Devops Talks

Provisioning Kubernetes clusters on GCP with Terraform and GKE

TL;DR: In this article you will learn how to create clusters on the GCP Google Kubernetes Engine (GKE) with the gcloud CLI and Terraform. By the end of the tutorial, you will automate creating three clusters (dev, staging, prod) complete with the GKE Ingress in a single click.

UPDATED IN JANUARY 2023

https://learnk8s.io/terraform-gke

👍1

274 viewsAlex Green, 23:03

Devops Talks

Forwarded from Записки админа

🛠 Встала, вроде бы, простая задачка - получить дамп трафика для конкретного приложения в Linux.

Для реализации нашлась утилита nsntrace, которае делает нужное за счёт выполнения приложения в отдельном сетевом неймспейсе. Набросал короткую заметку по этому поводу...

📗 https://sysadmin.pm/nsntrace/

#network #trace #pcap

323 viewsAlex Green, 10:45

Devops Talks

Forwarded from Sysadmin Tools 🇺🇦

Self-hosted Soft Serve

https://charm.sh/blog/self-hosted-soft-serve/

#git #ssh #golang

300 viewsAlex Green, 17:59

Devops Talks

https://github.com/FiloSottile/mkcert

GitHub

GitHub - FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you'd like.

A simple zero-config tool to make locally trusted development certificates with any names you'd like. - FiloSottile/mkcert

402 viewsAlex Green, 18:06

Devops Talks

Forwarded from DevOps&SRE Library

How to manage Kubernetes secrets with GitOps?

https://akuity.io/blog/how-to-manage-kubernetes-secrets-gitops

306 viewsAlex Green, 17:06

Devops Talks

Forwarded from Информация опасносте

Global_Surveillance_The_Secretive_Swiss_Dealer_Enabling_Israeli.pdf

154.4 KB

одно слово — SS7 (хотя слово ли это?). Как уязвимости в этой системе помогают различным преступным организациям в их делах.

ttps://www.haaretz.com/israel-news/security-aviation/2023-05-10/ty-article-magazine/.premium/global-surveillance-the-secretive-swiss-dealer-enabling-israeli-spy-firms/00000188-0005-dc7e-a3fe-22cdf2900000

(а вот и бесплатная версия) https://archive.is/A2qmD

367 viewsAlex Green, 21:09

Devops Talks

https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#

Red Hat Developer

Podman Desktop 1.0: Local container development made easy | Red Hat Developer

As containerization continues to gain popularity in the world of enterprise software development, there is also growing demand for tools and technologies that make container management more accessible

379 viewsAlex Green, 19:20

Devops Talks

Forwarded from DevOps&SRE Library

How to create a cron job docker container using AWS ECS, Fargate, fully automated with Terraform

https://noiselesstech.net/2023/05/04/how-to-create-a-cron-job-docker-container-using-aws-ecs-fargate-fully-automated-with-terraform

338 viewsAlex Green, 16:35

Devops Talks

https://senora-dev.medium.com/why-do-you-need-a-developers-portal-in-your-organization-59506e64ab21

Medium

Why do you need a developers portal in your organization?

In short

305 viewsAlex Green, 19:55

Devops Talks

https://github.com/DevOps-Nirvana/Grafana-Dashboards

GitHub

GitHub - DevOps-Nirvana/Grafana-Dashboards: A variety of open-source Grafana dashboards typically for AWS and Kubernetes

A variety of open-source Grafana dashboards typically for AWS and Kubernetes - DevOps-Nirvana/Grafana-Dashboards

254 viewsAlex Green, 08:34

Devops Talks

Forwarded from opennet.ru

Доступны межсетевые экраны OpenSnitch 1.6.0 и firewalld 2.0 https://opennet.ru/59336/

www.opennet.ru

Доступны межсетевые экраны OpenSnitch 1.6.0 и firewalld 2.0

Опубликован выпуск проекта OpenSnitch 1.6, развивающего открытый аналог проприетарного динамического межсетевого экрана Little Snitch. Приложение позволяет в интерактивном режиме контролировать сетевую активность пользовательских приложений и блокировать…

