Portainer has published an article titled “GitOps - The Path Forward” that explores the concept of GitOps and how it can be implemented using the Portainer platform. The article begins by discussing the importance of adhering to compliance standards like GDPR and the need for secure cloud environments. GitOps is presented as a recommended operational framework for implementing infrastructure and development methodologies that ensure compliance and effective infrastructure management.

The article goes on to explain the fundamental concepts of GitOps, including automation, version control, continuous integration/continuous delivery, auditing, compliance, version rollback, and collaboration. It highlights the requirements for implementing GitOps, such as Infrastructure as Code (IaC), pull request reviews, CI/CD pipelines, automation, version control, auditability, rollback and forward capabilities, and collaboration.

The article then focuses on how Portainer facilitates the implementation of GitOps. It mentions that Portainer offers a suite of tools designed specifically for GitOps, including RBAC, automation, and visibility. It highlights the role-based access control (RBAC) feature of Portainer, which provides precise access control to Kubernetes platforms and container runtime environments. Portainer also integrates with authentication providers like LDAP and Microsoft AD. The article further explains how Portainer enables GitOps automation by connecting with Git repositories and allowing for automated application deployment to Kubernetes clusters and container environments. It also mentions how Portainer provides updates and monitoring solutions for GitOps operations through container logs, authentication logs, and event lists.

In conclusion, the article emphasizes that GitOps is a contemporary methodology for managing infrastructure and applications, and leveraging GitOps strategies like auditing, rollback, and roll forward can enhance operational agility, reliability, and compliance. The article highlights the benefits of using the Portainer platform for implementing GitOps, including RBAC, automation, and monitoring capabilities.

CasaOS has introduced a new commercial product called ZimaOS, designed to cater to the needs of professional application scenarios. ZimaOS combines the robustness of CasaOS with new features and capabilities tailored to professional demands, such as enhanced networking, ease of use, and lightweight AI. They plan to release ZimaOS through the Zima family of hardware for personal cloud solutions.

They are opening ZimaOS for testing, inviting users to download it from Github and provide feedback to shape the final product. They emphasize that ZimaOS is currently in an unstable version and should be used with caution.

The CasaOS team reassures the community that their commitment to CasaOS remains strong and that CasaOS will continue to be a community-driven software. They invite the community to participate in the testing project to help shape the future of their personal cloud solution.

The Linux Foundation, BastionZero, and Docker have collaborated to launch the OpenPubkey project. OpenPubkey is an open-source cryptographic protocol that aims to enhance the security of the open-source software ecosystem through zero-trust passwordless authentication.

OpenPubkey was developed as part of BastionZero’s secure infrastructure access product. It allows users to securely bind cryptographic keys to users and workloads by transforming an OpenID Connect Identity Provider (IdP) into a Certificate Authority (CA). In conjunction with the launch of OpenPubkey, BastionZero has integrated it for Docker container signing, further strengthening the security of the software supply chain. Developers can leverage OpenPubkey to build software supply chain or security applications. By augmenting OpenID Connect, OpenPubkey enables users and workloads to sign artifacts under their OpenID identity. These cryptographic keys can be used for secure remote access, as well as signed builds, deployments, and code commits for software supply chain security.

For more information about OpenPubkey, including how to get involved, contribute, and join the community, visit the GitHub page.

CasaOS defines itself as “community-based open-source software that focuses on delivering a simple personal cloud experience built around the Docker ecosystem” and can run a range of hardware, including the Raspberry Pi and the ZimaBoard. CasaOS has released its latest update, version V0.4.4-3, with a focus on optimizing the App Store display and fixing various issues to enhance the user experience. This update can be installed using a command line installation script: curl -fsSL https://get.casaos.io/v0.4.4-3 | sudo bash. For updating, use the command line update script: curl -fsSL https://get.casaos.io/update/v0.4.4-3 | sudo bash.

The key changes in CasaOS v0.4.4-3 include the following:

Enhancements:

• Optimized temperature display support for AMD Ryzen CPUs in CasaOS.

Additions:

• App Store app thumbnails now support click-to-view larger images in CasaOS-UI.
• Removed tagline display from app Store app details and added support for MarkDown rendering in CasaOS-UI.
• When uploading duplicated files, CasaOS-Files will now notify users of transfer failure.

Fixes:

• CasaOS-StorageManager now supports different types of multi-partition mounting.
• Fixed an issue in CasaOS-UI where app Store app details were improperly spaced.
• CasaOS-Files now supports cross-disk replication of empty folders.

The CasaOS team expresses gratitude for the support and feedback received. Users are encouraged to contact them for any questions or suggestions through their GitHub page: https://github.com/IceWhaleTech/CasaOS/issues.

In this tutorial, we’ll deploy Bitwarden on Docker Swarm. It’s based on an earlier tutorial on this site, where we deployed Docker Swarm on DigitalOcean. Bitwarden is a password manager with support for self-hosting. We’ll use bitwarden_rs, an unofficial Bitwarden API server implementation, as it’s a bit faster than the default implementation. Bitwarden_rs is written in Rust and is compatible with the official Bitwarden clients. Bitwarden has the following features, among others:

This short tutorial demonstrates how simple it is to deploy applications, in this case GitLab CE, with a Docker Swarm cluster. It builds on the last one, which deployed a Docker Swarm cluster on DigitalOcean. GitLab CE can also be installed and run on a bare-metal server as well. It assumes you have a Docker Swarm cluster running and that you have root access to your nodes. Prepare Manager Node First, GitLab CE requires a decent amount of resources.