diff --git a/docs/GoogleCloudPlatform.md b/docs/GoogleCloudPlatform.md index a343cda5..04145646 100644 --- a/docs/GoogleCloudPlatform.md +++ b/docs/GoogleCloudPlatform.md @@ -6,6 +6,7 @@ - [Anthos. Google's Hybrid And Multi-Cloud Platform](#anthos-googles-hybrid-and-multi-cloud-platform) - [Python](#python) - [Cloud Code](#cloud-code) +- [Google Cloud Buildpacks](#google-cloud-buildpacks) ## Introduction * [cloud.google.com](https://cloud.google.com) @@ -42,4 +43,7 @@ - [anderfernandez.com: CΓ³mo automatizar un script de Python en Google Cloud](https://anderfernandez.com/blog/automatizar-script-python-google-cloud/) ## Cloud Code -- [Cloud Code 🌟](https://cloud.google.com/code) Everything you need to write, debug, and deploy your cloud-native applications. \ No newline at end of file +- [Cloud Code 🌟](https://cloud.google.com/code) Everything you need to write, debug, and deploy your cloud-native applications. + +## Google Cloud Buildpacks +- [Google Cloud Buildpacks](https://github.com/GoogleCloudPlatform/buildpacks) \ No newline at end of file diff --git a/docs/aws.md b/docs/aws.md index 01f230f1..3ddbbb8b 100644 --- a/docs/aws.md +++ b/docs/aws.md @@ -624,6 +624,7 @@ aws ec2 describe-instances --query 'Reservations[].Instances[].[Placement.Availa - [Create a pipeline with canary deployments for Amazon EKS with AWS App Mesh 🌟](https://aws.amazon.com/blogs/containers/create-a-pipeline-with-canary-deployments-for-amazon-eks-with-aws-app-mesh/) - [medium: Using Helm with Amazon EKS without kubeconfigs](https://medium.com/analytics-vidhya/using-helm-with-amazon-eks-without-a-kubeconfig-733f44a31b1d) - [linkedin.com: Amazon EKS Distro (EKS-D): The Kubernetes Distribution Used by Amazon EKS 🌟](https://www.linkedin.com/pulse/amazon-eks-distro-eks-d-kubernetes-distribution-used-gokul-chandra/) +- [aws.amazon.com: Introducing Federated Amazon EKS Clusters on AWS](https://aws.amazon.com/about-aws/whats-new/2021/01/introducing-federated-amazon-eks-clusters-aws/) ## AWS App Mesh - [AWS App Mesh Workshop](https://www.appmeshworkshop.com/) diff --git a/docs/cicd.md b/docs/cicd.md index 8256d0fa..16ff5274 100644 --- a/docs/cicd.md +++ b/docs/cicd.md @@ -60,6 +60,7 @@ Here are some important things to consider while building a CI/CD pipeline: * [thinkinglabs.io: Feature Branching considered evil 🌟](https://thinkinglabs.io/talks/feature-branching-considered-evil.html) * [tripwire.com: Everything You Need to Know About CI/CD and Security](https://www.tripwire.com/state-of-security/devops/everything-need-to-know-about-ci-cd-security/) * [harness.io: CI/CD Pipeline: Everything You Need to Know 🌟](https://harness.io/blog/continuous-delivery/ci-cd-pipeline/) +* [stackoverflow.blog: Fulfilling the promise of CI/CD 🌟](https://stackoverflow.blog/2021/01/19/fulfilling-the-promise-of-ci-cd/) When people say β€œCI/CD,” they are only talking about continuous integration. Nobody is talking about (or practicing) continuous deployment. AT ALL. It’s like we have all forgotten it exists. It's time to change that. ## Security in CI/CD * [CI Checks Are Not Enough: Combat Configuration Drift in Kubernetes Resources](https://thenewstack.io/ci-checks-are-not-enough-combat-configuration-drift-in-kubernetes-resources/) diff --git a/docs/demos.md b/docs/demos.md index be603ebe..55179ebb 100644 --- a/docs/demos.md +++ b/docs/demos.md @@ -92,6 +92,7 @@ ### GitOps - [thenewstack.io: GitOps in Multicluster Environments with Anthos Config Management](https://thenewstack.io/tutorial-gitops-in-multicluster-environments-with-anthos-config-management/) +- [kubesandclouds.com: Werf: Fully customizable GitOps 🌟](https://kubesandclouds.com/index.php/2020/09/01/werf-gitops/) Werf builds and publishes images, deploys applications to Kubernetes clusters, and removes