Case Studies

Problem: The client experienced issues setting up a second node for high availability in their OpenSearch cluster. While the first node worked properly, the second node encountered SSL handshake errors when both nodes were used simultaneously. Process: The expert reviewed the client’s YML configurations and SSL certificate setups. They provided detailed feedback on correcting SSL […]

Problem: The client reported an issue and requested support to address potential vulnerabilities. A security issue was identified in an Apache Airflow instance, version 2.5.0, involving the absence of an account lockout mechanism. Solution: Our expert identified two key measures to enhance Airflow security and responded to the client’s request with the following recommendations: Implementing […]

Problem: The client reported an issue with the hard limit of 1MB for ConfigMap storage in Helm, which was causing problems with their deployment process. This limitation hindered their ability to store large configurations, necessitating a solution that could accommodate their growing data needs. Solution: To address the issue, the expert initiated an in-depth investigation. […]

Problem: The client faced an issue with Apache Cassandra where an error occurred while building indexes. The error message was: Unexpected error while building indexes: Could not find type for id: 12297. The client had also partially configured dual data centers, which added complexity to the problem. Process: Initial Identification: The expert determined that the […]

Problem: The client is using kube-prometheus-stack version 44.2.1 as their monitoring solution, and Twistlock scans have identified vulnerabilities in various packages including github.com/docker/distribution (CVE-2023-2253), golang.org/x/net (CVE-2022-41723), github.com/emicklei/go-restful/v3, and Go language with CVEs such as CVE-2021-29923, CVE-2021-38297, CVE-2021-39293, CVE-2021-41771, CVE-2021-41772, CVE-2021-44716, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806, CVE-2022-24675, CVE-2022-24921, CVE-2022-27664, CVE-2022-28131, CVE-2022-28327, CVE-2022-2879, CVE-2022-2880, CVE-2022-30580, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, […]

Problem: The client requested a solution to automate the update process for the Helm/Kubernetes compatibility matrix. It’s crucial to address this issue because relying on manual updates causes delays in the adoption of Helm and results in the use of outdated Helm versions. The lack of automation results in incomplete release notes and repeated postponements, […]

Problem: The client wanted to allow admins to reset user passwords without forcing the next login change. Process: The expert confirmed that FreeIPA didn’t respect the set attribute with –setattr=krbPasswordExpiration from the command line. It changed the password but the expiry date automatically adjusted to the value from global_policy `ipa pwpolicy-show`. The expert tried to […]

Problem: The client was experiencing issues with their Wiki.js application running on an AWS EC2 instance, utilizing PostgreSQL as the database and Docker for deployment. After a system crash, attempts to restart the application via the Docker Compose file resulted in errors. The client requested assistance in investigating the problem, stating that while the application […]

Problem: Our customer, using Opensearch (1 node) with SSL in their production environment, faced challenges while implementing a new node to ensure high availability. When individually pointing our application (Actone) to the new node, indexing and searching worked as expected. However, integrating both nodes simultaneously resulted in a – javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown error […]