In this article, you will learn how giffgaff run all of their applications in an EKS cluster using 100% spot instances and what additional safeguards they put in place to improve reliability.
More: https://itnext.io/running-production-workloads-in-eks-using-spot-instances-fc6808a7b462
More: https://itnext.io/running-production-workloads-in-eks-using-spot-instances-fc6808a7b462
Forwarded from Kubesploit
In this article, you will learn how to set up TLS for your Ingress in Kubernetes.
More: https://dev.to/otomato_io/possible-paths-2hfc
More: https://dev.to/otomato_io/possible-paths-2hfc
👍4
ChartMuseum is an open-source Helm Chart Repository server written in Go (Golang), with support for cloud storage backends.
More: https://github.com/helm/chartmuseum
More: https://github.com/helm/chartmuseum
Forwarded from Kubesploit
This article details the security flaws discovered in Kubernetes and GitOps tools due to improper configurations.
It also demonstrates how an attacker could perform post-exploitation attacks, increasing their privileges and the attack surface.
More: https://medium.com/cloudyrion/kubernetes-end-to-end-chain-exploit-c2be32688fd0
It also demonstrates how an attacker could perform post-exploitation attacks, increasing their privileges and the attack surface.
More: https://medium.com/cloudyrion/kubernetes-end-to-end-chain-exploit-c2be32688fd0
The Web Application Routing add-on for AKS can be considered an evolution to the original HTTP application routing add-on with additional capabilities that make it production-ready.
In this article, you'll discover how it works and if you should use it.
More: https://dev.to/azure/web-application-routing-on-aks-58ap
In this article, you'll discover how it works and if you should use it.
More: https://dev.to/azure/web-application-routing-on-aks-58ap
Forwarded from Kube Builders
awesome-kubernetes is a curated list of awesome Kubernetes references collected since 2018.
More: https://github.com/nubenetes/awesome-kubernetes
More: https://github.com/nubenetes/awesome-kubernetes
ksctl is a simple multi-environment Kubernetes management CLI tool.
More: https://github.com/kubesimplify/ksctl
More: https://github.com/kubesimplify/ksctl
Drifter scans your cluster to find configuration drifts on Kubernetes resources or Helm charts.
More: https://github.com/ajayk/drifter
More: https://github.com/ajayk/drifter
Forwarded from LearnKube news
This week on the Learn Kubernetes Weekly:
⛓ Kubernetes end-to-end chain exploit
♻️ GitOps using Flux and Flagger
🍬 EKS practical tips
🚪 Access Kubernetes from /Proc
🤩 nubenetes/awesome-kubernetes
Read it now: https://learnk8s.io/learn-kubernetes-weekly
⛓ Kubernetes end-to-end chain exploit
♻️ GitOps using Flux and Flagger
🍬 EKS practical tips
🚪 Access Kubernetes from /Proc
🤩 nubenetes/awesome-kubernetes
Read it now: https://learnk8s.io/learn-kubernetes-weekly
charts-syncer is a tool designed to sync chart packages and associated container images between chart repositories.
More: https://github.com/bitnami-labs/charts-syncer
More: https://github.com/bitnami-labs/charts-syncer
Forwarded from Kubesploit
Learn how to recreate the Kubernetes RBAC authorization model from scratch and practice the relationships between Roles, ServiceAccounts, RoleBindings, etc.
More: https://learnk8s.io/rbac-kubernetes
More: https://learnk8s.io/rbac-kubernetes
This repository demonstrates how Helm-based workloads can be managed by ArgoCD.
More: https://github.com/myspotontheweb/gitops-workloads-demo
More: https://github.com/myspotontheweb/gitops-workloads-demo
With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your image registry.
Watchtower will pull down the new image, gracefully shut down the existing container and restart it.
More: https://github.com/containrrr/watchtower
Watchtower will pull down the new image, gracefully shut down the existing container and restart it.
More: https://github.com/containrrr/watchtower
Forwarded from LearnKube news
In this article, you will discuss, enumerate and compare all the options you have to route traffic into a Kubernetes cluster running in Google Cloud (GKE) or on-premise (Anthos on Bare Metal, Anthos on VMware).
More: https://medium.com/@sshcherbakov/ingress-in-google-kubernetes-products-f22ded21f4ed
More: https://medium.com/@sshcherbakov/ingress-in-google-kubernetes-products-f22ded21f4ed
👍1
SuperEdge is a container management system for edge computing to manage compute resources and container applications in multiple edge regions.
These resources and applications, in the current approach, are managed as one single Kubernetes cluster.
More: https://github.com/superedge/superedge
These resources and applications, in the current approach, are managed as one single Kubernetes cluster.
More: https://github.com/superedge/superedge
In this tutorial, you'll learn how to deploy a containerized Python web application on a Kubernetes cluster using AWS CDKv2, EKS, and ECR.
More: https://medium.com/@fraisa/how-to-deploy-a-containerized-web-app-in-a-kubernetes-cluster-using-amazon-eks-cff46b41b8ef
More: https://medium.com/@fraisa/how-to-deploy-a-containerized-web-app-in-a-kubernetes-cluster-using-amazon-eks-cff46b41b8ef
Forwarded from Kubesploit
In this blog post, you'll learn how to encrypt only specific yaml fields in
More: https://medium.com/@samuelbagattin/partial-helm-values-encryption-using-aws-kms-with-argocd-aca1c0d36323
values.yaml, and how to configure ArgoCD to decrypt these secrets on the fly before installing a Helm release.More: https://medium.com/@samuelbagattin/partial-helm-values-encryption-using-aws-kms-with-argocd-aca1c0d36323
Forwarded from LearnKube news
K9s provides a terminal UI to interact with your Kubernetes clusters.
K9s continually watches Kubernetes for changes and offers subsequent commands to interact with your observed resources.
More: https://github.com/derailed/k9s
K9s continually watches Kubernetes for changes and offers subsequent commands to interact with your observed resources.
More: https://github.com/derailed/k9s
In this tutorial, you will find an example of how to manage secrets on Kubernetes with Pulumi and GitOps using Sealed Secrets and ArgoCD.
More: https://blog.ediri.io/advanced-secret-management-on-kubernetes-with-pulumi-and-gitops-sealed-secrets-controller
More: https://blog.ediri.io/advanced-secret-management-on-kubernetes-with-pulumi-and-gitops-sealed-secrets-controller
Forwarded from LearnKube news
Sveltos is a tool for managing Kubernetes add-ons in tens of clusters.
Support for ClusterAPI-powered clusters and Helm charts.
Sveltos has built-in support for multi-tenancy.
More: https://github.com/projectsveltos/sveltos-manager
Support for ClusterAPI-powered clusters and Helm charts.
Sveltos has built-in support for multi-tenancy.
More: https://github.com/projectsveltos/sveltos-manager
Topology Aware Hints is a new feature in EKS that reduces data transfer costs by keeping traffic within the same availability zone.
It uses Pod Topology Spread Constraints to spread Pods evenly onto multiple node topologies.
Learn more in this article.
More: https://blog.ratnopamc.com/reduce-cross-az-traffic-costs-on-eks-using-topology-aware-hints
It uses Pod Topology Spread Constraints to spread Pods evenly onto multiple node topologies.
Learn more in this article.
More: https://blog.ratnopamc.com/reduce-cross-az-traffic-costs-on-eks-using-topology-aware-hints