unused images based on policies and rules defined in the Git repository. ## Kubernetes Demos * [kubernetesbyexample.com 🌟](http://kubernetesbyexample.com/) @@ -137,6 +138,7 @@ - [Spring Initializr](https://start.spring.io/) - [k8s Initializer](https://app.getambassador.io/initializer/) - [dzone: Bootstrapping Java Kubernetes Apps With Spring Initializr and K8s Initializer](https://dzone.com/articles/bootstrapping-java-kubernetes-apps-no-yaml) Build a Spring Boot app and deploy to K8s without writing a single line of YAML +- [hashicorp.com: Getting Started with Ambassador and Consul Using Kubernetes Initializer](https://www.hashicorp.com/blog/getting-started-with-ambassador-and-consul-using-kubernetes-initializer) Kubernetes Initializer built by Ambassador Labs provides a new experience for simplifying the deployment of Ambassador and Consul in a Sandbox Kubernetes environment. ### Kubernetes CKAD Example Exam Questions Practical Challenge Series * [Kubernetes CKAD Example Exam Questions Practical Challenge Series](https://codeburst.io/kubernetes-ckad-weekly-challenges-overview-and-tips-7282b36a2681) diff --git a/docs/devops.md b/docs/devops.md index bc98354c..f26a2261 100644 --- a/docs/devops.md +++ b/docs/devops.md @@ -24,6 +24,7 @@ ## Interview Questions - [automationreinvented.blogspot.com: Top 11 kubernetes interview questions for SDET/DevOps SET-02? Kubernetes deployment commands](https://automationreinvented.blogspot.com/2020/10/top-11-kubernetes-interview-questions.html) - [denic.hashnode.dev: Resources to crush the technical interview](https://denic.hashnode.dev/resources-to-crush-the-technical-interview) +- [learnsteps.com: DevOps Interview Questions: How will you scale your current CI-CD pipeline](https://www.learnsteps.com/devops-interview-questions-how-will-you-scale-your-current-ci-cd-pipeline/) ## Configuration Drift - [Dzone: Configuration Drift 🌟](https://dzone.com/articles/configuration-drift) Configuration Drift is the phenomenon where running servers in an infrastructure become more and more different as time goes on, due to manual ad-hoc changes and updates, and general entropy. diff --git a/docs/devsecops.md b/docs/devsecops.md index a724fd2b..38dbfc05 100644 --- a/docs/devsecops.md +++ b/docs/devsecops.md @@ -49,6 +49,7 @@ - [helpnetsecurity.com: How to make DevSecOps stick with developers](https://www.helpnetsecurity.com/2020/12/14/how-devsecops-developers/) - [blog.christophetd.fr: Shifting Cloud Security Left β€” Scanning Infrastructure as Code for Security Issues](https://blog.christophetd.fr/shifting-cloud-security-left-scanning-infrastructure-as-code-for-security-issues/) - [devclass.com: Docker: It’s not dead yet, but there’s a tendency to walk away, security report finds](https://devclass.com/2021/01/13/sysdig-container-security-and-usage-report-2021/) +- [loves.cloud: Creation of a Fully-Automated DevSecOps CICD Pipeline](https://loves.cloud/creation-of-a-fully-automated-devsecops-cicd-pipeline/) ## Kubernetes Threat Modelling - [marcolancini.it: The Current State of Kubernetes Threat Modelling](https://www.marcolancini.it/2020/blog-kubernetes-threat-modelling/) @@ -107,6 +108,7 @@ - [developers.redhat.com: A deep dive into Keycloak](https://developers.redhat.com/blog/2020/08/07/a-deep-dive-into-keycloak/) - [blog.getambassador.io: Step-by-Step Centralized Authentication for Kubernetes with Keycloak and the Ambassador Edge Stack](https://blog.getambassador.io/centralized-authentication-with-keycloak-and-ambassador-edge-stack-d509ffbc7b6f) - [blog.sighup.io: How to run Keycloak in HA on Kubernetes](https://blog.sighup.io/keycloak-ha-on-kubernetes/) How to setup Keycloak, the Open Source Identity and Access Management, in HA on Kubernetes. +- [developers.redhat.com: Authentication and