diff --git a/docs/GoogleCloudPlatform.md b/docs/GoogleCloudPlatform.md index 4b61d883..c0871e03 100644 --- a/docs/GoogleCloudPlatform.md +++ b/docs/GoogleCloudPlatform.md @@ -31,6 +31,7 @@ - [cloud.google.com: Compare AWS and Azure services to Google Cloud](https://cloud.google.com/free/docs/aws-azure-gcp-service-comparison) - [thecloudgirl.dev: What is Google Cloud Load Balancing?](https://thecloudgirl.dev/CLB.html) - [cloud.google.com: Secret Manager Best Practices](https://cloud.google.com/secret-manager/docs/best-practices) +- [cloud.google.com: Choose the best way to use and authenticate service accounts on Google Cloud](https://cloud.google.com/blog/products/identity-security/how-to-authenticate-service-accounts-to-help-keep-applications-secure) ## GitHub - [github.com/GoogleCloudPlatform](https://github.com/GoogleCloudPlatform) diff --git a/docs/ansible.md b/docs/ansible.md index 5273f01a..aaa4a24a 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -1,5 +1,6 @@ # Ansible - [Configuration Management with Ansible DevOps Tool](#configuration-management-with-ansible-devops-tool) +- [Ansible Collections](#ansible-collections) - [Red Hat Ansible Automation Platform](#red-hat-ansible-automation-platform) - [Automation services catalog](#automation-services-catalog) - [Red Hat Certified Ansible Content Collections](#red-hat-certified-ansible-content-collections) @@ -70,6 +71,13 @@ * [redhat.com: How to use Ansible to configure a reverse proxy ๐ŸŒŸ](https://www.redhat.com/sysadmin/reverse-proxy-ansible) Placing a load balancer in front of your web server infrastructure helps ensure any spike in traffic doesn't bring down the site. * [youtube playlist: Ansible Tutorial ๐ŸŒŸ](https://www.youtube.com/playlist?app=desktop&list=PLVx1qovxj-al0Knm1A0eEXfGyd5kCi16p) * [Ansible 3.3.0 released](https://groups.google.com/g/ansible-devel/c/CdQ7eWUUm8k?pli=1) +* [youtube playlist: Ansible ๐ŸŒŸ](https://www.youtube.com/playlist?list=PLVx1qovxj-al0Knm1A0eEXfGyd5kCi16p) +* [youtube: Exercises / Monitoring : How to install node exporter ๐ŸŒŸ](https://www.youtube.com/watch?v=NgRuap0MmZw&ab_channel=XavkiEn) In this tutorial, we start an exercise to install a monitoring stack. This exercise allows you to add prometheus + grafana on 1 server and node-exporter on all servers. +* [fedoramagazine.org: Using Ansible to configure Podman containers ๐ŸŒŸ](https://fedoramagazine.org/using-ansible-to-configure-podman-containers/) + +## Ansible Collections +- [Ansible Collections ๐ŸŒŸ](https://github.com/ansible-collections) +- [Amazon AWS Collection ๐ŸŒŸ](https://github.com/ansible-collections/amazon.aws) ## Red Hat Ansible Automation Platform - [redhat.com: Red Hat Ansible Automation Platform Enhancements and New Certified Ansible Content Collections Refine the Automation Experience to Drive Business Imperatives](https://www.redhat.com/en/about/press-releases/red-hat-ansible-automation-platform-enhancements-and-new-certified-ansible-content-collections-refine-automation-experience-drive-business-imperatives) Ready-to-use, curated automation for a wide range of platforms, public clouds, network and security technologies help organizations more easily get started with the latest trusted automation diff --git a/docs/aws.md b/docs/aws.md index c5639a7f..e2b30d00 100644 --- a/docs/aws.md +++ b/docs/aws.md @@ -158,6 +158,7 @@ - [dzone: AWS Basics: Bastion Hosts and NAT ๐ŸŒŸ](https://dzone.com/articles/aws-basics-bastian-hosts-and-nat) In this post, we will set up Bastion Host and NAT instances in our VPC. We will learn why we need those and some of the options available to us. - [acloudguru.com: The Cloud Dictionary of Pain: Five Of AWSโ€™s Toughest Cloud Topics](https://acloudguru.com/blog/engineering/the-cloud-dictionary-of-pain-five-of-awss-toughest-cloud-topics) - [dannys.cloud: 10 Best Free AWS Learning Resources for Beginners](https://dannys.cloud/10-best-free-aws-learning-resources-for-beginners) This blogpost provides free resources for beginners to get started with AWS through videos, whitepapers, labs, and certification guides. +- [linkedin pulse: Listado de todos los Servicios de AWS (actualizado 1 de Enero 2021) ๐ŸŒŸ](https://www.linkedin.com/pulse/listado-de-todos-los-servicios-amazon-web-services-daniel-pe%25C3%25B1a-silva) ### Books - [gocloudarchitects.com: AWS Certified Solutions Architect Associate Exam Guide](https://www.gocloudarchitects.com/free-csa-a-ebook/) @@ -190,6 +191,7 @@ - [aws.amazon.com: Amazon S3 Glacier Price Reduction](https://aws.amazon.com/es/blogs/aws/amazon-s3-glacier-price-reduction/) - [infoq.com: AWS Announces Lower Cost Storage Classes for Amazon Elastic File System](https://www.infoq.com/news/2021/03/aws-efs-one-zone-storage-classes/) - [dzone: Understanding AWS Costs ๐ŸŒŸ](https://dzone.com/articles/understanding-aws-costs) In this article, I'll provide a comprehensive guide on how to understand your AWS costs and needs. +- [thenewstack.io: 7 Tips for Cutting Down Your AWS Kubernetes Bill](https://thenewstack.io/7-tips-for-cutting-down-your-aws-kubernetes-bill/) ### AWS Calculator - [AWS Total Cost of Ownership (TCO) Calculators ๐ŸŒŸ](https://aws.amazon.com/tco-calculator/) @@ -335,6 +337,7 @@ - [besanttechnologies.com: AWS โ€“ Relational Database Service](https://www.besanttechnologies.com/amazon-web-services-relational-database) - [Introducing the Aurora Storage Engine](https://aws.amazon.com/blogs/database/introducing-the-aurora-storage-engine/) - [dzone: AWS Relational Database Service (RDS): PostgreSQL in Cloud ๐ŸŒŸ](https://dzone.com/articles/aws-relational-database-service-rds-postgresql-in) Today, we will go into details of Amazon RDS. We also set up a PostgreSQL instance using this service and connect to it using a tool Azure Data Studio. +- [sysadminxpert.com: How to Enable Slow Query Logs in AWS RDS MySQL](https://sysadminxpert.com/how-to-enable-slow-query-logs-in-aws-rds-mysql/) ### AWS DMS - [Amazon RDS for PostgreSQL Enhancements: Support for new minor versions, Logical Replication, and Amazon RDS PostgreSQL as a source for AWS DMS](https://aws.amazon.com/about-aws/whats-new/2016/09/amazon-rds-for-postgresql-enhancements-support-for-new-minor-versions-logical-replication-and-amazon-rds-postgresql-as-a-source-for-aws-dms/) @@ -756,6 +759,8 @@ aws ec2 describe-instances --query 'Reservations[].Instances[].