Learn how to identify your Inter-Zone Egress costs in a few easy steps, using commonly available methods.

Ever wondered where those Inter-Zone Egress costs are coming from? Found yourself looking at GCP’s network pricing page many times to break it down? Me too. So I thought I might as well try to help clear things up.

faasd is OpenFaaS reimagined, but without the cost and complexity of Kubernetes. It runs on a single host with very modest requirements, making it fast and easy to manage. Under the hood it uses containerd and Container Networking Interface (CNI) along with the same core OpenFaaS components from the main project.

BlazingMQ is an open source distributed message queueing framework, which focuses on efficiency, reliability, and a rich feature set for modern-day workflows.

At its core, BlazingMQ provides durable, fault-tolerant, highly performant, and highly available queues, along with features like various message routing strategies (e.g., work queues, priority, fan-out, broadcast, etc.), compression, strong consistency, poison pill detection, etc.

In CWISE we use Terraform a lot. The most common use cases for Terraform for us is cloud resource provisioning, Kubernetes configuration management, and SaaS services (like Github/Gitlab) management.  

We prefer Terraform over many other competitors due multiple reasons: 

- Tried and tested tool, has been around for a long time and Hashicorp is doing great work of developing it. Can be defined as mature and even boring technology;

- A large number of community resources like providers, modules, and documentation; 

- Good developer experience due to support in IDE's and support tools;

- Has got a configuration state (database);

TFTUI is a powerful textual GUI that empowers users to effortlessly view and interact with their Terraform state.

With its latest version you can easily visualize the complete state tree, gaining deeper insights into your infrastructure's current configuration. Additionally, the ability to inspect individual resource states allows you to focus on specific details for better analysis and management. Lastly, it's now possible to select resources and perform actions such as tainting and untainting.

Successful techniques to ensure your SRE team delivers value

As Site Reliability Engineering Team, we continuously strive to improve the systems we operate. One way to do so is to stay up-to-date with upstream components. One of the components that needed some special care turned out to be a CSI Driver, which is installed in the Kubernetes cluster as DaemonSet. Originally, the driver was installed in the cluster using YAML manifest and kubectl. As the dev team moved to support Helm, we also wanted to utilize Helm Chart for the driver to ease our lives.

This is a site with some container security resources. It is (and probably always will be) a work in progress, but hopefully you’ll find some useful information.

In this article, we will be taking a look at the different methods of Kubernetes Autoscaling that help with the automated process of scaling resources required by the application.

Kyverno is a policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans. Kyverno policies are Kubernetes resources and do not require learning a new language. Kyverno is designed to work nicely with tools you already use like kubectl, kustomize, and Git.

Constellation is a Kubernetes engine that aims to provide the best possible data security. It wraps your K8s cluster into a single confidential context that is shielded from the underlying cloud infrastructure. Everything inside is always encrypted, including at runtime in memory.

JovianX Service Hub is a tool that enables Self-Service for internal stakeholders. It exposes an on-demand catalog of infrastrucutre services (for example databases, s3 buckets, Airflow workflow execution, services with or without pre-configured or pre-loaded datasets , etc') via a simple self-service UI and CLI.

A plugin for ArgoCD lovely plugin to replace placeholders in Kubernetes manifests with secrets stored in Hashicorp Vault. The binary will scan the current directory recursively for any .yaml (or .yml if you're so inclined) files, or take yaml from stdin, and attempt to replace strings of the form <secret:/store/data/path~key> with those obtained from a Vault kv2 store.