in the packages within the image. There are quite a few container vulnerability scanning solutions (example: Clair, Twistlock, now Prisma Cloud, Aqua – however most of them are either commercial or require an elaborate setup, which makes it difficult for individual developers to involve them as part of the container build process.

Accessing Chef Databag Items from within attributes
· β˜• 1 min read · ✍️ Sathyajith Bhat
In Chef parlance, databags are global variables saved in JSON format and are stored and accessible on the Chef server. Given that these are indexed and can be searched up along with the fact that they can be encrypted make them ideal candidates to store secrets such as credentials/ssh keys. Chef provides an easy way to search and fetchΒ databag and databag items from within a recipe: For ex to fetch a databag called admins, it’s as easy as: