Devops Talks
@devops_talks
455 subscribers
257 photos
7 videos
41 files
1.19K links
Новости, обновления и короткие посты на тему DevOps и OpenSource.
Download Telegram
About
Blog
Apps
Platform
Join
Devops Talks
455 subscribers
Devops Talks
Forwarded from Записки админа
🛠 SSHLog - инструмент для логирования (и мониторинга в реальном времени) всей активности пользователя после установки им SSH подключения...

https://github.com/sshlog/agent

Реализовано всё с помощью eBPF. Авторы позаботились, и собрали пакеты для популярных дистрибутивов. Достаточно просто добавить репозиторий и установить из него необходимое.

#ssh #security #logs
194 viewsAlex Green
Devops Talks
Forwarded from k8s (in)security (Дмитрий Евдокимов)
Еще одна прекрасно проиллюстрированная статья "Kubernetes: Network Policies" от того же автора, о котором мы недавно уже писали. В этот раз тема про нативную NetworkPolicy. И если вы визуал, как абсолютное большинство людей на этом шарике, то вам такое объяснение принципов работы данного ресурсы точно зайдет.

Также не забываем про классные репозиторий Kubernetes Network Policy Recipes с его анимированными схемами политик!

Про кастомные политики рекомендую посмотреть наше (команды Luntry) выступление "NetworkPolicy — родной межсетевой экран Kubernetes" ;)
237 viewsAlex Green
Devops Talks
Forwarded from DevOps&SRE Library
Provisioning Kubernetes clusters on GCP with Terraform and GKE

TL;DR: In this article you will learn how to create clusters on the GCP Google Kubernetes Engine (GKE) with the gcloud CLI and Terraform. By the end of the tutorial, you will automate creating three clusters (dev, staging, prod) complete with the GKE Ingress in a single click.

UPDATED IN JANUARY 2023

https://learnk8s.io/terraform-gke
👍1
273 viewsAlex Green
Devops Talks
Forwarded from Записки админа
🛠 Встала, вроде бы, простая задачка - получить дамп трафика для конкретного приложения в Linux.

Для реализации нашлась утилита nsntrace, которае делает нужное за счёт выполнения приложения в отдельном сетевом неймспейсе. Набросал короткую заметку по этому поводу...

📗 https://sysadmin.pm/nsntrace/

#network #trace #pcap
322 viewsAlex Green
Devops Talks
Forwarded from Sysadmin Tools 🇺🇦
Self-hosted Soft Serve

https://charm.sh/blog/self-hosted-soft-serve/

#git #ssh #golang
299 viewsAlex Green
Devops Talks
https://github.com/FiloSottile/mkcert
GitHub
GitHub - FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you'd like.
A simple zero-config tool to make locally trusted development certificates with any names you'd like. - FiloSottile/mkcert
398 viewsAlex Green
Devops Talks
Forwarded from DevOps&SRE Library
How to manage Kubernetes secrets with GitOps?

https://akuity.io/blog/how-to-manage-kubernetes-secrets-gitops
303 viewsAlex Green
Devops Talks
Forwarded from Информация опасносте
Global_Surveillance_The_Secretive_Swiss_Dealer_Enabling_Israeli.pdf
154.4 KB
одно слово — SS7 (хотя слово ли это?). Как уязвимости в этой системе помогают различным преступным организациям в их делах.

ttps://www.haaretz.com/israel-news/security-aviation/2023-05-10/ty-article-magazine/.premium/global-surveillance-the-secretive-swiss-dealer-enabling-israeli-spy-firms/00000188-0005-dc7e-a3fe-22cdf2900000