authorization using the Keycloak REST API](https://developers.redhat.com/blog/2020/11/24/authentication-and-authorization-using-the-keycloak-rest-api/) ### Git Credential Manager Core - [Git Credential Manager Core](https://github.com/microsoft/Git-Credential-Manager-Core) GCM Core is a free, open-source, cross-platform credential manager for Git. diff --git a/docs/docker.md b/docs/docker.md index 777c9fb3..849dc64e 100644 --- a/docs/docker.md +++ b/docs/docker.md @@ -52,6 +52,7 @@ * [docker.com: Year in Review: The Most Viewed Docker Blog Posts of 2020 Part 1 🌟](https://www.docker.com/blog/year-in-review-the-most-viewed-docker-blog-posts-of-2020-part-1/) * [docker.com: Year in Review: The Most Viewed Docker Blog Posts of 2020 Part 2 🌟](https://www.docker.com/blog/year-in-review-the-most-viewed-docker-blog-posts-of-2020-part-2/) * [adictosaltrabajo.com: CΓ³mo crear y desplegar microservicios con Spring Boot, Spring Cloud Netflix y Docker](https://www.adictosaltrabajo.com/2020/12/22/como-crear-y-desplegar-microservicios-con-spring-boot-spring-cloud-netflix-y-docker/) +* [cloudsavvyit.com: How to Use Cron With Your Docker Containers](https://www.cloudsavvyit.com/9033/how-to-use-cron-with-your-docker-containers/) ## Security - [thehackernews.com: Docker Images Containing Cryptojacking Malware Distributed via Docker Hub](https://thehackernews.com/2020/06/cryptocurrency-docker-image.html) diff --git a/docs/golang.md b/docs/golang.md index 03d84cbb..04644877 100644 --- a/docs/golang.md +++ b/docs/golang.md @@ -1,4 +1,6 @@ -# Golang +# Golang - Go +- [golang.org](https://golang.org/) +- [wikipedia: Go](https://en.wikipedia.org/wiki/Go_(programming_language)) - [Zepto is a lightweight framework for the development of microservices & web services in golang](https://github.com/go-zepto/zepto) - [An example of using dynamic client of k8s.io/client-go](https://ymmt2005.hatenablog.com/entry/2020/04/14/An_example_of_using_dynamic_client_of_k8s.io/client-go?utm_sq=ggbsr9k836#Using-the-dynamic-client-to-implement-SSA) - [medium: Microservices in Go](https://medium.com/seek-blog/microservices-in-go-2fc1570f6800) diff --git a/docs/kubernetes.md b/docs/kubernetes.md index b0f30b63..d9819965 100644 --- a/docs/kubernetes.md +++ b/docs/kubernetes.md @@ -58,6 +58,7 @@ - [Kubectl Plugins and Tools. Kubernetes Extensions and Projects](#kubectl-plugins-and-tools-kubernetes-extensions-and-projects) - [Enforcing Policies and governance for kubernetes workloads with Conftest](#enforcing-policies-and-governance-for-kubernetes-workloads-with-conftest) - [Kubernetes Backup and Migrations](#kubernetes-backup-and-migrations) + - [Kubernetes Volume Snapshot](#kubernetes-volume-snapshot) - [Backup with Trillio Cloud-Native Data Protection for Kubernetes, OpenStack and Virtualization](#backup-with-trillio-cloud-native-data-protection-for-kubernetes-openstack-and-virtualization) - [Backup with Kasten K10](#backup-with-kasten-k10) - [Backup with Velero](#backup-with-velero) @@ -342,6 +343,7 @@ * [thoughtbot.com: Zero Downtime Rails Deployments with Kubernetes](https://thoughtbot.com/blog/zero-downtime-rails-deployments-with-kubernetes) * [medium: Kubernetes Resources 🌟](https://medium.com/@pratyush.mathur/kubernetes-resources-c09d172dbdc5) * [medium: Notes on Graceful Shutdown in Kubernetes 🌟](https://medium.com/@pleasingsmoke/graceful-shutdown-of-pods-in-kubernetes-6da5588b5356) +* [loft.sh: Kubernetes Readiness Probes - Examples & Common Pitfalls 🌟](https://loft.sh/blog/kubernetes-readiness-probes-examples-common-pitfalls/)
[![Kubernetes architecture](images/kubernetes-pod-creation.png)](https://www.padok.fr/en/blog/kubernetes-architecture-clusters) @@ -877,6 +879,10 @@ kubectl get secret --namespace=β€Š-o yaml | sed β€˜s/names * [aithority.com: Bacula Systems Announces World’s First Enterprise-Class Backup and Recovery Solution for Red Hat OpenShift](https://aithority.com/it-and-devops/cloud/bacula-systems-announces-worlds-first-enterprise-class-backup-and-recovery-solution-for-red-hat-openshift/) * [cloudify.co: Migrating Pods With Containerized Applications Between Nodes In The Same Kubernetes Cluster Using Cloudify 🌟](https://cloudify.co/blog/migrating-pods-containerized-applications-nodes-kubernetes-cluster-using-cloudify/) +### Kubernetes Volume Snapshot +* [kubernetes.io: Kubernetes 1.20: Kubernetes Volume Snapshot Moves to GA](https://kubernetes.io/blog/2020/12/10/kubernetes-1.20-volume-snapshot-moves-to-ga/) +* [itnext.io: Backup and Restore of Kubernetes Stateful Application Data with CSI Volume Snapshots](https://itnext.io/backup-and-restore-of-kubernetes-stateful-application-data-with-csi-volume-snapshots-14ce9e6f3778) + ### Backup with Trillio Cloud-Native Data Protection for Kubernetes, OpenStack and Virtualization * [Trillio](http://trilio.io) * [TrillioVault for Kubernetes](https://www.trilio.io/triliovault-for-kubernetes/) @@ -1185,6 +1191,7 @@ kubectl get secret --namespace=β€Š-o yaml | sed β€˜s/names * [kubernetes.io: Cloud native security for your clusters](https://kubernetes.io/blog/2020/11/18/cloud-native-security-for-your-clusters/) * [tldrsec.com: Risk8s Business: Risk Analysis of Kubernetes Clusters 🌟](https://tldrsec.com/guides/kubernetes/) A zero-to-hero guide for assessing the security risk of your Kubernetes cluster and hardening it. * [microsoft.com: Threat matrix for Kubernetes 🌟](https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/) +* [labs.bishopfox.com: Bad Pods: Kubernetes Pod Privilege Escalation 🌟](https://labs.bishopfox.com/tech-blog/bad-pods-kubernetes-pod-privilege-escalation) What are the risks associated with overly permissive pod creation in Kubernetes? The answer varies based on which of the host’s namespaces and security contexts are allowed. In this post, I will describe eight insecure pod configurations and the corresponding methods to perform privilege escalation. This article and the accompanying repository were created to help penetration testers and administrators better understand common misconfiguration scenarios.
diff --git a/docs/message-queue.md b/docs/message-queue.md index e8064cb0..99cbf1fa 100644 --- a/docs/message-queue.md +++ b/docs/message-queue.md @@ -158,6 +158,7 @@ comsysto about their usage of Debezium, touching on many details like outbox pat - [strimzi.io: Optimizing Kafka producers 🌟](https://strimzi.io/blog/2020/10/15/producer-tuning/) - [developers.redhat.com: Introduction to Strimzi: Apache Kafka on Kubernetes (KubeCon Europe 2020) 🌟](https://developers.redhat.com/blog/2020/08/14/introduction-to-strimzi-apache-kafka-on-kubernetes-kubecon-europe-2020/) - [medium: Processing guarantees in Kafka](https://medium.com/@andy.bryant/processing-guarantees-in-kafka-12dd2e30be0e) "Duplicates and lost messages are due not only to features of the messaging systems, but in the design of producer and consumer applications as well." One of the best posts on processing guarantees in kafka. +- [davidxiang.com: Kafka As A Database? Yes Or No](https://davidxiang.com/2021/01/10/kafka-as-a-database/)
[![airflow vs kafka debezium](images/airflow_vs_debezium.jpg)](https://medium.com/convoy-tech/logs-offsets-near-real-time-elt-with-apache-kafka-snowflake-473da1e4d776) diff --git a/docs/python.md b/docs/python.md index 781ce6a7..8895a227 100644 --- a/docs/python.md +++ b/docs/python.md @@ -91,6 +91,7 @@ - [blog.logrocket.com: Django REST framework alternatives](https://blog.logrocket.com/django-rest-framework-alternatives/) - [towardsdatascience.com: Unexpected Size of Python Objects in Memory](https://towardsdatascience.com/the-strange-size-of-python-objects-in-memory-ce87bdfbb97f) How much memory does a Python object take on memory? - [learnsteps.com: DevOps Interview Questions: Important Python questions](https://www.learnsteps.com/devops-interview-questions-important-python-questions/) +- [aigents.co: Data Structures and Python 🌟](https://aigents.co/blog/coding-tutorial/data-structures-and-python)