[Placement.Availa ## Tools - [ec2-spot-converter](https://github.com/jcjorel/ec2-spot-converter) This tool converts existing EC2 instances back and forth from on-demand and 'persistent' Spot billing models while preserving instance attributes (Launch configuration, Tags..), network attributes (existing Private IP addresses, Elastic IP), storage (Volumes), Elastic Inference accelerators and Elastic GPUs. It also allows replacement of existing Spot instances with new "identical" ones to update the instance type and cpu options. +- [github.com/aws-samples/aws-auto-inventory: AWS Automated Inventory ๐ŸŒŸ](https://github.com/aws-samples/aws-auto-inventory) A command line tool that allows you to quickly and easily generate inventory reports of your AWS resources. +- [github.com/aws-samples/aws-waf-ops-dashboards ๐ŸŒŸ](https://github.com/aws-samples/aws-waf-ops-dashboards) In this repository, we share code for building infrastructure to collect, enrich, and visualize AWS Web Application Firewall logs. Implementing this project in your AWS account will allow you to view and filter the logs through Kibana dashboards below, as well as customize views and dashboards to your needs. ## Third party tools - [techcrunch.com: Vantage makes managing AWS easier](https://techcrunch.com/2021/01/12/vantage-makes-managing-aws-easier/) @@ -775,6 +780,7 @@ aws ec2 describe-instances --query 'Reservations[].Instances[].[Placement.Availa - [AWS IP inventory](https://github.com/okelet/awsipinventory) Tool to generate an inventory of all IP addresses in use in an account, one or multiple VPC, or one or multiple subnet. - [dev.to: How to Copy a Security Group with Rules from one AWS Account to Another account ?](https://dev.to/dineshrathee12/how-to-copy-a-security-group-with-rules-from-one-aws-account-to-another-account-36mb) - [CopySGFromOneAWSAccountToAnotherScript.py](https://github.com/dineshrathee12/CopySecurityGroupWithRulesFromOneAWSAccountToAnotherAWSAccount/blob/main/CopySGFromOneAWSAccountToAnotherScript.py) +- [github.com/awslabs/assisted-log-enabler-for-aws: Assisted Log Enabler - Find resources that are not logging, and turn them on ๐ŸŒŸ](https://github.com/awslabs/assisted-log-enabler-for-aws) ## Development - [thenewstack.io: Remote Debugging in AWS: The Missing Link in Your Debugging Toolset](https://thenewstack.io/remote-debugging-in-aws-the-missing-link-in-your-debugging-toolset/) diff --git a/docs/azure.md b/docs/azure.md index 4bc27a6c..dd1568b0 100644 --- a/docs/azure.md +++ b/docs/azure.md @@ -1,6 +1,7 @@ # Microsoft Azure - [Azure](#azure) - [Azure DevOps](#azure-devops) +- [IaC with PowerShell DSC Desired State Configuration](#iac-with-powershell-dsc-desired-state-configuration) - [Azure Bicep](#azure-bicep) - [AKS Azure Kubernetes Service](#aks-azure-kubernetes-service) - [Azure Red Hat OpenShift ARO](#azure-red-hat-openshift-aro) @@ -39,11 +40,29 @@ - [youtube: Azure DevOps Pipeline and Image Builder](https://www.youtube.com/watch?v=zL0eLEl2BxI&ab_channel=TravisRoberts) - [dev.to: Setting up a CI-CD Pipeline Using Azure DevOps ๐ŸŒŸ](https://dev.to/gbengelebs/setting-up-a-ci-cd-pipeline-using-azure-devops-4gb) - [zartis.com: Simplify Your SDLC with Azure DevOps ๐ŸŒŸ](https://www.zartis.com/simplify-your-sdlc-with-azure-devops/) +- [thomasthornton.cloud: Scout Suite reports using Azure DevOps Pipeline](https://thomasthornton.cloud/2021/04/29/scout-suite-reports-using-azure-devops-pipeline/) Interesting article on how to fecth az DevOps pipelines reports as a static website + +## IaC with PowerShell DSC Desired State Configuration +- [docs.microsoft.com: Desired State Configuration overview for decision makers ๐ŸŒŸ](https://docs.microsoft.com/en-us/powershell/scripting/dsc/) +- [docs.microsoft.com: Using configuration data in DSC](https://docs.microsoft.com/en-us/powershell/scripting/dsc/configurations/configData) +- [octopus.com: Getting started with PowerShell Desired State Configuration (DSC)](https://octopus.com/blog/getting-started-with-powershell-dsc) PowerShell DSC is an Infrastructure as Code (IaC) technology that uses PowerShell to create Managed Object Format (MOF) files, which Windows Management Instrumentation (WMI) can use to configure a machine. In other words, PowerShell DSC uses PowerShell to programmatically configure your Windows-based computers. Additionally, DSC can monitor the state of the configured resources to make sure your machines stay consistent. Along with monitoring, DSC can also automatically correct the configuration of your system, so itโ€™s always in the desired state. **PowerShell != PowerShell DSC** ## Azure Bicep - [Bicep](https://github.com/Azure/bicep) Bicep is a Domain Specific Language (DSL) for deploying Azure resources declaratively. ## AKS Azure Kubernetes Service +- [docs.microsoft.com: Microservices architecture on Azure Kubernetes Service (AKS) ๐ŸŒŸ](https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/containers/aks-microservices/aks-microservices) This reference architecture shows a microservices application deployed to Azure Kubernetes Service (AKS). It describes a basic AKS configuration that can be the starting point for most deployments. The architecture consists of the following components: + - Azure Kubernetes Service (AKS) + - Kubernetes cluster + - Virtual network + - Ingress + - Azure Load Balancer + - External data stores + - Azure Active Directory + - Azure Container Registry + - Azure Pipelines + - Helm + - Azure Monitor - [trstringer.com: Run Kubernetes Pods on Specific VM Types in AKS](https://trstringer.com/run-kubernetes-pods-on-vm-types/) - [docs.microsoft.com: AKS-managed Azure Active Directory integration](https://docs.microsoft.com/en-us/azure/aks/managed-aad) - [build5nines.com: Terraform: Create an AKS Cluster ๐ŸŒŸ](https://build5nines.com/terraform-create-an-aks-cluster/) @@ -61,6 +80,7 @@ - [medium: Secure your Microservices on AKS โ€” Part 2 ๐ŸŒŸ](https://medium.com/microsoftazure/secure-your-microservices-on-aks-part-2-5496bf2ba00c) - [zartis.com: How To Save A Fortune On Azure Kubernetes Service](https://www.zartis.com/minimizing-costs-aks/) - [itnext.io: AKS Performance: Limit Ranges](https://itnext.io/aks-performance-limit-ranges-8e18cbebe351) Limit Ranges can be used to fine tune your resource consumption by limiting your min/max requests/limits in namespaces. +- [devoteam.com: Azure Kubernetes Service (AKS) with Azure DevOps](https://nl.devoteam.com/en/blog-post/azure-kubernetes-service-aks-with-azure-devops/) ## Azure Red Hat OpenShift ARO - [ARO](https://www.openshift.com/products/azure-openshift) diff --git a/docs/chaos-engineering.md b/docs/chaos-engineering.md index e422d4e0..9b3244eb 100644 --- a/docs/chaos-engineering.md +++ b/docs/chaos-engineering.md @@ -16,6 +16,7 @@ * [blog.flant.com: Open Source solutions for chaos engineering in Kubernetes](https://blog.flant.com/chaos-engineering-in-kubernetes-open-source-tools/) * [PowerfulSeal](https://github.com/powerfulseal/powerfulseal) injects failure into your Kubernetes clusters, so that you can detect problems as early as possible. It allows for writing scenarios describing complete chaos experiments. * [devopscurry.com: How Chaos Engineering plays a vital role in devops success](https://devopscurry.com/how-chaos-engineering-plays-a-vital-role-in-devops-success) +* [BuggyApp: Simulate performance problems](https://buggyapp.ycrash.io/) BuggyApp