A Golang Tool to discover unused Kubernetes Resources
https://github.com/yonahd/kor
https://github.com/yonahd/kor
GitHub
GitHub - yonahd/kor: A Golang Tool to discover unused Kubernetes Resources
A Golang Tool to discover unused Kubernetes Resources - yonahd/kor
π5π―2π₯1π1
The article is about how to use Istio, a service mesh for Kubernetes, to implement authentication and authorization policies for microservices. The article demonstrates how to enable mutual TLS encryption, JWT authentication, and RBAC policies to secure service-to-service communication. The article also provides code examples and commands to configure and test the policies.
https://www.infracloud.io/blogs/istio-authentication-authorization-policies/
https://www.infracloud.io/blogs/istio-authentication-authorization-policies/
InfraCloud
Guide to Istioβs Authentication and Authorization Policies
Learn how Istio's authentication and authorization policies enhance security in microservices. Get a comprehensive guide to implementing robust access control.
π4π2π€―2
Marvin is a CLI tool that scans a k8s cluster by performing CEL expressions to report potential issues, misconfigurations and vulnerabilities.
https://github.com/undistro/marvin
https://github.com/undistro/marvin
GitHub
GitHub - undistro/marvin: Marvin is a CLI tool that scans a k8s cluster by performing CEL expressions to report potential issuesβ¦
Marvin is a CLI tool that scans a k8s cluster by performing CEL expressions to report potential issues, misconfigurations and vulnerabilities. - undistro/marvin
π4π2β€1β€βπ₯1
A developer who shares his experience of learning eBPF, a technology that allows the creation of programs that interact with the Linux kernel.
https://www.kungfudev.com/blog/2023/10/14/the-beginning-of-my-ebpf-journey-kprobe-bcc
https://www.kungfudev.com/blog/2023/10/14/the-beginning-of-my-ebpf-journey-kprobe-bcc
KungFuDev
The beginning of my eBPF Journey - Kprobe Adventures with BCC
Embark on a fascinating journey into the realm of eBPF programming through this blog post. We kickstart our exploration with Kprobe, a dynamic tracing tool in the Linux kernel, by delving into a simple 'Hello World' and other experiment using BCC.
β€3π3π€―2
A network load-balancer implementation for Kubernetes using standard routing protocols
https://github.com/metallb/metallb
https://github.com/metallb/metallb
GitHub
GitHub - metallb/metallb: A network load-balancer implementation for Kubernetes using standard routing protocols
A network load-balancer implementation for Kubernetes using standard routing protocols - metallb/metallb
π₯3π2β€1β€βπ₯1
The challenges and solutions of gRPC load balancing in Kubernetes, a platform for deploying microservice applications.
The authors describe how they implemented a custom DNS resolver class that uses a push-based mechanism to update the IP list of available backend servers, instead of relying on the default pull-based DNS resolution that is inefficient and unsynchronized.
https://citymall.engineering/redefining-grpc-load-balancing-the-power-of-custom-dns-in-kubernetes-126ecc3cfb6c
The authors describe how they implemented a custom DNS resolver class that uses a push-based mechanism to update the IP list of available backend servers, instead of relying on the default pull-based DNS resolution that is inefficient and unsynchronized.
https://citymall.engineering/redefining-grpc-load-balancing-the-power-of-custom-dns-in-kubernetes-126ecc3cfb6c
Medium
Efficient Load Balancing in Kubernetes: gRPC and the Role of Custom Push-Based DNS Resolution
CONTEXT
π3π₯2β€1π1
A Kubernetes web UI that is fully-featured, user-friendly and extensible
https://github.com/headlamp-k8s/headlamp
https://github.com/headlamp-k8s/headlamp
GitHub
GitHub - kubernetes-sigs/headlamp: A Kubernetes web UI that is fully-featured, user-friendly and extensible
A Kubernetes web UI that is fully-featured, user-friendly and extensible - kubernetes-sigs/headlamp
π3β€2β€βπ₯1π₯1
underlay network and rdma solution of cloud native, for bare metal, VM and public cloud environment
https://github.com/spidernet-io/spiderpool
https://github.com/spidernet-io/spiderpool
GitHub
GitHub - spidernet-io/spiderpool: Underlay and RDMA network solution of the Kubernetes, for bare metal, VM and any public cloud
Underlay and RDMA network solution of the Kubernetes, for bare metal, VM and any public cloud - spidernet-io/spiderpool
π4π₯2π―2
The article delves into how chaos engineering helps in proactively identifying potential system failures in modern cloud applications, thereby averting costly outages. It further elaborates on the application of chaos engineering in security testing, dubbed Security Chaos Engineering (SCE), to ensure systems respond appropriately to common threats by conducting controlled experiments that inject failures into various components like servers and database
https://www.datadoghq.com/blog/chaos-engineering-for-security/
https://www.datadoghq.com/blog/chaos-engineering-for-security/
Datadog
Security-focused chaos engineering experiments for the cloud | Datadog
Learn how to approach chaos engineering experiments with the security of your cloud resources in mind.
