In this article, you'll explore the complexities of Kubernetes network management, iptables, and port forwarding and discover how Kubernetes hides service ports from traditional tools like netstat.
https://journal.hexmos.com/kube-network/
https://journal.hexmos.com/kube-network/
Hexmos Journal
Portless Ports: Demystifying Kubernetes Port Forwarding
Introduction
Recently, I was exploring Hexmos' infrastructure, trying to learn all the steps involved in loading up the Feedback app in the browser. During my investigation of a packet's path to the server and analysis of the Nginx configuration file thatโฆ
Recently, I was exploring Hexmos' infrastructure, trying to learn all the steps involved in loading up the Feedback app in the browser. During my investigation of a packet's path to the server and analysis of the Nginx configuration file thatโฆ
๐4
A toolkit for building declarative operators with kubebuilder
https://github.com/kubernetes-sigs/kubebuilder-declarative-pattern
https://github.com/kubernetes-sigs/kubebuilder-declarative-pattern
GitHub
GitHub - kubernetes-sigs/kubebuilder-declarative-pattern: A toolkit for building declarative operators with kubebuilder
A toolkit for building declarative operators with kubebuilder - kubernetes-sigs/kubebuilder-declarative-pattern
๐3
๐3
A little tool that will construct a Docker image archive from a set of Kubernetes manifests.
https://github.com/gpu-ninja/airgapify
https://github.com/gpu-ninja/airgapify
GitHub
GitHub - dpeckett/airgapify: A little tool that will construct an OCI image archive from a set of Kubernetes manifests.
A little tool that will construct an OCI image archive from a set of Kubernetes manifests. - dpeckett/airgapify
๐3
Kiali project, observability for the Istio service mesh
https://github.com/kiali/kiali
https://github.com/kiali/kiali
GitHub
GitHub - kiali/kiali: Kiali project, observability for the Istio service mesh
Kiali project, observability for the Istio service mesh - kiali/kiali
๐3
In this tutorial, you will learn how to validate Kubernetes resources with Validating Admission Policies (VAPs) and Common Expression Language (CEL).
https://www.doit.com/effortless-in-cluster-validation-with-kubernetes-introducing-validating-admission-policies/
https://www.doit.com/effortless-in-cluster-validation-with-kubernetes-introducing-validating-admission-policies/
DoiT
Effortless In-Cluster Validation with Kubernetes: Introducing Validating Admission Policies | DoiT
Streamlining Kubernetes Resource Validation with Validating Admission Policies and CEL In-cluster validation offers many practical uses, such as preventing accidental or malicious deletion of resources, limiting the number of replicas a deployment can haveโฆ
๐3
โธ๏ธ Kubernetes-native testing framework for test execution and orchestration
https://github.com/kubeshop/testkube
https://github.com/kubeshop/testkube
GitHub
GitHub - kubeshop/testkube: โธ๏ธ The Open Testing Platform for AI-Driven Engineering Teams
โธ๏ธ The Open Testing Platform for AI-Driven Engineering Teams - kubeshop/testkube
๐ฅ3
14 years ago, I sat in the audience and watched John Allspaw and Paul Hammond explain how they worked together to deploy Flickr 10+ times a day - the moment what would become DevOps was born. Like everyone else who had the good fortune to see it, I was stunned - at their articulation of the cultural problems that were in our way, and the technology solutions they had developed to solve their problems.
https://www.systeminit.com/blog-second-wave-devops/
https://www.systeminit.com/blog-second-wave-devops/
โค3
Underlay and RDMA network solution of the Kubernetes, for bare metal, VM and any public cloud
https://github.com/spidernet-io/spiderpool
https://github.com/spidernet-io/spiderpool
GitHub
GitHub - spidernet-io/spiderpool: Underlay and RDMA network solution of the Kubernetes, for bare metal, VM and any public cloud
Underlay and RDMA network solution of the Kubernetes, for bare metal, VM and any public cloud - spidernet-io/spiderpool
๐4
The blog post "Serverless OpenTelemetry at Scale: The PostNL Context" by Luc van Donkersgoed is focused on implementing OpenTelemetry in a serverless environment at a large scale, particularly in the setting of PostNL. The article likely provides insights into the technical intricacies and challenges associated with this implementation, offering valuable perspectives for professionals in cloud computing and serverless technologies.
https://lucvandonkersgoed.com/2023/11/10/serverless-opentelemetry-at-scale-the-postnl-context/
https://lucvandonkersgoed.com/2023/11/10/serverless-opentelemetry-at-scale-the-postnl-context/
Luc van Donkersgoed's Notes
Serverless OpenTelemetry at scale: the PostNL context
In the first installment of the Serverless OpenTelemetry at scale series we will cover the PostNL context and need for observability.
๐4
The article "Engineering Transformations - Adopting Automated Testing As A Practice" delves into the critical role of automated testing in software development. It focuses on how leadership can spearhead the integration of automated testing into development workflows. The piece explores the challenges encountered and strategies needed for effective implementation, especially in startup and growth-stage company environments. It emphasizes the combination of technical and sociological elements necessary for this engineering transformation.
https://vaidik.in/engineering-transformations-adopting-automated-testing/
https://vaidik.in/engineering-transformations-adopting-automated-testing/
Vaidik Kapoor
Engineering Transformations - Adopting Automated Testing As A Practice
Leadership, in a way, is about finding and using levers that help the business take step jumps in making progress towards the vision of the company. Engineering leadership is similar but limited to engineering and product development. As engineering leadersโฆ
๐4
Hubble - Network, Service & Security Observability for Kubernetes using eBPF
https://github.com/cilium/hubble
https://github.com/cilium/hubble
GitHub
GitHub - cilium/hubble: Hubble - Network, Service & Security Observability for Kubernetes using eBPF
Hubble - Network, Service & Security Observability for Kubernetes using eBPF - cilium/hubble
โค3
The blog post "Cybersecurity Isn't Special" challenges the notion that cybersecurity is a uniquely complex field. It critiques the idea that cybersecurity problems are more esoteric and difficult than those faced by other teams like SRE or platform engineering. The post argues for integrating cybersecurity into broader software resilience strategies rather than treating it as a separate, special area. It suggests practical steps for cybersecurity teams to collaborate more effectively with other engineering teams and to focus on building resilience into software systems.
https://kellyshortridge.com/blog/posts/cybersecurity-isnt-special/
https://kellyshortridge.com/blog/posts/cybersecurity-isnt-special/
Sensemaking by Shortridge
Cybersecurity Isn't Special
This blog post explains why cybersecurity shouldnโt be a special stream of work in organizations, and presents opportunities for security programs to become more constructive and less gatekeepy.
๐3