can simulate various performance problems like Memory Leak, OutOfMemoryError, CPU spike, thread leak StackOverflowError, deadlock, unresponsiveness and so on. [youtube: BuggyApp Demo](https://www.youtube.com/watch?v=exsv-RUrUFY&t=2s&ab_channel=yCrash) ## Chaos Engineering for serverless computing * [thenewstack.io: Breaking Serverless on Purpose with Chaos Engineering](https://thenewstack.io/breaking-serverless-on-purpose-with-chaos-engineering/) \ No newline at end of file diff --git a/docs/cheatsheets.md b/docs/cheatsheets.md index 9ffa95db..0ff522c9 100644 --- a/docs/cheatsheets.md +++ b/docs/cheatsheets.md @@ -34,6 +34,7 @@ - [Machine Learning](#machine-learning) - [TypeScript](#typescript) - [Jupyter](#jupyter) +- [SQL](#sql) - [Postgres](#postgres) - [MariaDB and mySQL](#mariadb-and-mysql) - [MongoDB](#mongodb) @@ -100,6 +101,8 @@ * [kunchalavikram1427: kubernetes Commands](https://github.com/kunchalavikram1427/Kubernetes_public/blob/master/Kubernetes_Commands.txt) * [betterprogramming.pub: Awesome Kubernetes Command-Line Hacks](https://betterprogramming.pub/awesome-kubernetes-command-line-hacks-8bd3604e394f) Tips for you to kubectl like a pro * [thechief.io: The Definitive Kubectl Cheat Sheet](https://thechief.io/c/editorial/definitive-kubectl-cheat-sheet/) +* [ithands-on.com: Kubernetes 101 : kubectl - communication with pods and containers / running commands inside pods and containers](https://www.ithands-on.com/2021/05/kubernetes-101-kubectl-communication.html) +* [opensource.com: Learn essential Kubernetes commands with a new cheat sheet](https://opensource.com/article/21/5/kubernetes-cheat-sheet) Start exploring kubectl, containers, pods, and more, then download our free cheat sheet so you always have the key commands at your fingertips. ## Docker Cheat Sheets - [dockerlux.github.io: Docker Cheat Sheet](http://dockerlux.github.io/pdfcheat-sheet-v2.pdf) @@ -162,6 +165,8 @@ * [NetworkManager CLI cheatsheet](https://github.com/neilhwatson/nustuff/blob/master/networking/nmcli.md) * [pixelbeat.org/cmdline](http://www.pixelbeat.org/cmdline.html) * [opensource.com: Linux Parted cheat sheet](https://opensource.com/downloads/parted-cheat-sheet) +* [opensource.com: GNU Screen cheat sheet](https://opensource.com/downloads/gnu-screen-cheat-sheet) +* [catonmat.net: GNU Coreutils Cheat Sheet](https://catonmat.net/gnu-coreutils-cheat-sheet) ### SSH Cheat Sheets - [ssh cheat sheet](https://cheatsheet.dennyzhang.com/cheatsheet-ssh-a4) @@ -261,6 +266,9 @@ ## Jupyter - [opensource.com: JupyterLab cheat sheet](https://opensource.com/downloads/jupyterlab-cheat-sheet) +## SQL +- [intellipaat.com: SQL Commands Cheat Sheet](https://intellipaat.com/blog/tutorial/sql-tutorial/sql-commands-cheat-sheet/) + ## Postgres - [postgrescheatsheet.com](https://postgrescheatsheet.com/) diff --git a/docs/cicd-kubernetes-plugins.md b/docs/cicd-kubernetes-plugins.md index 11cc6b86..4724c61a 100644 --- a/docs/cicd-kubernetes-plugins.md +++ b/docs/cicd-kubernetes-plugins.md @@ -8,6 +8,9 @@ * [openshift-pipeline](https://plugins.jenkins.io/openshift-pipeline) * [openshift-sync](https://plugins.jenkins.io/openshift-sync) * [openshift-client](https://plugins.jenkins.io/openshift-client) - ## Argo CD Config Management Plugins - [Argo CD Config Management Plugins](https://argoproj.github.io/argo-cd/user-guide/config-management-plugins/) + +## GitLab Kubernetes Agent +- [GitLab Kubernetes Agent](https://docs.gitlab.com/ee/user/clusters/agent/) +- [GitLab Kubernetes Agent available on GitLab.com](https://about.gitlab.com/releases/2021/04/22/gitlab-13-11-released/#gitlab-kubernetes-agent-available-on-gitlabcom) \ No newline at end of file diff --git a/docs/cicd.md b/docs/cicd.md index d8407c77..a41484e7 100644 --- a/docs/cicd.md +++ b/docs/cicd.md @@ -69,7 +69,8 @@ Here are some important things to consider while building a CI/CD pipeline: * [continuousdelivery.com: Patterns ๐ŸŒŸ](https://continuousdelivery.com/implementing/patterns/) * [devops.com: 7 Popular Open Source CI/CD Tools](https://devops.com/7-popular-open-source-ci-cd-tools/) * [testguild.com: Pipeline as Code with Mohamed Labouardy](https://testguild.com/podcast/automation/a345-mohamed/) - +* [harness.io: Understanding the Phases of the Software Development Life Cycle](https://harness.io/blog/devops/software-development-life-cycle/) +* [cloudbees.com: Key Components of a CI/CD Pipeline](https://www.cloudbees.com/blog/ci-cd-pipeline) ## Security in CI/CD * [CI Checks Are Not Enough: Combat Configuration Drift in Kubernetes Resources](https://thenewstack.io/ci-checks-are-not-enough-combat-configuration-drift-in-kubernetes-resources/) diff --git a/docs/cloud-arch-diagrams.md b/docs/cloud-arch-diagrams.md index 1a521052..696e9def 100644 --- a/docs/cloud-arch-diagrams.md +++ b/docs/cloud-arch-diagrams.md @@ -10,6 +10,7 @@ - [acloudguru.com: The top cloud diagramming tools, ranked](https://acloudguru.com/blog/engineering/the-top-cloud-diagramming-tools-ranked) - [redhat.com: 6 architectural diagramming tools for cloud infrastructure](https://www.redhat.com/architect/diagramming-tools-cloud-infrastructure) Communicating a vision for cloud computing requires meaningful diagrams of logical, physical, and every layer in between. Here are tools that will help make them. - [autodraw.com](https://www.autodraw.com/) Fast drawing for everyone. AutoDraw pairs machine learning with drawings from talented artists to help you draw stuff fast. +- [redhat.com: Try these 5 diagramming tools for network architecture](https://www.redhat.com/architect/diagramming-tools-network-architecture) ## AWS - [AWS Architecture Icons](https://aws.amazon.com/architecture/icons/) The official AWS icon set for building architecture diagrams diff --git a/docs/container-managers.md b/docs/container-managers.md index 8928be63..0c0e6fcd 100644 --- a/docs/container-managers.md +++ b/docs/container-managers.md @@ -69,6 +69,8 @@ - [redhat.com: How to replace Docker with Podman on a Mac](https://www.redhat.com/sysadmin/replace-docker-podman-macos) Want to use Podman to work with containers? Here's what you need to know about Podman on a Mac. - [redhat.com: Exploring the new Podman secret command ๐ŸŒŸ](https://www.redhat.com/sysadmin/new-podman-secrets-command) Use the new podman secret command to secure sensitive data when working with containers. - [developers.redhat.com: Using Podman Compose with Microcks: A cloud-native API mocking and testing tool](https://developers.redhat.com/blog/2021/04/22/using-podman-compose-with-microcks-a-cloud-native-api-mocking-and-testing-tool) +- [redhat.com: How to automate Podman installation and deployment using Ansible ๐ŸŒŸ](https://www.redhat.com/sysadmin/automate-podman-ansible) Learn how to easily install and deploy Podman using Ansible in your environment. +- [tutorialworks.com: How to Start Containers