(а вот и бесплатная версия) https://archive.is/A2qmD
365 viewsAlex Green
Devops Talks
https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#
Red Hat Developer
Podman Desktop 1.0: Local container development made easy | Red Hat Developer
As containerization continues to gain popularity in the world of enterprise software development, there is also growing demand for tools and technologies that make container management more accessible
377 viewsAlex Green
Devops Talks
Forwarded from DevOps&SRE Library
How to create a cron job docker container using AWS ECS, Fargate, fully automated with Terraform

https://noiselesstech.net/2023/05/04/how-to-create-a-cron-job-docker-container-using-aws-ecs-fargate-fully-automated-with-terraform
335 viewsAlex Green
Devops Talks
https://senora-dev.medium.com/why-do-you-need-a-developers-portal-in-your-organization-59506e64ab21
Medium
Why do you need a developers portal in your organization?
In short
302 viewsAlex Green
Devops Talks
https://github.com/DevOps-Nirvana/Grafana-Dashboards
GitHub
GitHub - DevOps-Nirvana/Grafana-Dashboards: A variety of open-source Grafana dashboards typically for AWS and Kubernetes
A variety of open-source Grafana dashboards typically for AWS and Kubernetes - DevOps-Nirvana/Grafana-Dashboards
251 viewsAlex Green
Devops Talks
Forwarded from opennet.ru
Доступны межсетевые экраны OpenSnitch 1.6.0 и firewalld 2.0 https://opennet.ru/59336/
www.opennet.ru
Доступны межсетевые экраны OpenSnitch 1.6.0 и firewalld 2.0
Опубликован выпуск проекта OpenSnitch 1.6, развивающего открытый аналог проприетарного динамического межсетевого экрана Little Snitch. Приложение позволяет в интерактивном режиме контролировать сетевую активность пользовательских приложений и блокировать…
208 viewsAlex Green
Devops Talks
Helmfile is a declarative specification for deploying Helm charts

It lets you:

- Keep a directory of chart value files and maintain changes in version control
- Apply CI/CD to configuration changes
- Periodically sync to avoid skew in environments

https://github.com/helmfile/helmfile
GitHub
GitHub - helmfile/helmfile: Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases. Generate…
Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases. Generate all-in-one manifests for use with ArgoCD. - helmfile/helmfile
223 viewsAlex Green
Devops Talks
A DNS-over-HTTPS Command & Control Proof of Concept

https://github.com/sensepost/godoh
GitHub
GitHub - sensepost/godoh: 🕳 godoh - A DNS-over-HTTPS C2
🕳 godoh - A DNS-over-HTTPS C2. Contribute to sensepost/godoh development by creating an account on GitHub.
211 viewsAlex Green
Devops Talks
Tini - A tiny but valid init for containers. Хорошая штука, пользуюсь ей много лет.

https://github.com/krallin/tini
GitHub
GitHub - krallin/tini: A tiny but valid `init` for containers
A tiny but valid `init` for containers. Contribute to krallin/tini development by creating an account on GitHub.
243 viewsAlex Green
Devops Talks
https://nats.io/blog/exploring-nats-as-a-backend-for-k3s/
NATS.io
Exploring NATS as a backend for k3s
k3s is a lightweight Kubernetes distribution suitable for IoT and edge computing environments. One component k3s leverages is KINE , which is a shim enabling the replacement of etcd with alternate storage backends originally targeting relational databases.…
283 viewsAlex Green
Devops Talks
https://medium.com/agoda-engineering/devops-at-agoda-how-we-move-3-million-ci-pipelines-from-vms-to-kubernetes-c05a59b60fb1
Medium
DevOps at Agoda: How we move 3 million CI jobs from VMs to Kubernetes
Our CICD system powers 3 million jobs monthly and it is among the core systems enabling our developers to deliver features rapidly and
236 viewsAlex Green
Devops Talks
Отличная статья про разные (популярные) CNI и Network Fabric в Kubernetes:

https://www.suse.com/c/rancher_blog/comparing-kubernetes-cni-providers-flannel-calico-canal-and-weave/
219 viewsAlex Green, edited  
Devops Talks
https://youtu.be/FhwsfH2TpFA
YouTube
This is perhaps my favorite password manager for the terminal
Password managers are a prime target for exploitation given their high reward. For me, I prefer to use self custody to manage my passwords, which gives me control over my own data. Because of this, I use password-store which a unix based password management…
230 viewsAlex Green
Devops Talks
https://www.cloudflare.com/en-gb/learning/security/glossary/what-is-bgp/
Cloudflare
What is BGP? | BGP routing explained | Cloudflare
Border Gateway Protocol (BGP) is the routing protocol for the Internet. Much like the post office processing mail, BGP picks the most effecient routes for delivering Internet traffic.
254 viewsAlex Green