@@ -138,6 +139,7 @@ - [Two-Factor Authentication with Authy](https://www.twilio.com/docs/tutorials/walkthrough/two-factor-authentication/python/flask) - [devbattles.com: Python Flask, Part 1: Hello World!](http://www.devbattles.com/en/sand/post-1757-Python_Flask_Part_1_Hello_World) - [mherman.org: Scaling Flask with Kubernetes 🌟](https://mherman.org/presentations/flask-kubernetes/) +- [towardsdatascience.com: Create and Deploy a Simple Web Application with Flask and Heroku](https://towardsdatascience.com/create-and-deploy-a-simple-web-application-with-flask-and-heroku-103d867298eb) ## Python pip and pip's wheel - [wheel replaces Python's eggs](https://wheel.readthedocs.org) diff --git a/docs/serverless.md b/docs/serverless.md index c20d8e4f..e0ea2660 100644 --- a/docs/serverless.md +++ b/docs/serverless.md @@ -22,6 +22,7 @@ * [theregister.com: Microservices guru says think serverless, not Kubernetes: You don't want to manage 'a towering edifice of stuff'](https://www.theregister.com/2020/09/22/microservices_talk_gotopia/) * [serverless.com: Why we switched from docker to serverless](https://www.serverless.com/blog/why-we-switched-from-docker-to-serverless) * [dzone: The Serverless Path to DevOps](https://dzone.com/articles/the-serverless-path-to-devops) Serverless and DevOps combine in this article the uses AWS services as examples of how serverless technologies benefit DevOps processes. +* [developers.redhat.com: Orchestrate event-driven, distributed services with Serverless Workflow and Kubernetes](https://developers.redhat.com/blog/2020/11/26/event-driven-distributed-service-orchestration-with-serverless-workflow/) ### FaaS: Function as a Service * [wikipedia: FaaS Function as a Service](https://en.wikipedia.org/wiki/Function_as_a_service) diff --git a/docs/yaml.md b/docs/yaml.md index eeec7a86..7874ca50 100644 --- a/docs/yaml.md +++ b/docs/yaml.md @@ -27,7 +27,8 @@ - [github.com/topics/yaml-processor](https://github.com/topics/yaml-processor) - [ytt](https://get-ytt.io/) is a templating tool that understands YAML structure allowing you to focus on your data instead of how to properly escape it. - You should use tools such as [yq](https://mikefarah.gitbook.io/yq/) and kustomize to template YAML resources instead of relying on tools that interpolate strings such as [Helm](https://helm.sh/). -- [yq 🌟](https://mikefarah.gitbook.io/yq/) is a lightweight and portable command-line YAML processor. The aim of the project is to be the [jq](https://github.com/stedolan/jq) or sed of yaml files. `yq` allows to query the yaml tree and highlights it: ```k get svc a -oyaml | yq r -``` +- [yq 🌟](https://mikefarah.gitbook.io/yq/) is a lightweight and portable command-line YAML processor. The aim of the project is to be the [jq](https://github.com/stedolan/jq) or sed of yaml files. `yq` allows to query the yaml tree and highlights it: + - ```k get svc a -oyaml | yq r -``` - [dev.to: yq : A command line tool that will help you handle your YAML resources better 🌟](https://dev.to/vikcodes/yq-a-command-line-tool-that-will-help-you-handle-your-yaml-resources-better-8j9) - [Kapitan](https://kapitan.dev/) Generic templated configuration management for Kubernetes, Terraform and other things. - [yaml.sh](https://www.yaml.sh/) A YAML parser completely in bash. [Yaml.sh β€” YAML Sans Helm](https://medium.com/@KarlKFI/yaml-sh-yaml-sans-helm-e983a3dfdaec)