Automatically, with Podman and Systemd](https://www.tutorialworks.com/podman-systemd/) #### Containers In High Security Environments with Podman - [Build trusted pipelines/Guards with Podman containers](https://www.redhat.com/en/blog/using-container-technology-make-trusted-pipeline) Container technology makes develoment easier/cheaper & much more secure. SELinux,SECCOMP,Namespaces,Dropped Capabilities. diff --git a/docs/databases.md b/docs/databases.md index 79abb2fd..9113913e 100644 --- a/docs/databases.md +++ b/docs/databases.md @@ -1,5 +1,7 @@ # Relational Databases on Kubernetes. Database DevOps - [Introduction](#introduction) +- [SQL](#sql) +- [Performance](#performance) - [Stateful and Stateless Applications](#stateful-and-stateless-applications) - [Serverless Databases](#serverless-databases) - [DataOps](#dataops) @@ -53,6 +55,14 @@ - [thenewstack.io: A Case for Databases on Kubernetes from a Former Skeptic](https://thenewstack.io/a-case-for-databases-on-kubernetes-from-a-former-skeptic/) - [hackernoon.com: Database Vs Data Warehouse Vs Data Lake: A Simple Explanation](https://hackernoon.com/database-vs-data-warehouse-vs-data-lake-a-simple-explanation-hz2k33rm) * [percona.com: DBaaS on Kubernetes: Under the Hood ๐ŸŒŸ](https://www.percona.com/blog/2021/02/08/dbaas-on-kubernetes-under-the-hood/) +* [blog.crunchydata.com: Using Kubernetes? Chances Are You Need a Database ๐ŸŒŸ](https://blog.crunchydata.com/blog/using-kubernetes-chances-are-you-need-a-database) +* [thenewstack.io: Databases โ€” Finally โ€” Get Containerized](https://thenewstack.io/databases-finally-get-containerized/) + +## SQL +- [digitalocean.com: How To Use WHERE Clauses in SQL](https://www.digitalocean.com/community/tutorials/how-to-use-where-clauses-in-sql) + +## Performance +- [betterprogramming.pub: 8 Techniques To Speed up Your Database](https://betterprogramming.pub/8-techniques-to-speed-up-your-database-292754ff7739) โ€œIf everything seems under control, youโ€™re not going fast enoughโ€ ## Stateful and Stateless Applications * [xenonstack.com: Stateful and Stateless Applications Best Practices and Advantages](https://www.xenonstack.com/insights/stateful-and-stateless-applications/) * [threadreaderapp.com: Kelsey Hightower: "Kubernetes has made huge improvements in the ability to run stateful workloads including databases and message queues, but I still prefer not to run them on Kubernetes" ๐ŸŒŸ](https://threadreaderapp.com/thread/963413508300812295.html) @@ -806,6 +816,7 @@ oc adm policy add-scc-to-user anyuid system:serviceaccount:pgophub:default - [dzone: A Guide to SQL Triggers: Setting up Database Tracking in PostgreSQL](https://dzone.com/articles/a-guide-to-sql-triggers-setting-up-database-tracking-in-postgresql) SQL triggers are less common but can be a great solution for certain situations. I'll show how to use triggers in Postgres to enforce data integrity and track changes to a database. - [migops.com: pgBackRest โ€“ The Best Postgres Backup Tool with a very active community](https://www.migops.com/blog/2021/04/09/pgbackrest-the-best-postgres-backup-tool-with-a-very-active-community/) - [towardsdatascience.com: Practical Introduction to PostgreSQL](https://towardsdatascience.com/practical-introduction-to-postgresql-5f73d3d394e) +- [percona.com: An Overview of Sharding in PostgreSQL and How it Relates to MongoDBโ€™s](https://www.percona.com/blog/2019/05/24/an-overview-of-sharding-in-postgresql-and-how-it-relates-to-mongodbs/) ## Percona MySQL - [Percona.com: Percona Kubernetes Operator for Percona XtraDB Cluster](https://www.percona.com/doc/kubernetes-operator-for-pxc/index.html) diff --git a/docs/demos.md b/docs/demos.md index 5ca1ca21..f26074dc 100644 --- a/docs/demos.md +++ b/docs/demos.md @@ -96,6 +96,7 @@ * [Spring PetClinic Sample Application](#spring-petclinic-sample-application) By following this repository you can able to setup a DevOps CI/CD Pipeline using: git, Jenkins, Maven, Ansible, Docker & Kubernetes * [swissarmydevops.com](https://swissarmydevops.com/) * [dev.to: Build a highly available Node.js application using Docker, NGINX and AWS ELB](https://dev.to/sowmenappd/build-a-highly-available-node-js-application-using-docker-nginx-and-aws-elb-3cjp) +* [towardsdatascience.com: Developing and Deploying a COMPLETE Project Using FastAPI, Jinja2, SQLAlchemy, Docker, and AWS](https://towardsdatascience.com/developing-and-deploying-a-complete-project-using-fastapi-jinja2-sqlalchemy-docker-and-aws-1b504a1a2be4) ### Container Tools - [dzone Avengers of the Container World, Episode 1: Podman Hands-On ๐ŸŒŸ](https://dzone.com/articles/avengers-of-container-world-episode-1-podman-hands) CRI-O and Podman have been widely adapted by most of the modern container platforms. In this blog, we will deep-dive on Podman with a hands-on session. @@ -153,6 +154,7 @@ * [matthewpalmer.net: Kubernetes Ingress with Nginx Example ๐ŸŒŸ](https://matthewpalmer.net/kubernetes-app-developer/articles/kubernetes-ingress-guide-nginx-example.html) * [digitalocean.com: How To Deploy a Scalable and Secure Django Application with Kubernetes](https://www.digitalocean.com/community/tutorials/how-to-deploy-a-scalable-and-secure-django-application-with-kubernetes) * [developers.redhat.com: Deploying Node.js applications to Kubernetes with Nodeshift and Minikube](https://developers.redhat.com/blog/2021/03/09/deploying-node-js-applications-to-kubernetes-with-nodeshift-and-minikube/) +* [itnext.io: Breaking down and fixing Kubernetes](https://itnext.io/breaking-down-and-fixing-kubernetes-4df2f22f87c3) In this article you'll break the cluster, delete certificates and rejoin the nodes without causing any downtime. ### Postgres Operator - [blog.flant.com: Our experience with Postgres Operator for Kubernetes by Zalando](https://blog.flant.com/our-experience-with-postgres-operator-for-kubernetes-by-zalando/) @@ -276,6 +278,7 @@ ### Knative * [knative-tutorial](https://github.com/redhat-developer-demos/knative-tutorial) A pratical guide to get started with knative. Knative concepts are explained simple and easy way with lots of demos and exercises. +* [aymen-segni.com: Deploying Serverless Services on Kubernetes using Knative](https://aymen-segni.com/index.php/2020/07/22/deploying-your-serverless-services-on-kubernetes-using-knative/) ### OpenShift Pipelines Workshop (Tekton) - [Build a Go application using OpenShift Pipelines](https://developers.redhat.com/blog/2020/05/26/build-a-go-application-using-openshift-pipelines/) @@ -301,6 +304,7 @@ - [itnext.io: Solving ArgoCD Secret Management with the argocd-vault-plugin ๐ŸŒŸ](https://itnext.io/argocd-secret-management-with-argocd-vault-plugin-539f104aff05) - [youtube: Exploring The Cloud-native Kubernetes CI/CD Pipeline Tool Landscape](https://www.youtube.com/watch?v=5XWwjyikWMQ&feature=emb_logo&ab_channel=Konveyor) In this meetup, we explore the new era