Drifter scans your cluster to find configuration drifts on Kubernetes resources or Helm charts.

More: https://github.com/ajayk/drifter

This week on the Learn Kubernetes Weekly:

⛓ Kubernetes end-to-end chain exploit
♻️ GitOps using Flux and Flagger
🍬 EKS practical tips
🚪 Access Kubernetes from /Proc
🤩 nubenetes/awesome-kubernetes

Read it now: https://learnk8s.io/learn-kubernetes-weekly

charts-syncer is a tool designed to sync chart packages and associated container images between chart repositories.

More: https://github.com/bitnami-labs/charts-syncer

Learn how to recreate the Kubernetes RBAC authorization model from scratch and practice the relationships between Roles, ServiceAccounts, RoleBindings, etc.

More: https://learnk8s.io/rbac-kubernetes

This repository demonstrates how Helm-based workloads can be managed by ArgoCD.

More: https://github.com/myspotontheweb/gitops-workloads-demo

With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your image registry.

Watchtower will pull down the new image, gracefully shut down the existing container and restart it.

More: https://github.com/containrrr/watchtower

In this article, you will discuss, enumerate and compare all the options you have to route traffic into a Kubernetes cluster running in Google Cloud (GKE) or on-premise (Anthos on Bare Metal, Anthos on VMware).

More: https://medium.com/@sshcherbakov/ingress-in-google-kubernetes-products-f22ded21f4ed

SuperEdge is a container management system for edge computing to manage compute resources and container applications in multiple edge regions.

These resources and applications, in the current approach, are managed as one single Kubernetes cluster.

More: https://github.com/superedge/superedge

In this tutorial, you'll learn how to deploy a containerized Python web application on a Kubernetes cluster using AWS CDKv2, EKS, and ECR.

More: https://medium.com/@fraisa/how-to-deploy-a-containerized-web-app-in-a-kubernetes-cluster-using-amazon-eks-cff46b41b8ef

In this blog post, you'll learn how to encrypt only specific yaml fields in values.yaml, and how to configure ArgoCD to decrypt these secrets on the fly before installing a Helm release.

More: https://medium.com/@samuelbagattin/partial-helm-values-encryption-using-aws-kms-with-argocd-aca1c0d36323

K9s provides a terminal UI to interact with your Kubernetes clusters.

K9s continually watches Kubernetes for changes and offers subsequent commands to interact with your observed resources.

More: https://github.com/derailed/k9s

In this tutorial, you will find an example of how to manage secrets on Kubernetes with Pulumi and GitOps using Sealed Secrets and ArgoCD.

More: https://blog.ediri.io/advanced-secret-management-on-kubernetes-with-pulumi-and-gitops-sealed-secrets-controller

Sveltos is a tool for managing Kubernetes add-ons in tens of clusters.

Support for ClusterAPI-powered clusters and Helm charts.

Sveltos has built-in support for multi-tenancy.

More: https://github.com/projectsveltos/sveltos-manager

Topology Aware Hints is a new feature in EKS that reduces data transfer costs by keeping traffic within the same availability zone.

It uses Pod Topology Spread Constraints to spread Pods evenly onto multiple node topologies.

Learn more in this article.

More: https://blog.ratnopamc.com/reduce-cross-az-traffic-costs-on-eks-using-topology-aware-hints

In this article, you will have a look at 12 security scanners for Kubernetes.

More: https://towardsdev.com/12-scanners-to-find-security-vulnerabilities-and-misconfigurations-in-kubernetes-332a738d076d

hardeneks is a tool that runs checks to see if an EKS cluster follows EKS Best Practices.

More: https://github.com/aws-samples/hardeneks

In this post, you'll learn how to create a new environment for each pull request with ArgoCD.

- Creating a Pull Request creates a new environment.
- Each git push builds an image and updates the app.
- Closing the pull request terminates the environment.

More: https://medium.com/@jerome.decoster/create-temporary-environment-from-pull-request-with-argocd-applicationset-1cef9803223a

Master Kubernetes with Learnk8s' Advanced Kubernetes workshops!

What should you expect?

- Learn how to architect and design clusters from the ground up (in the cloud or on-prem).
- Explore the Kubernetes internal component and how the system is designed with resiliency in mind.
- Deep-dive into the networking components and observe the packets flowing into the cluster.
- Hands-on labs to test the theory with real-world scenarios!
- And more.

The next course is next week and you can sign up here: https://learnk8s.io/online-advanced-april-2023

KubeBrain is a project that aims to replace etcd with a pluggable storage engine for Kubernetes.

More: https://github.com/kubewharf/kubebrain

In this article, you'll learn how to deploy a web application to Azure Kubernetes Service (AKS) without writing any Docker or Kubernetes manifest files.

Instead, you'll use Draft and Acorn.

More: https://medium.com/@pauldotyu/app-to-aks-with-draft-and-acorn-2d25f19649b7

This week on the Learn Kubernetes Weekly:

☁️ Using topology aware hints in EKS
👮‍♀️ 12 security scanners for Kubernetes
👻 Temporary environments with ApplicationSet
🦐 oslabs-beta/Palaemon
📦 Endpoints monitoring with blackbox-exporter

Read it now: https://learnk8s.io/learn-kubernetes-weekly