Kubernetes Security Profiles Operator
The Security Profiles Operator (SPO) is an out-of-tree Kubernetes enhancement which aims to make it easier for users to use SELinux, seccomp and AppArmor in Kubernetes clusters
👉 https://github.com/kubernetes-sigs/security-profiles-operator
#kubernetes #security
The Security Profiles Operator (SPO) is an out-of-tree Kubernetes enhancement which aims to make it easier for users to use SELinux, seccomp and AppArmor in Kubernetes clusters
👉 https://github.com/kubernetes-sigs/security-profiles-operator
#kubernetes #security
Forwarded from Полуконсольная мышь
kubectl-ice is a kubectl plugin that allows you to easily view advanced configuration of all containers that are running inside pods to assist in troubleshooting and information gathering
👉 https://github.com/NimbleArchitect/kubectl-ice
#kubernetes #kubectl
👉 https://github.com/NimbleArchitect/kubectl-ice
#kubernetes #kubectl
Enforce Audit Policy in Kubernetes (k8s)
Do you want to keep a check on your Kubernetes production-grade environment for the following activities:
🔹 Who logged in to your Kubernetes Cluster?
🔹 Which service account or user accessed what resource(s) in the cluster?
🔹 Who created the secrets or config maps?
🔹 Who read the secrets from ETCD, and many more?
Then enforcing audit policy in Kubernetes is the right choice for you.
👉 https://levelup.gitconnected.com/enforce-audit-policy-in-kubernetes-k8s-34e504733300
#kubernetes #security
Do you want to keep a check on your Kubernetes production-grade environment for the following activities:
🔹 Who logged in to your Kubernetes Cluster?
🔹 Which service account or user accessed what resource(s) in the cluster?
🔹 Who created the secrets or config maps?
🔹 Who read the secrets from ETCD, and many more?
Then enforcing audit policy in Kubernetes is the right choice for you.
👉 https://levelup.gitconnected.com/enforce-audit-policy-in-kubernetes-k8s-34e504733300
#kubernetes #security
Awesome Kubernetes (K8s) Security
A curated list for Awesome Kubernetes Security resources
👉 https://github.com/magnologan/awesome-k8s-security
#kubernetes #security
A curated list for Awesome Kubernetes Security resources
👉 https://github.com/magnologan/awesome-k8s-security
#kubernetes #security
Новый экзамен Kyverno Fundamentals Certification
Сейчас наверно только ленивый не придумывает новые сертификации. С другой стороны если она бесплатная, то почему бы не получить бейдж 🙂
👉 https://learn.nirmata.com/courses/kyverno-fundamentals-certification
Тем более, что есть бесплатные курсы для подготовки
🔹 Introduction to Kyverno
🔹 Kyverno In Production
#kubernetes #kyverno #exam
Сейчас наверно только ленивый не придумывает новые сертификации. С другой стороны если она бесплатная, то почему бы не получить бейдж 🙂
👉 https://learn.nirmata.com/courses/kyverno-fundamentals-certification
Тем более, что есть бесплатные курсы для подготовки
🔹 Introduction to Kyverno
🔹 Kyverno In Production
#kubernetes #kyverno #exam
Решил продолжить пополнять список бесплатных сертификаций. На этот раз халява от New Relic:
🔹 Full Stack Observability Exam
🔹 Programmability Certification
Братцы, делитесь в комментариях бесплатными курсами. Стоят они потраченного времени или нет?
#monitoring #newrelic #exam
🔹 Full Stack Observability Exam
🔹 Programmability Certification
Братцы, делитесь в комментариях бесплатными курсами. Стоят они потраченного времени или нет?
#monitoring #newrelic #exam
Kustomize Best Practices
Part 1
🔹 If something is the same between multiple overlays, consider putting it in your base
🔹 Use multiple bases to compose different application components
🔹 Use remote bases
Part 2
🔹 Overlays can be a base for other overlays
🔹 Consider disabling name suffix hashing for secrets and configMaps
🔹 Test before patching list items with JSON6902 to make sure that item position within the list hasn’t changed
#kustomize
Part 1
🔹 If something is the same between multiple overlays, consider putting it in your base
🔹 Use multiple bases to compose different application components
🔹 Use remote bases
Part 2
🔹 Overlays can be a base for other overlays
🔹 Consider disabling name suffix hashing for secrets and configMaps
🔹 Test before patching list items with JSON6902 to make sure that item position within the list hasn’t changed
#kustomize
How Consul and Kubernetes Work Together
Webinar + Transcript
🔹 Discovering Services Across Multiple Kubernetes Clusters and Services Running Outside Kubernetes
🔹 Consul as a Universal Service Discovery Layer
🔹 Consul and Service Mesh
🔹 Layer 7 Traffic Management
🔹 Enabling More Observability
🔹 Integrating Consul and Terraform
👉 https://www.hashicorp.com/resources/whiteboard-how-consul-and-kubernetes-work-together
#consul #kubernetes
Webinar + Transcript
🔹 Discovering Services Across Multiple Kubernetes Clusters and Services Running Outside Kubernetes
🔹 Consul as a Universal Service Discovery Layer
🔹 Consul and Service Mesh
🔹 Layer 7 Traffic Management
🔹 Enabling More Observability
🔹 Integrating Consul and Terraform
👉 https://www.hashicorp.com/resources/whiteboard-how-consul-and-kubernetes-work-together
#consul #kubernetes
Load balancing and scaling long-lived connections in Kubernetes
Kubernetes doesn't load balance long-lived connections, and some Pods might receive more requests than others. If you're using HTTP/2, gRPC, RSockets, AMQP or any other long-lived connection such as a database connection, you might want to consider client-side load balancing.