of Kubernetes continuous integration continuous deployment pipelines based on a set of fancy tools as Tekton Pipelines, ArgoCD or Helm. We walk through the new DevOps and GitOps technologies landscape and a real demonstration of how these tools work together in order to make developers and system administrators lives easier. [repo1](https://github.com/acidonper/jump-app-gitops) , [repo2](https://github.com/acidonper/jump-app-docs) , [slides](https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbTVoMnVrcVR5Tjl0dlBGWkx2UTZzMHA3N1N3QXxBQ3Jtc0tsZkZrcUpfSzhBX1EzdUtOanRqV3o2WDZpdkhPY0NyODhmbERSQUhROFRPa2pZRC13Q3l0ekQ2MjR1LTIyY254VmhwdHVack1XeDJiRWVBMUl6U3RDRHo3cF9XVDVJRTluLWJFVXNYUjF5OFV4ZlN5SQ&q=https%3A%2F%2Fdocs.google.com%2Fpresentation%2Fd%2F14fSLwfEVpDU-3udMGEW9bQATCAOy0F8b6UOgNgDkD3A%2Fedit%3Fusp%3Dsharing) - [blog.argoproj.io: Introducing the ApplicationSet Controller for Argo CD](https://blog.argoproj.io/introducing-the-applicationset-controller-for-argo-cd-982e28b62dc5) +- [vzilla.co.uk: GitOps - Getting started with ArgoCD](https://vzilla.co.uk/vzilla-blog/gitops-getting-started-with-argocd) ### GitLab Pipelines on OpenShift - [openshift.com: Building GitLab Pipelines on OpenShift](https://www.openshift.com/blog/building-openshift-pipelines-with-gitlab) @@ -352,7 +356,6 @@ * [kubernetes-advocate.medium.com: CI/CD with Dockers and Jenkins ๐ŸŒŸ](https://kubernetes-advocate.medium.com/ci-cd-with-dockers-and-jenkins-70b6f801f9f7) * [medium.com/@devml2016: Letโ€™s Start Automation using Jenkins, Docker, GitHub](https://medium.com/@devml2016/lets-start-automation-using-jenkins-docker-github-d5f8d019ec4a) * [developers.redhat.com: An easier way to create custom Jenkins containers](https://developers.redhat.com/blog/2020/06/04/an-easier-way-to-create-custom-jenkins-containers) Create your own custom Jenkins container image by aggregating readily available containers in a pod template. -* [medium: Letโ€™s Start Automation using Jenkins, Docker, GitHub](https://medium.com/@devml2016/lets-start-automation-using-jenkins-docker-github-d5f8d019ec4a) * [medium: Just commit your code and your docker server is ready (jenkins + github + docker)](https://medium.com/@deepanshuyadavv11/task1-integrating-github-jenkins-and-docker-d66a817774be) * [lambdatest.com: Best Jenkins Pipeline Tutorial For Beginners (Examples) ๐ŸŒŸ](https://www.lambdatest.com/blog/jenkins-pipeline-tutorial/) * [ittroubleshooter.in: Run Parallel Builds in Kubernetes Cluster with Jenkins Pipeline ๐ŸŒŸ](https://ittroubleshooter.in/run-parallel-build-kubernetes-cluster-jenkins/) diff --git a/docs/developerportals.md b/docs/developerportals.md index 166c4845..b52bfe17 100644 --- a/docs/developerportals.md +++ b/docs/developerportals.md @@ -18,6 +18,7 @@ - [Backstage Developer Portal](#backstage-developer-portal) - [APISIX](#apisix) - [NGINX as an API Gateway](#nginx-as-an-api-gateway) + - [Lura API Gateway (based on KrakenD)](#lura-api-gateway-based-on-krakend) - [Mobile Developer Portals](#mobile-developer-portals) - [Automotive](#automotive) - [Auto API](#auto-api) @@ -66,6 +67,7 @@ - [dzone: 3Scale Developer Portal Docs Per Application](https://dzone.com/articles/3scale-developer-portal-docs-per-application) Using this open source platform, we to create a more effective version of your API documentation, allowing devs to only see that docs that are relevant to their work. - [dzone: Why Red Hat and 3scale Matter: A Developer's View](https://dzone.com/articles/why-red-hat-and-3scale-matter) - [developers.redhat.com: New custom metrics and air gapped (restricted networks) installation in Red Hat 3scale API Management 2.9](https://developers.redhat.com/blog/2020/10/29/new-custom-metrics-and-air-gapped-installation-in-red-hat-3scale-api-management-2-9/) The 3scale Operator now fully supports air gapped installation for 3scale API Management on OpenShift. Air gapped or restricted networks are isolated from the Internet and physically isolated from any other network. Secure environments such as government agencies and financial institutions typically require an air gapped installation for Red Hat Integration on OpenShift. +- [developers.redhat.com: Enhance application security by rotating 3scale access tokens](https://developers.redhat.com/blog/2021/04/29/enhance-application-security-by-rotating-3scale-access-tokens/) ### Google Apigee API Manager - [Google Apigee API Manager](https://cloud.google.com/apigee/) Apigee is an API management platform for developing, analyzing, securing & scaling various APIs and apps. It provides API technology and services for a wide range of organizations and developers to stimulate the pace of digital business. Through API, Apigee assists businesses to securely share data and services across various channels/devices in order to enhance the customer experience. Companies can manage growth and spikes in API traffic with features like traffic isolation and independent scaling. @@ -110,6 +112,11 @@ ### NGINX as an API Gateway - [nginx.com: Deploying NGINX as an API Gateway, Part 1 ๐ŸŒŸ](https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/) +### Lura API Gateway (based on KrakenD) +- [Lura ๐ŸŒŸ](https://luraproject.org/) An extendable, simple and stateless high-performance API Gateway framework designed for both cloud-native and on-prem setups. +- [KrakenD: The fastest API gateway comes with true linear scalability ๐ŸŒŸ](https://www.krakend.io/) KrakenD is a stateless, distributed, high-performance API Gateway that helps you effortlessly adopt microservices. +- [krakend.io: KrakenD framework becomes a Linux Foundation project](https://www.krakend.io/blog/krakend-framework-joins-the-linux-foundation/) KrakenD framework has been donated to the Linux Foundation and is now the โ€œLura Project." + ## Mobile Developer Portals - [developer.mobileconnect.io](https://developer.mobileconnect.io/) - [developer.android.com](https://developer.android.com/) @@ -166,4 +173,6 @@

What is clean code?

Clean code is the code if:
- it is easily readable
- it is easily extendable and maintainable
- it is as simple as possible
- it is cheap and risk-free to change
- it reveals our intent
- it has corresponding clean tests

What else would you add?

— Daniel Mokaโšก (@dmokafa) January 24, 2021

5 things I've learned in 10 years as a developer:

1. No one knows exactly what they are doing
2. Anything can be learned with enough dedication
3. Perception > reality
4. Taking on the toughest problems pays dividends
5. People like to make things sound complicated for their ego

— Nader Dabit (@dabit3) April 22, 2021
+ +

Deleting code matters! You can provide tons of value by deleting code!

Deleting code such as:
- removing duplication
- removing redundant comments
- removing unnecessary complexity
- removing unused code

Always keep in mind: The less the code, the less to maintain.

