Project Agumbe: Share Objects Across Namespaces in Kubernetes
At Salesforce, we use Kubernetes to orchestrate our services layer and recently ran into a use case where we wanted to apply and manage certain common objects across Kubernetes namespaces. Since there’s no native solution to share objects across namespaces or the concept of a global object, we used Kubernetes’ extensibility to solve the problem. In this post, I’ll shed light on how we accomplished this.
https://engineering.salesforce.com/project-agumbe-share-objects-across-namespaces-in-kubernetes-1fc2e1ddb3ebBuilding a Kubernetes CI/CD Pipeline with GitLab and Helm
https://nextlinklabs.com/insights/kubernetes-ci-cd-gitlab-with-helm
https://nextlinklabs.com/insights/kubernetes-ci-cd-gitlab-with-helm
PostgreSQL on ARM-based AWS EC2 Instances: Is It Any Good?
https://www.percona.com/blog/2021/01/22/postgresql-on-arm-based-aws-ec2-instances-is-it-any-good
https://www.percona.com/blog/2021/01/22/postgresql-on-arm-based-aws-ec2-instances-is-it-any-good
System Design для самых маленьких
Собрались вы как-то с другом детства Василием и решили создать стартап. Василий предлагает оригинальную идею: «а давай сделаем русский Craigslist, будет Vasyaslist?». Идея отличная, свежая. Вам нравится. Василий будет CEO, а вы — CTO.https://vitkarpov.me/posts/what-is-system-design
Ваша задача — спроектировать всю платформу с технической точки зрения. У вас есть маркерная доска, кофе и пару часов времени. Во-первых, надо понять что из себя будет представлять эта «платформа», а так же спланировать её развитие на 5 лет и понять какие нужны будут для этого ресурсы.
Вы делаете глубокий вдох, и начинаете свой рассказ. Василий внимательно слушает.
Four levels of maturity that bridge the AppSec / engineering divide
Level 1: Security finds problems; Engineering fixes themhttps://r2c.dev/blog/2021/four-levels-of-maturity-that-bridge-the-app-sec-engineering-divide
Level 2: Security and Engineering collaborate to produce test cases and remediations
Level 3: After the issue is fixed, Security and Engineering collaborate to find systemic fixes and develop checks
Level 4: Security and Engineering now also proactively look for new classes of issues and create systemic checks before an actual problem occurs
A visual guide on troubleshooting Kubernetes deployments
UPDATED IN JANUARY 2021https://learnk8s.io/troubleshooting-deployments
Konveyor
Konveyor is a community of people passionate about helping others modernize and migrate their applications to the hybrid cloud by building tools, identifying patterns, and providing advice on how to break down monoliths, adopt containers, and embrace Kubernetes.https://konveyor.io
The Konveyor Community is working on tools in many areas. Here is a quick overview of some of the tools:
crane - Migrate namespaces between Kubernetes clusters.
forklift - Migrate virtual machines to KubeVirt.
move2kube - Migrate from Cloud Foundry or Docker Swarm to Kubernetes.
pelorus - Measure the four critical measures to software delivery performance.
windup - Analyze applications for modernization paths.
Chaos Experiments on Kubernetes using Litmus to ensure your cluster is production ready
https://www.civo.com/learn/chaos-engineering-kubernetes-litmus
https://www.civo.com/learn/chaos-engineering-kubernetes-litmus
A visual guide to SSH tunnels
This page explains use cases and examples of SSH tunnels while visually presenting the traffic flows.https://robotmoon.com/ssh-tunnels
Building DigitalOcean's API gateway
https://mauricio.github.io/2021/01/14/building-digitaloceans-api-gateway.html
https://mauricio.github.io/2021/01/14/building-digitaloceans-api-gateway.html
How to Debug CrashLoopBackOff in a Container
https://releaseapp.io/blog/kubernetes-how-to-debug-crashloopbackoff-in-a-container
https://releaseapp.io/blog/kubernetes-how-to-debug-crashloopbackoff-in-a-container
Bad Pods: Kubernetes Pod Privilege Escalation
https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation
https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation
Fulfilling the promise of CI/CD
When people say “CI/CD,” they are only talking about continuous integration. Nobody is talking about (or practicing) continuous deployment. AT ALL. It’s like we have all forgotten it exists. It's time to change that.https://stackoverflow.blog/2021/01/19/fulfilling-the-promise-of-ci-cd
Rewriting your git history, removing files permanently - cheatsheet & guide
https://blog.gitguardian.com/rewriting-git-history-cheatsheet
https://blog.gitguardian.com/rewriting-git-history-cheatsheet
DigitalOcean Bill Monitoring
Get insights on you DigitalOcean spending and configure custom alerts with notifications if overspending.https://bill.do