👉 https://learnk8s.io/kubernetes-long-lived-connections
#kubernetes
Kubernetes doesn't load balance long-lived connections, and some Pods might receive more requests than others. If you're using HTTP/2, gRPC, RSockets, AMQP or any other long-lived connection such as a database connection, you might want to consider client-side load balancing.
👉 https://learnk8s.io/kubernetes-long-lived-connections
#kubernetes
Policy As Code on Kubernetes With Kyverno
Enforce Kubernetes best practices for your organisation with CRD
👉 https://betterprogramming.pub/policy-as-code-on-kubernetes-with-kyverno-b144749f144
#kyverno #kubernetes
Enforce Kubernetes best practices for your organisation with CRD
👉 https://betterprogramming.pub/policy-as-code-on-kubernetes-with-kyverno-b144749f144
#kyverno #kubernetes
KubeDay Japan 2022
Наиболее интересные выступления на наш взгляд? А что, братцы, заинтересовало вас?
🔹 Hello eBPF! Goodbye Sidecars?
🔹 Autoscale Your on-Premises Bare Metal Kubernetes Clusters
🔹 A New Way to Deploy Pod Security Policies Using Kyverno
🔹 Generalizing Policy-as-Code for Compliance Posture Management on Multi-Cloud Infrastructure
🔹 Distributed Tracing Integration with OpenTelemetry and Knative
Записи остальных выступлений в плейлисте
👉 https://www.youtube.com/playlist?list=PLj6h78yzYM2Paf46ZWrXTqK9NHWjtMxhc
#kubernetes #kubeday
Наиболее интересные выступления на наш взгляд? А что, братцы, заинтересовало вас?
🔹 Hello eBPF! Goodbye Sidecars?
🔹 Autoscale Your on-Premises Bare Metal Kubernetes Clusters
🔹 A New Way to Deploy Pod Security Policies Using Kyverno
🔹 Generalizing Policy-as-Code for Compliance Posture Management on Multi-Cloud Infrastructure
🔹 Distributed Tracing Integration with OpenTelemetry and Knative
Записи остальных выступлений в плейлисте
👉 https://www.youtube.com/playlist?list=PLj6h78yzYM2Paf46ZWrXTqK9NHWjtMxhc
#kubernetes #kubeday
Jaeger для трассировки в микросервисной архитектуре
Воркшоп от Яндекс Практикум
👉 https://youtu.be/49fA7gQsDwA
Воркшоп от Яндекс Практикум
👉 https://youtu.be/49fA7gQsDwA
YouTube
«Jaeger для трассировки в микросервисной архитектуре»
Рассмотрим один из популярных инструментов, который помогает находить узкие места в производительности. Разберём на примере, как правильно настроить трассировку. Вы узнаете, с какими проблемами можно столкнуться в процессе, а эксперт ответит на вопросы.
…
…
Братцы! С наступающим Новым годом! Удачи нам всем и успехов! Безграничных творческих порывов и драйва!
#HappyNewYear
#HappyNewYear
Technical debt: how to measure and manage it with DevOps
What is technical debt? When a technical team implements a sub-optimal solution to a problem, they are making a trade-off between paying the cost now to implement the optimal solution versus paying it later. In doing so, this team is incurring a technical “debt.”
👉 https://circleci.com/blog/manage-and-measure-technical-debt/
#productivity
What is technical debt? When a technical team implements a sub-optimal solution to a problem, they are making a trade-off between paying the cost now to implement the optimal solution versus paying it later. In doing so, this team is incurring a technical “debt.”
👉 https://circleci.com/blog/manage-and-measure-technical-debt/
#productivity
Что такое SLI, SLO, SLA?
Если ты до сих пор путаешь понятия 😎
🎥 https://youtu.be/14YSD5b0jHE
#devops #sre
Если ты до сих пор путаешь понятия 😎
🎥 https://youtu.be/14YSD5b0jHE
#devops #sre
Forwarded from ДЕВОПСИНА | DevOps | Linux
This media is not supported in your browser
VIEW IN TELEGRAM
HR готовит новенького девопса для знакомства с его будущей командой, да... к такому дерьму привыкнуть сложно
@devopsina
@devopsina
⚡1
Grafana Loki top 5 query performance tips
🎥 https://www.youtube.com/watch?v=YED8XIm0YPs&ab_channel=Grafana
#grafana #loki
🎥 https://www.youtube.com/watch?v=YED8XIm0YPs&ab_channel=Grafana
#grafana #loki
YouTube
Grafana Loki top 5 query performance tips
In this video, we will discuss some key tips and techniques you can use to optimize the performance of your Loki queries in Grafana Loki.
By following these best practices, you can ensure that your Loki queries are executed efficiently and effectively.…
By following these best practices, you can ensure that your Loki queries are executed efficiently and effectively.…
Flamingo - the Flux Subsystem for Argo
FSA is a project that brings the Terraform management features from the Flux world to your Argo CD user interface
👉 https://github.com/flux-subsystem-argo/flamingo
#flux #argo #gitops
FSA is a project that brings the Terraform management features from the Flux world to your Argo CD user interface
👉 https://github.com/flux-subsystem-argo/flamingo
#flux #argo #gitops