— Daniel Mokaโšก (@dmokafa) May 5, 2021
\ No newline at end of file diff --git a/docs/devops.md b/docs/devops.md index 195c6616..44fb8480 100644 --- a/docs/devops.md +++ b/docs/devops.md @@ -19,6 +19,7 @@ - [Google Cloud Platform](#google-cloud-platform) - [NoOps](#noops) - [Data as Code](#data-as-code) +- [Youtube Playlists](#youtube-playlists) ## Introduction to Digital Business Transformation - [What Is AIOps, BizDevOps, CloudOps, DevOps, ITOps, NoOps? A Gentle Introduction to Digital Business Transformation ๐ŸŒŸ](https://stxnext.com/blog/2019/04/25/aiops-bizdevops-cloudops-devops-itops-noops-introduction-digital-business-transformation/) @@ -128,6 +129,9 @@ * [youtube: The best DevOps tools, frameworks, and platforms in 2021 ๐ŸŒŸ](https://www.youtube.com/watch?v=js-rq7SvPpE&ab_channel=DevOpsToolkit) * [devops.com: DevOps Trends to Watch in 2021 ๐ŸŒŸ](https://devops.com/devops-trends-to-watch-in-2021/) * [itproportal.com: How to implement DevOps successfully in 2021 ๐ŸŒŸ](https://www.itproportal.com/features/how-to-implement-devops-successfully-in-2021/) The question isnโ€™t whether or not companies should adopt DevOps, but how to successfully. +* [devops.com: Nine Pillars of DevOps Best Practices](https://devops.com/nine-pillars-of-devops-best-practices/) +* [medium: Digital Transformation for Modern Enterprises Through DevOps โ€” A Complete Guide](https://medium.com/hackernoon/digital-transformation-for-modern-enterprises-through-devops-a-complete-guide-6f595463c7dd) +* [weblineindia.com: DevOps Automation โ€“ Everything You Need to Know](https://www.weblineindia.com/blog/all-about-devops-automation/)
[![OCP 4 Pland and Deploy](images/openshift_day2.png)](https://www.openshift.com/blog/openshift-end-to-end-cluster-customization) @@ -241,6 +245,12 @@ - [thenewstack.io: The Coming Era of Data as Code ๐ŸŒŸ](https://thenewstack.io/the-coming-era-of-data-as-code/) - [arrikto.com: What is Data as Code ๐ŸŒŸ](https://www.arrikto.com/blog/what-is-data-as-code/) +## Youtube Playlists +- [youtube playlist: DevOps - SonarQube, Artifactory, JFrog, Jenkins, Maven, etc ๐ŸŒŸ](https://www.youtube.com/playlist?list=PLVx1qovxj-akoYTAboxT1AbHlPmrvRYYZ) +- [youtube playlist: Docker ๐ŸŒŸ](https://www.youtube.com/playlist?list=PLVx1qovxj-amqyqHceAhkcsopzi4PFcKc) +- [youtube playlist: Ansible ๐ŸŒŸ](https://www.youtube.com/playlist?list=PLVx1qovxj-al0Knm1A0eEXfGyd5kCi16p) +- [youtube playlist: Kubernetes ๐ŸŒŸ](https://www.youtube.com/playlist?list=PLVx1qovxj-akr_3XqQQgpqRyQw4GYuS4h) +
[![Devops containers strategy](images/devops_containers_strategy.png)](https://www.contino.io/insights/how-to-make-enterprise-container-strategies-that-last-part-one) diff --git a/docs/devsecops.md b/docs/devsecops.md index 81d122ca..8563b967 100644 --- a/docs/devsecops.md +++ b/docs/devsecops.md @@ -5,11 +5,13 @@ - [Kubernetes Threat Modelling](#kubernetes-threat-modelling) - [Kubernetes Config Security Threats](#kubernetes-config-security-threats) - [Security Linting on Kubernetes](#security-linting-on-kubernetes) +- [IaC and Security](#iac-and-security) - [Multi-Level Security (MLS) vs Multi-Category Security (MCS). Make Secure Pipelines with Podman and Containers](#multi-level-security-mls-vs-multi-category-security-mcs-make-secure-pipelines-with-podman-and-containers) - [Project Calico](#project-calico) - [Security Patterns for Microservice Architectures](#security-patterns-for-microservice-architectures) - [Anchore Container Security Solutions for DevSecOps](#anchore-container-security-solutions-for-devsecops) - [Twistlock and Threat Stack Container Security](#twistlock-and-threat-stack-container-security) +- [OWASP](#owasp) - [StackRox](#stackrox) - [Secure Container Based CI/CD Workflows](#secure-container-based-cicd-workflows) - [Securing Kubernetes With Anchore](#securing-kubernetes-with-anchore) @@ -26,7 +28,7 @@ - [CyberArk and Ansible](#cyberark-and-ansible) - [CyberArk Conjur](#cyberark-conjur) - [SOPS for Kubernetes](#sops-for-kubernetes) - - [Alternatives](#alternatives) + - [Alternatives with Kubernetes External Secrets](#alternatives-with-kubernetes-external-secrets) - [Serverless Security Best Practices](#serverless-security-best-practices) - [Docker Images & Container Security](#docker-images--container-security) - [Pod Security Policies](#pod-security-policies) @@ -66,6 +68,11 @@ - [amazon.com: Building end-to-end AWS DevSecOps CI/CD pipeline with open source SCA, SAST and DAST tools](https://aws.amazon.com/blogs/devops/building-end-to-end-aws-devsecops-ci-cd-pipeline-with-open-source-sca-sast-and-dast-tools/) - [infoq.com: 9 Trends That Are Influencing the Adoption of Devops and Devsecops in 2021](https://www.infoq.com/articles/devops-secure-trends/) - [addteq.com: The REAL Difference between DevOps and DevSecOps](https://www.addteq.com/blog/2021/03/the-real-difference-between-devops-and-devsecops) +- [invensislearning.com: Difference between DevOps and DevSecOps](https://www.invensislearning.com/blog/devops-vs-devsecops/) +- [techerati.com: DevSecOps: Eight tips for truly securing software](https://www.techerati.com/features-hub/opinions/devsecops-eight-tips-for-truly-securing-software/) +- [devops.com: SecDevOps is the Solution to Cybersecurity ๐ŸŒŸ](https://devops.com/secdevops-is-the-solution-to-cybersecurity/) +- [techrepublic.com: DevOps is getting code released faster than ever. But security is lagging behind](https://www.techrepublic.com/article/devops-is-getting-code-released-faster-than-ever-but-security-is-lagging-behind/) +- [redeszone.net: No configurar bien la nube es culpable de la mayorรญa de vulnerabilidades](https://www.redeszone.net/noticias/seguridad/configurar-mal-nube-vulnerabilidades/) ## Quality Gates - [dzone: DevOps Pipeline Quality Gates: A Double-Edged Sword](https://dzone.com/articles/devops-pipeline-quality-gates-a-double-edged-sword) In theory, quality gates seem like a no-brainer, but it does come with a catch. @@ -74,7 +81,7 @@ - Source code version control - Optimum branching strategy - Static analysis - - >80% code coverage + - More than 80% code coverage - Vulnerability scan - Open source scan - Artifact version control @@ -101,6 +108,9 @@ - [kubeLinter ๐ŸŒŸ](https://github.com/stackrox/kube-linter) KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices. - [thenewstack.io: StackRox KubeLinter Brings Security Linting to Kubernetes](https://thenewstack.io/stackrox-kubelinter-brings-security-linting-to-kubernetes/) +## IaC and Security +- [thenewstack.io: Security Insights into Infrastructure-as-Code](https://thenewstack.io/security-insights-into-infrastructure-as-code/) + ## Multi-Level Security (MLS) vs Multi-Category Security (MCS). Make Secure Pipelines with Podman and Containers - [Why you should be using Multi-Category Security (MCS) for your Linux containers](https://www.redhat.com/en/blog/why-you-should-be-using-multi-category-security-your-linux-containers) - [Using Podman and Containers to make a more secure pipeline](https://www.redhat.com/en/blog/using-container-technology-make-trusted-pipeline) @@ -120,6 +130,10 @@ - [Threat Stack](https://www.threatstack.com/) - [dzone: A Twistlock and Threat Stack Comparison](https://dzone.com/articles/a-twistlock-and-threat-stack-comparison) Compare two of the most