π4π₯2β€1β€βπ₯1
KrakenD Community Edition: High-performance, stateless, declarative, API Gateway written in Go.
https://github.com/krakend/krakend-ce
https://github.com/krakend/krakend-ce
GitHub
GitHub - krakend/krakend-ce: KrakenD Community Edition: High-performance, stateless, declarative, API Gateway written in Go.
KrakenD Community Edition: High-performance, stateless, declarative, API Gateway written in Go. - krakend/krakend-ce
β€2π2π2
A security layer for Git repositories
https://github.com/gittuf/gittuf
https://github.com/gittuf/gittuf
GitHub
GitHub - gittuf/gittuf: A security layer for Git repositories
A security layer for Git repositories. Contribute to gittuf/gittuf development by creating an account on GitHub.
π4β€2π₯1π―1
The blog post discusses the application of chaos engineering to intentionally induce failures in distributed systems, aiding in assessing their resilience and improving the observability stack at Coroot. Through simulated network failures, the post explores how such disruptions can be detected in a distributed environment, providing insights into ensuring accurate identification of different failure scenarios
https://coroot.com/blog/chaos-driven-observability-spotting-network-failures
https://coroot.com/blog/chaos-driven-observability-spotting-network-failures
Coroot
Chaos-driven observability: spotting network failures in a Kubernetes cluster | Coroot Blog
See how Coroot uses eBPF to detect network failuresβpacket loss, retries, and latency spikesβintroduced by chaos testing in a Kubernetes cluster.
β€3π3β€βπ₯2
The blog post recounts a real-world scenario where a Kubernetes API was overwhelmed by numerous requests, detailing the troubleshooting process and the implemented solution to stabilize the system. Through creating and deploying FlowSchema and PriorityLevelConfiguration manifests, the authors were able to manage request flows efficiently, thereby restoring and optimizing the Kubernetes cluster's performance
https://blog.palark.com/kubernetes-api-flow-control-management/
https://blog.palark.com/kubernetes-api-flow-control-management/
π₯6π2π2
Mutating Webhook to dynamically add tolerations based on detected image architectures
https://github.com/PeterGrace/tolerable
https://github.com/PeterGrace/tolerable
GitHub
GitHub - PeterGrace/tolerable: Mutating Webhook to dynamically add tolerations based on detected image architectures
Mutating Webhook to dynamically add tolerations based on detected image architectures - PeterGrace/tolerable
π3β€2π1π―1
The blog post elucidates the author's journey with Argo Workflows, highlighting its effectiveness for infrastructure automation and its advantage over Jenkins. Through personal experiences, the author shares mistakes made, lessons learned, and certain developed patterns to assist readers in avoiding similar pitfalls. The blog's objective is to impart the acquired knowledge and patterns which are conducive to a more efficient utilization of Argo Workflows
https://hodgkins.io/argo-workflow-proven-patterns-from-production
https://hodgkins.io/argo-workflow-proven-patterns-from-production
hodgkins.io
Argo Workflows - Proven Patterns from Production - Matthew Hodgkins
Discover hard-earned insights on leveraging Argo Workflows for infrastructure automation. This guide outlines essential lessons, from managing workflow TTL and pod garbage collection to running synthetic tests with CronWorkflow. Plus, explore advanced patternsβ¦
π3β€2β€βπ₯1π―1
A set of modern Grafana dashboards for Kubernetes.
https://github.com/dotdc/grafana-dashboards-kubernetes
https://github.com/dotdc/grafana-dashboards-kubernetes
GitHub
GitHub - dotdc/grafana-dashboards-kubernetes: A set of modern Grafana dashboards for Kubernetes.
A set of modern Grafana dashboards for Kubernetes. - dotdc/grafana-dashboards-kubernetes
π4β€2π₯2
The article on Depot highlights the introduction of on-demand Dockerfile linting to identify common linting issues, aiming to adhere to best practices for efficient Docker image creation. It lists the top 10 prevalent linting issues observed in Depot, elaborating on each problem and providing solutions to amend them, thus serving as a resource for improving Dockerfile writing practices
https://depot.dev/blog/dockerfile-linting-issues
https://depot.dev/blog/dockerfile-linting-issues
Depot
Top 10 common Dockerfile linting issues
We've added the ability to lint Dockerfiles on demand in Depot. This post covers the top 10 most common Dockerfile linting issues we've seen flowing through Depot.
π3π3β€2
Explain complex systems using visuals and simple terms. Help you prepare for system design interviews.
https://github.com/ByteByteGoHq/system-design-101
https://github.com/ByteByteGoHq/system-design-101
GitHub
GitHub - ByteByteGoHq/system-design-101: Explain complex systems using visuals and simple terms. Help you prepare for system designβ¦
Explain complex systems using visuals and simple terms. Help you prepare for system design interviews. - ByteByteGoHq/system-design-101
π4β€1β€βπ₯1