Excessively complex CI/CD pipelines can be one of the potential attack vectors by which a bad actor can gain access to an environment with elevated privileges. Learn from the mistakes made by others: https://t.co/CPA47DBqTR
The following article dives deep into Kubernetes networking and explores some basic Kubernetes concepts like pod to pod networking, why pause containers are needed, how services work, what is CNI, and more. Definitely worth checking out: https://t.co/WWVRjgmC9R
Regula is an open-source tool that scans your Kubernetes YAML and suggests improvements based on CIS Kubernetes Benchmark. Here's a nice blog post that introduces the tool: https://t.co/zisAHalM6Q
Interesting series worth reading - many good tips and best practices on running applications on Kubernetes. part one: https://t.co/xdCtvcy4f6 and part two: https://t.co/570bZDtKrE
If you run workloads that require quick pod-startup time, check out kube-fledged that helps in managing docker image caching on Kubernetes nodes:
https://t.co/DZcfpA0hWl
This article provides a good basic overview of why synthetic checks are necessary and, more importantly, how you can implement your own synthetic monitoring stack using a Kubernetes operator called Kuberhealthy.
Check it out: https://t.co/oKjIUC5616
It’s pretty rare to scale one Kubernetes cluster to 7500 nodes; even thousand-node clusters aren’t that common. Read how one company did exactly that: https://t.co/fePI15eX2p
I find this article interesting not only because it describes Tekton’s capabilities in a pretty straightforward way but also because it illustrates a complete delivery pipeline. https://t.co/aMhcA60ZzI
Imagine that you’ve got three production Kubernetes clusters in multiple regions and you need the services on the clusters to securely communicate with each other as if they were running on the same cluster. See what Submariner can help you achieve: https://t.co/sAJLNGIQkc
The following article goes over the different ways to use Prometheus to monitor multiple Kubernetes environments.
Take a look at the article below, but try to not get lost in the last diagram: https://t.co/ntN9y8Jk1v
How many *QL syntaxes do you need to master for your day2day job?
I definitely recommend bookmarking this link for when you’re wondering how to implement something with PromQL.
You can take a look at the article here: https://t.co/aVjMeZLvTX
How are finalizers created, and who is responsible for “removing” them from objects to allow the Kubernetes API to continue with an object's deletion?
For a nice overview of Kubernetes finalizers, read here: https://t.co/ftdQZK8hN6
Nice tool - with ORAS, you can push anything you want into an OCI-conformant docker registry. You can “oras push” a PDF, source file, tar archive—anything! You can learn more about the tool here: https://t.co/TEwxUwQqqp
I’ve just recently discovered Headlamp, which is a lean, fast UI that can run both as a client on a developer’s desktop and as a service-side component that you install into your Kubernetes cluster: https://t.co/hKHByOHdl9
For any of you who have decided to go down the CKA exam path, I’ve found an interesting resource that may be helpful: an online CKA simulator called https://t.co/IjHjC1qtsl, which has 25 complex test scenarios to help you prepare for the exam.
I was waiting for this feature for quite some time - security groups for pods were introduced for EKS clusters a few months ago. Learn more here:
https://t.co/Dyj10tKY8m
To get back to my usual weekly cadence, I thought I’d start by telling you about a new Kubernetes add-on I’ve recently discovered: pvc-autoresizer.
To learn more about this interesting tool, you can read the official announcement here: https://t.co/uM1EvvRaYm