popular tools available for container security, and how their different approaches breed different solutions. +## OWASP +- [vashishtsumit89.medium.com: Security/Pen Testing: A guide to run OWASP Zap headless in containers for CI/CD pipeline](https://vashishtsumit89.medium.com/security-pen-testing-a-guide-to-run-owasp-zap-headless-in-containers-for-ci-cd-pipeline-ddb580dae3c8) +- [redeszone.net: OWASP ZAP, audita la seguridad de webs y evita vulnerabilidades](https://www.redeszone.net/tutoriales/seguridad/owasp-zap-auditar-seguridad-web/) + ## StackRox - [stackrox.com](https://www.stackrox.com/) - [redhat.com: Red Hat to Acquire Kubernetes-Native Security Leader StackRox](https://www.redhat.com/en/about/press-releases/red-hat-acquire-kubernetes-native-security-leader-stackrox) @@ -184,6 +198,10 @@ - [digitalvarys.com: Simple Introduction to HashiCorp Vault](https://digitalvarys.com/simple-introduction-to-hashicorp-vault/) - [hashicorp.com: HCP Vault is now generally available on AWS ๐ŸŒŸ](https://www.hashicorp.com/blog/vault-on-the-hashicorp-cloud-platform-ga) - [hashicorp.com: Serverless Secrets with HashiCorp Vault](https://www.hashicorp.com/resources/serverless-secrets-vault) Learn how to securely store and retrieve credentials across providers for applications running within AWS Lambda, Azure Functions, and Google Cloud Functions. +- [thenewstack.io: HashiCorp Releases HCP Vault to Combat โ€˜Secrets Managementโ€™ Fatigue](https://thenewstack.io/hashicorps-releases-hcp-vault-to-combat-secrets-management-fatigue/) +- [datadoghq.com: Monitor HashiCorp Vault metrics and logs](https://www.datadoghq.com/blog/monitor-vault-metrics-and-logs/) +- [thenewstack.io: Reasons to Implement HashiCorp Vault and Other Zero Trust Tools](https://thenewstack.io/reasons-to-implement-hashicorp-vault-and-other-zero-trust-tools/) +- [hashicorp.com: Retrieve HashiCorp Vault Secrets with Kubernetes CSI](https://www.hashicorp.com/blog/retrieve-hashicorp-vault-secrets-with-kubernetes-csi) Learn how to use CSI to expose secrets on a volume within a Kubernetes pod and retrieve them using our beta Vault Provider for the Kubernetes Secrets Store CSI Driver. ### CyberArk and Ansible - [ansible.com: Simplifying secrets management with CyberArk and Red Hat Ansible Automation Platform](https://www.ansible.com/blog/simplifying-secrets-management-with-cyberark-and-red-hat-ansible-automation-platform) @@ -196,11 +214,13 @@ ### SOPS for Kubernetes - [dev.to: Manage your secrets in Git with SOPS for Kubernetes ๐ŸŒŸ](https://dev.to/stack-labs/manage-your-secrets-in-git-with-sops-for-kubernetes-57me) -### Alternatives +### Alternatives with Kubernetes External Secrets - [GitOps secret management with bitnami-labs Sealed Secret and GoDaddy Kubernetes External Secrets ๐ŸŒŸ](https://www.openshift.com/blog/gitops-secret-management) - - [Kubernetes External Secrets ๐ŸŒŸ](https://github.com/external-secrets/kubernetes-external-secrets) + - [Kubernetes External Secrets ๐ŸŒŸ](https://github.com/external-secrets/kubernetes-external-secrets) Integrate external secret management systems with Kubernetes. Kubernetes External Secrets allows you to use external secret management systems, like AWS Secrets Manager or HashiCorp Vault, to securely add secrets in Kubernetes. - [aws.amazon.com: Managing secrets deployment in Kubernetes using Sealed Secrets ๐ŸŒŸ](https://aws.amazon.com/blogs/opensource/managing-secrets-deployment-in-kubernetes-using-sealed-secrets/) - [dzone: Managing Secrets Deployment in GitOps Workflow ๐ŸŒŸ](https://dzone.com/articles/managing-kubernetes-secrets) The importance of keeping your secrets safe. +- [blog.container-solutions.com: The Birth of the External Secrets Community](https://blog.container-solutions.com/the-birth-of-the-external-secrets-community) +- [itnext.io: Secrets injection at runtime from external Vault into Kubernetes โ€” POC](https://itnext.io/secrets-injection-from-external-vault-into-kubernetes-poc-83a52c8cf5cb) ## Serverless Security Best Practices - [10 Serverless security best practices](https://snyk.io/blog/10-serverless-security-best-practices/) @@ -216,6 +236,7 @@ - [openshift.com: Signing and Verifying Container Images ๐ŸŒŸ](https://www.openshift.com/blog/signing-and-verifying-container-images) - [redhat.com: Introducing Red Hat Vulnerability Scanner Certification](https://www.redhat.com/en/blog/introducing-red-hat-vulnerability-scanner-certification) - [docs.microsoft.com: Introduction to Azure Defender for container registries](https://docs.microsoft.com/en-us/azure/security-center/defender-for-container-registries-introduction#when-are-images-scanned) Defender for Container Registries Continuous Image Scan for vulnerabilities is now available for General Availability (GA) +- [techbeacon.com: 17 open-source container security tools ๐ŸŒŸ](https://techbeacon.com/security/17-open-source-container-security-tools) ## Pod Security Policies - [octetz.com: Setting Up Pod Security Policies](https://octetz.com/docs/2018/2018-12-07-psp/) By default, Kubernetes allows anything capable of creating a Pod to run a fairly privileged container that can compromise a system. Pod Security Policies protect clusters from privileged pods by ensuring the requester is authorised. diff --git a/docs/docker.md b/docs/docker.md index de0aea32..3b778da5 100644 --- a/docs/docker.md +++ b/docs/docker.md @@ -15,6 +15,7 @@ - [Linux Container Base Images](#linux-container-base-images) - [Blogs](#blogs) - [Awesome Lists](#awesome-lists) +- [Cloud Native Buildpacks](#cloud-native-buildpacks) - [Alternatives to Docker](#alternatives-to-docker) ## Introduction and Tutorials @@ -69,6 +70,7 @@ * [datamechanics.co: Optimized Apache Spark Docker Images](https://www.datamechanics.co/blog-post/optimized-spark-docker-images-now-available) * [theskillpedia.com: Managing docker images - openshift tutorial](https://www.theskillpedia.com/managing-docker-images-openshift-tutorial/) * [iximiuz.com: Container Networking Is Simple!](https://iximiuz.com/en/posts/container-networking-is-simple/) +* [r-bloggers.com: Dockerizing Shiny Applications](https://www.r-bloggers.com/2021/05/dockerizing-shiny-applications/) ## Docker Patterns and Antipatterns - [codefresh.io: Docker anti-patterns ๐ŸŒŸ](https://codefresh.io/containers/docker-anti-patterns/) @@ -140,9 +142,14 @@ * [Awesome Docker ๐ŸŒŸ](https://github.com/veggiemonk/awesome-docker) * [Awesome Compose ๐ŸŒŸ](https://github.com/docker/awesome-compose) +## Cloud Native Buildpacks +- [buildpacks.io: Cloud Native Buildpacks ๐ŸŒŸ](https://buildpacks.io/) transform your application source code into images that can run on any cloud. +- [altoros.com: Streamlining the Creation of Docker Images with Cloud Native Buildpacks](https://www.altoros.com/blog/streamlining-the-creation-of-docker-images-with-cloud-native-buildpacks/) The new Cloud Native Buildpacks framework changes the obnoxious development chore of Dockerfile writing into a simple, automated operations pipeline. When deploying apps to Kubernetes or other container-as-a-service platforms, the proliferation of nonstandard, unauditable containers built manually via Dockerfiles is a real problem. A few products have emerged to solve this problem, among them Cloud Native Buildpacks (ะกNB). In this