211 viewsAlex Green, 08:38

Devops Talks

Helmfile is a declarative specification for deploying Helm charts

It lets you:

- Keep a directory of chart value files and maintain changes in version control
- Apply CI/CD to configuration changes
- Periodically sync to avoid skew in environments

https://github.com/helmfile/helmfile

GitHub

GitHub - helmfile/helmfile: Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases. Generate…

Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases. Generate all-in-one manifests for use with ArgoCD. - helmfile/helmfile

225 viewsAlex Green, 19:55

Devops Talks

A DNS-over-HTTPS Command & Control Proof of Concept

https://github.com/sensepost/godoh

GitHub

GitHub - sensepost/godoh: 🕳 godoh - A DNS-over-HTTPS C2

🕳 godoh - A DNS-over-HTTPS C2. Contribute to sensepost/godoh development by creating an account on GitHub.

213 viewsAlex Green, 12:38

Devops Talks

Tini - A tiny but valid init for containers. Хорошая штука, пользуюсь ей много лет.

https://github.com/krallin/tini

GitHub

GitHub - krallin/tini: A tiny but valid `init` for containers

A tiny but valid `init` for containers. Contribute to krallin/tini development by creating an account on GitHub.

243 viewsAlex Green, 13:03

Devops Talks

https://nats.io/blog/exploring-nats-as-a-backend-for-k3s/

NATS.io

Exploring NATS as a backend for k3s

k3s is a lightweight Kubernetes distribution suitable for IoT and edge computing environments. One component k3s leverages is KINE , which is a shim enabling the replacement of etcd with alternate storage backends originally targeting relational databases.…

285 viewsAlex Green, 14:21

Devops Talks

https://medium.com/agoda-engineering/devops-at-agoda-how-we-move-3-million-ci-pipelines-from-vms-to-kubernetes-c05a59b60fb1

Medium

DevOps at Agoda: How we move 3 million CI jobs from VMs to Kubernetes

Our CICD system powers 3 million jobs monthly and it is among the core systems enabling our developers to deliver features rapidly and

237 viewsAlex Green, 12:51

Devops Talks

Отличная статья про разные (популярные) CNI и Network Fabric в Kubernetes:

https://www.suse.com/c/rancher_blog/comparing-kubernetes-cni-providers-flannel-calico-canal-and-weave/

220 viewsAlex Green, edited 18:04

Devops Talks

https://youtu.be/FhwsfH2TpFA

YouTube

This is perhaps my favorite password manager for the terminal

Password managers are a prime target for exploitation given their high reward. For me, I prefer to use self custody to manage my passwords, which gives me control over my own data. Because of this, I use password-store which a unix based password management…

231 viewsAlex Green, 18:50

Devops Talks

https://www.cloudflare.com/en-gb/learning/security/glossary/what-is-bgp/

Cloudflare

What is BGP? | BGP routing explained | Cloudflare

Border Gateway Protocol (BGP) is the routing protocol for the Internet. Much like the post office processing mail, BGP picks the most effecient routes for delivering Internet traffic.

255 viewsAlex Green, 16:35

Devops Talks

https://blog.gitguardian.com/hardening-your-k8-pt-1/

GitGuardian Blog - Take Control of Your Secrets Security

Hardening Your Kubernetes Cluster - Threat Model - GitGuardian Blog

The NSA and CISA recently released a guide on Kubernetes hardening. We'll cover this guide in a three part series. First, let's explore the Threat Model and how it maps to K8s components.

239 viewsAlex Green, 19:55

Devops Talks

Forwarded from Записки админа

lmt - простая утилита, которая позволяет запустить приложение в песочнице (используя cgroupsv2) и ограничить для него ресурсы процессора и память...

https://github.com/Rohansjamadagni/lmt

#cgroups #limit #lmt

200 viewsAlex Green, 16:21

About

Blog

Apps

Platform