" This notes describes how to improve Nginx performance, security and other important things; ssllabs A+ 100%. "
"In this post I will show you how to use Roles published to Ansible Galaxy as an Operator to manage an application in Kubernetes. Reusing a Role in this way provides an example of how to create an Operator that simply installs an application with the flexibility to expand and customize the behavior organically as requirements dictate.
I will leverage both the Ansible Operator and the k8s module to demonstrate how you can use Ansible to create Kubernetes native applications. Ansible Operator, included in the Operator SDK, allows you to package your operational knowledge (how you install and maintain your application) in the form of Ansible Roles and Playbooks. Your ability to manage objects in Kubernetes when writing these Roles and Playbooks can be improved by the new k8s module."
"Realtime license and vulnerability management for open source dependencies "
" Kubernetes is a fairly complex system with many moving parts. Its ecosystem is constantly evolving and adding even more layers (service mesh, ..) to the mix. Considering this environment, we don't hear enough real-world horror stories to learn from each other! This compilation of failure stories should make it easier for people dealing with Kubernetes operations (SRE, ops, platform/infrastructure teams) to learn from others and reduce the unknown unknowns of running Kubernetes in production."
Atlantis is an application for automating Terraform via pull requests. It is deployed as a standalone application into your infrastructure. No third-party has access to your credentials.
Atlantis listens for GitHub, GitLab or Bitbucket webhooks about Terraform pull requests. It then runs terraform plan and comments with the output back on the pull request.
When you want to apply, comment atlantis apply on the pull request and Atlantis will run terraform apply and comment back with the output.
"1-click deployment of OpenVPN with DNS ad blocking sinkhole. Deploys to your favorite VPS machine. Created with Vue.js, Semantic UI and Django. And with love, of course.
"
1: Always run at least 2 pods 2: Spread your application pods evenly across nodes 3: Define a pod disruption budget 4: Define a descheduler policy 5: Do not use local/host path storage 6: Design your application so that it tolerate losing pods 7: It shouldn’t matter which pod receives a request 8: Capacity considerations
"krew is a tool that makes it easy to use kubectl plugins. krew helps you discover plugins, install and manage them on your machine. It is similar to tools like apt, dnf or brew.
For kubectl users: krew helps you find, install and manage kubectl plugins in a consistent way. For plugin developers: krew helps you package and distribute your plugins on multiple platforms and makes them discoverable."
"Operators are Kubernetes native applications. We define native as being both managed using the Kubernetes APIs via kubectl and ran on Kubernetes as containers. Operators take advantage of Kubernetes’s extensibility to deliver the automation advantages of cloud services like provisioning, scaling, and backup/restore while being able to run anywhere that Kubernetes can run.
This list is built by the community. Have you built or are you using an Operator that is not listed? Please send a pull request and we will add that Operator to the list."
"Go binary to change Docker container user/group and file permissions at runtime "
"Minio is a high performance distributed object storage server, designed for large-scale private cloud infrastructure. "
"kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster.
kaniko doesn't depend on a Docker daemon and executes each command within a Dockerfile completely in userspace. This enables building container images in environments that can't easily or securely run a Docker daemon, such as a standard Kubernetes cluster."
