DevOps&SRE Library
19.5K subscribers
443 photos
2 videos
2 files
5.37K links
Библиотека статей по теме DevOps и SRE.

Реклама: @ostinostin
Контент: @mxssl

РКН: https://www.gosuslugi.ru/snet/67704b536aa9672b963777b3
Download Telegram
Handling Leaked Secrets and Credentials in Version Control Repositories

We have all been there. You are pushing a hotfix at midnight, you forget to remove a test API key you hardcoded during debugging, and it ends up in the main branch. Secrets leaking into version control is one of the most common and costly security mistakes in software development.


https://medium.com/@mgaurang123/handling-leaked-secrets-and-credentials-in-version-control-repositories-e11149b8a8b9
Running Production Minded Kubernetes on a Raspberry Pi

This cluster runs on a Raspberry Pi 3, inside a normal household network, behind an ISP router that cannot be replaced. The goal was not to build a "homelab". The goal was to design a small, portable, security-focused platform using the same principles I would apply in a professional environment.


https://medium.com/@razeen.abdal-rahman/running-production-minded-kubernetes-on-a-raspberry-pi-81aa0ae6687f
The Complete OpenSSL & TLS Debugging Guide: From Root CA to Kubernetes

A practical, production-ready cheat sheet to understand certificates, fix TLS handshake errors and debug real-world issues using OpenSSL, curl and Kubernetes.


https://medium.com/@amolsingh.singh23/the-complete-openssl-tls-debugging-guide-from-root-ca-to-kubernetes-b0d9f9dfcda3
nodecore

A fault-tolerant, API-agnostic RPC load balancer for blockchain APIs.


https://github.com/drpcorg/nodecore
Benchmarking Kubernetes Log Collectors: vlagent, Vector, Fluent Bit, OpenTelemetry Collector, and more

At VictoriaMetrics, we built vlagent as a high-performance log collector for VictoriaLogs. To validate its performance and correctness under a real production-like load, we developed a benchmark suite and ran it against 8 popular log collectors. This post covers the methodology, throughput results, resource usage, and delivery correctness.


https://victoriametrics.com/blog/log-collectors-benchmark-2026/index.html
Exploring ListenerSets in Gateway API v1.5

With the retirement of ingress-nginx I've seen a lot of frustrations with Gateway API migrations due to differences in some of the resource models. The common problem is that Ingress users are often running self-service models, where application teams fully own their ingress configuration, including TLS certificates.


https://blog.howardjohn.info/posts/listenerset
1
In-Place PVC Re-Binding: Zero-Downtime Disk Migration on Kubernetes

Standard migration paths require downtime. At our scale, taking hundreds of disks (backing data stores like ClickHouse, CockroachDB, Kafka, Prometheus) offline was off limits. This blog introduces an in-place PVC re-binding technique that swaps a PersistentVolumeClaim's backing PersistentVolume while keeping the underlying disk intact. It requires only a single pod restart per volume, done entirely using the Kubernetes API natively with no custom software or control plane hacks.


https://blog.cleancompute.net/p/pvc-re-binding
1
Kubernetes Optimization Beyond Requests and Limits — Node Scaling Blockers

Stop paying for idle resources. Learn to identify and eliminate the hidden blockers preventing your cluster from scaling down.


https://medium.com/@david.b.chase/kubernetes-optimization-beyond-requests-and-limits-node-scaling-blockers-649ae187f54a
From Docker Compose to Kubernetes on AWS: A Hands-On Migration Story

How we took a 5-service Java application from docker-compose up to a production-grade Kubernetes cluster — and every bug we hit along the way.


https://medium.com/@zaouchwalid/from-docker-compose-to-kubernetes-on-aws-a-hands-on-migration-story-0ce5f52bb9dc
Connecting Multi-Cloud Applications with Cilium

This article explores how Cilium Cluster Mesh simplifies multi-cluster Kubernetes connectivity, covering both the underlying challenges of so-called Mesh solution and how Cilium addresses them. It also provides a hands-on scenario that interconnects a multi-cloud application running on the native Kubernetes services of Amazon Web Services and Google Cloud Platform.


https://aws.plainenglish.io/connecting-multi-cloud-applications-with-cilium-d49e8363f05f
Automated GitOps: from ECR push to EKS deploy

In this article, we'll walk through how to build a fully automated CI/CD workflow using Argo CD, Argo CD Image Updater, GitHub, Amazon Elastic Container Registry, Amazon Elastic Kubernetes Service. This setup enables automatic deployment whenever a new container image is pushed to the registry with no manual intervention.


https://medium.com/@alex.ivenin/automated-gitops-from-ecr-push-to-eks-deploy-a210cee0600c
Build a Kubernetes Cluster at Home with Raspberry Pis

Most people interact with Kubernetes through the cloud. They probably are as close to the cluster as they are to their laptop. Using a cluster in the cloud with a web browser or terminal is fine but there is something more intimate or rewarding to deploying a kubernetes cluster on bare metal. And even more rewarding is physically unplugging a node and watch Kubernetes rebalancing the workloads.


https://dev.to/anavalo/building-a-kubernetes-cluster-at-home-with-raspberry-pis-1l8c
🤖 ИИ врёт в проде
А ещё может ломать процессы, уводить данные не туда и уверенно предлагать неверные решения.

Слёрм запускает БЕСПЛАТНУЮ вечернюю школу «ИИ для инженеров: польза и риски».

Это серия онлайн-занятий о том, как использовать ИИ в инженерной работе осознанно, безопасно и с понятной пользой.

🧩 Будем разбирать реальные инженерные сценарии:
— как ИИ помогает DevOps-, SRE- и infrastructure-командам
— как использовать LLM для алёртов, инцидентов, логов, тикетов и документации
— где ИИ реально экономит время, а где создаёт новые риски
— как проверять результат модели и не ловить галлюцинации в проде
— что делать с безопасностью, данными, compliance и юридическими ограничениями
— как встроить ИИ в рабочий процесс, а не просто иногда спрашивать у него команды.

🧩 В программе шесть онлайн-занятий с практиками из ИТ:
— ИИ для разбора метрик и шумных алёртов
— автофикс проблем прода с ИИ
— ИИ-агенты в бизнес-задачах
— юридические риски использования ИИ
— LLM в SOC и борьба с alert fatigue
— инженерное мышление в эпоху LLM

Школа подойдёт DevOps-, SRE-, infrastructure-, platform- и security-инженерам, а также всем, кто уже пробовал ИИ в работе и хочет понять, как использовать его системнее и безопаснее.

📅 Старт — 21 июля.

💸 Участие бесплатное, занятия проходят онлайн.

👉🏻 Узнать подробнее и зарегистрироваться в боте

Реклама. ООО "Слерм", ИНН: 3652901451, erid: 2Vtzqxjgnsc
Please open Telegram to view this post
VIEW IN TELEGRAM
A field guide to sandboxes for AI

Every AI agent eventually asks for the same thing: "Let me run a program." Sometimes it's a harmless pytest. Sometimes it's pip install sketchy-package && python run.py. Either way, the moment you let an agent execute code, you're running untrusted bytes on a machine you care about.


https://www.luiscardoso.dev/blog/sandboxes-for-ai
Forwarded from about:performance
Please open Telegram to view this post
VIEW IN TELEGRAM