94 private links
Creating Talos Kubernetes cluster using QEMU VMs.
Setup kubernetes cluster using Talos (Lab). GitHub Gist: instantly share code, notes, and snippets.
Talos is an operating system for Kubernetes. It is designed to be lightweight, secure, and easy to use. In this article, I will introduce Talos and its features.
CLI tool for linting and testing Helm charts. Contribute to helm/chart-testing development by creating an account on GitHub.
Kubernetes LAN Party - by Wiz
The open source tool analyzes Kubernetes YAML files and Helm charts to ensure they adhere to best practices, focusing on production readiness and security. Here's how to set it up and use it.
A fast kubectl autocompletion with fzf. Contribute to bonnefoa/kubectl-fzf development by creating an account on GitHub.
Kubernetes exploitation tool. Contribute to Rolix44/Kubestroyer development by creating an account on GitHub.
This article describes a set of best practices for building containers. These practices cover a wide range of goals, from shortening the build time, to creating smaller and more resilient images, with the aim of making containers easier to build (for example, with Cloud Build), and easier to run in Google Kubernetes Engine (GKE).
These best practices are not of equal importance. For example, you might successfully run a production workload without some of them, but others are fundamental. In particular, the importance of the security-related best practices is subjective. Whether you implement them depends on your environment and constraints.
This page shows how to configure process namespace sharing for a pod. When process namespace sharing is enabled, processes in a container are visible to all other containers in the same pod.
You can use this feature to configure cooperating containers, such as a log handler sidecar container, or to troubleshoot container images that don't include debugging utilities like a shell.
Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster.
Flux is a set of continuous and progressive delivery solutions for Kubernetes, and they are open and extensible.
The APIs of Flux are stable now.
Kyverno is a policy engine designed for Kubernetes
OWASP has created the OWASP Kubernetes Top 10, which helps identify the most likely risks.
THREAD: Isolating a pod for troubleshooting This technique helps you with debugging running Pods in production The Pod is detached from the Service (no traffic), and you can troubleshoot it live Let's get started!
This post is based on a webinar i've previously given where I go through some of my favourite tips for working with Kubernetes clusters all day long. The goal of all of these techniques is to make my life easier and (hopefully) less error prone. I start off with the first 5 tips being applicable to anyone working with Kubernetes and can be picked up right away. From there I move on to a couple that would benefit from having some old-skool Linux sys-admin experience. Finally I finish of with some more advanced techniques that require some previous programming experience.
Vulnerable app with examples showing how to not use secrets - GitHub - OWASP/wrongsecrets: Vulnerable app with examples showing how to not use secrets
Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases in one shot - GitHub - helmfile/helmfile: Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases in one shot
Kubernetes on Linux: This tutorial will walk you through the process of installing MicroK8s on Rocky Linux 9.