Configurations, including security configurations, of hardware, software, services and networks shall be established, documented, implemented, monitored and reviewed.
We implement GitOps methodologies across our infrastructure, ensuring that every configuration change is recorded in Git, with all the commits signed with their GPG keys, via YubiKey. This transparency not only simplifies the tracking of changes but also facilitates easy rollbacks in case of issues, supporting a culture of accountability and continuous improvement.
For managing Linux system configurations (via Linuxaid), we utilize Puppet/Openvox as our Infrastructure as Code (IaC) solution. Configuration changes are regularly synchronized to the Puppet server using g10k, which is also configurable via KubeAid. This ensures that our Linux configurations are consistently maintained and readily adaptable.
For our Kubernetes configurations (via Kubeaid), we rely on ArgoCD to manage resources effectively. This tool enables us to apply GitOps principles, making it easy to monitor and configure Kubernetes resources in real-time. By integrating ArgoCD, we streamline our configuration management processes, ensuring consistency and quick response to any necessary adjustments.