blog post, we explore the capabilities of these buildpacks and explain how to use them in build pipelines to deliver standardized, auditable images as artifacts suitable for deployment. + ## Alternatives to Docker - [blog.alexellis.io: Building containers without Docker ๐ŸŒŸ](https://blog.alexellis.io/building-containers-without-docker/) - [medium: nerdctl: Docker-compatible CLI for contaiNERD](https://medium.com/nttlabs/nerdctl-359311b32d0e) +- [jfrog.com: THE BASICS: 7 Alternatives to Docker: All-in-One Solutions and Standalone Container Tools ๐ŸŒŸ](https://jfrog.com/knowledge-base/the-basics-7-alternatives-to-docker-all-in-one-solutions-and-standalone-container-tools/) diff --git a/docs/elearning.md b/docs/elearning.md index 101ff871..adbcd691 100644 --- a/docs/elearning.md +++ b/docs/elearning.md @@ -27,4 +27,8 @@ * [SQL Police Department](https://sqlpd.com/) * [techstudyslack.com](https://techstudyslack.com/) TechStudySlack is a Slack for people studying Tech. * [kube.academy](https://kube.academy/) KubeAcademy from VMware. Learn Kubernetes From Experts For Free -* [codewars.com](https://www.codewars.com) Improve your skills by training with others on real code challenges \ No newline at end of file +* [codewars.com](https://www.codewars.com) Improve your skills by training with others on real code challenges +* [riptutorial.com ๐ŸŒŸ](https://riptutorial.com/) Learn programming through books and examples - [eBooks by Tags (PDF) ๐ŸŒŸ](https://riptutorial.com/ebook) + +## Opinions +* [I'm AWS certified? Should you trust me?](https://code.joejag.com/2021/i-am-aws-certified-should-you-trust-me.html) \ No newline at end of file diff --git a/docs/faq.md b/docs/faq.md index 8fc7f248..2f4716cd 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -35,6 +35,7 @@ - [dzone: Cloud Migration(Lift-and-Shift): My Notes From the Ground ๐ŸŒŸ](https://dzone.com/articles/lift-and-shift-my-experience-on-the-ground) - [dzone: The Best Cloud Migration Approach: Lift-And-Shift, Replatform, Or Refactor?](https://dzone.com/articles/the-best-cloud-migration-approach-lift-and-shift-r) There are a number of ways to get your applications to the cloud, but the question of which method to use is a little up in the air. - [dzone: 10 Commandments of Microservice Decomposition ๐ŸŒŸ](https://dzone.com/articles/10-commandments-on-microservice-decomposition) In this article, I will try to cover the purposes of terms used while decomposing microservices and try to fit them under one umbrella concept. +- [acloudguru.com: What is lift and shift cloud migration?](https://acloudguru.com/blog/business/what-is-lift-and-shift-cloud-migration) ## Architectural Patterns for Caching Microservices - [hazelcast.com: Where Is My Cache? Architectural Patterns for Caching Microservices](https://hazelcast.com/blog/architectural-patterns-for-caching-microservices/) diff --git a/docs/git.md b/docs/git.md index 93558fb0..06f2c5dd 100644 --- a/docs/git.md +++ b/docs/git.md @@ -101,6 +101,7 @@ * [dzone: GitOps: How to Ops Your Git the Right Way ๐ŸŒŸ](https://dzone.com/articles/gitops-how-to-ops-your-git-the-right-way) In this article weโ€™ll look into the specifics of creating Git repositories structures โ€Šโ€” โ€Šthe very core of the GitOps approach. * [intellipaat.com: Top Git Interview Questions And Answers ๐ŸŒŸ](https://intellipaat.com/blog/interview-question/git-interview-questions-answers/) * [freecodecamp.org: Git Push to Remote Branch โ€“ How to Push a Local Branch to Origin](https://www.freecodecamp.org/news/git-push-to-remote-branch-how-to-push-a-local-branch-to-origin/) +* [honeybadger.io: Top Ten Git Tips & Tricks](https://www.honeybadger.io/blog/git-tricks/) ## Shields - [shields.io ๐ŸŒŸ](https://shields.io/) @@ -197,6 +198,8 @@ It prescribes that software designers should define formal, precise and verifiab * [cloudbees.com: How to Grow Continuous Delivery Maturity Using Feature Flags](https://www.cloudbees.com/blog/grow-cd-maturity) * [cloudbees.com: Feature Flag Best Practices: Change Management in Production](https://www.cloudbees.com/blog/change-management-in-production) * [cloudbees.com: Feature Flag Best Practices: Understanding the Feature Flag Lifecycle](https://www.cloudbees.com/blog/feature-flag-lifecycle) +* [github.blog: How we ship code faster and safer with feature flags](https://github.blog/2021-04-27-ship-code-faster-safer-feature-flags/) +* [cloudbees.com: The Importance of Feature Flags in CI/CD](https://www.cloudbees.com/blog/the-importance-of-feature-flags-in-cicd) ##### Keystone Interface and Keystone Flags * [martinfowler.com: KeystoneInterface](https://martinfowler.com/bliki/KeystoneInterface.html) @@ -269,6 +272,7 @@ git push origin -f * [github.blog: Solving the innersource discovery problem - Discoverability](https://github.blog/2021-03-23-solving-the-innersource-discovery-problem/) * [devopstips.net: Create, Host and Share Docker Images with GitHub Packages](https://devopstips.net/create-host-and-share-docker-images-with-github-packages) * [blog.gruntwork.io: Introducing git-xargs: an open source tool to update multiple GitHub repos](https://blog.gruntwork.io/introducing-git-xargs-an-open-source-tool-to-update-multiple-github-repos-753f9f3675ec) +* [github.blog: Security keys are now supported for SSH Git operations ๐ŸŒŸ](https://github.blog/2021-05-10-security-keys-supported-ssh-git-operations/) ### GitHub Actions - [github.blog: Testing cloud apps with GitHub Actions and cloud-native open source tools](https://github.blog/2020-10-09-devops-cloud-testing/) @@ -281,6 +285,7 @@ git push origin -f - [github.blog: Work with GitHub Actions in your terminal with GitHub CLI](https://github.blog/2021-04-15-work-with-github-actions-in-your-terminal-with-github-cli/) - [github.blog: GitHub Actions: Control permissions for GITHUB_TOKEN ๐ŸŒŸ](https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/) - [github.blog: GitHub Actions update: Helping maintainers combat bad actors](https://github.blog/2021-04-22-github-actions-update-helping-maintainers-combat-bad-actors/) +- [github.blog: How we use GitHub Actions to manage GitHub Docs](https://github.blog/2021-04-28-use-github-actions-manage-docs/) ### GitHub Actions and OpenShift - [redhat.com: Red Hat and GitHub Collaborate to Expand the Developer Experience on Red Hat OpenShift with GitHub Actions ๐ŸŒŸ](https://www.redhat.com/en/about/press-releases/red-hat-and-github-collaborate-expand-developer-experience-red-hat-openshift-github-actions) Industryโ€™s leading enterprise Kubernetes platform now integrates with GitHub, bringing DevOps automation tools from the worldโ€™s largest developer platform into the OpenShift ecosystem diff --git a/docs/gitops.md b/docs/gitops.md index d4c5d78c..70a9d8ad 100644 --- a/docs/gitops.md +++ b/docs/gitops.md @@ -1,5 +1,6 @@ # GitOps - [Introduction](#introduction) +- [GitOps Working Group](#gitops-working-group) - [Git Repositories Structures](#git-repositories-structures) - [GitOps Tools](#gitops-tools) - [Flux. The GitOps Operator for Kubernetes](#flux-the-gitops-operator-for-kubernetes) @@ -50,6 +51,29 @@ - [blog.container-solutions.com: GitOps: The Bad and the Ugly](https://blog.container-solutions.com/gitops-limitations) - [cloudogu.com: GitOps in Software Development ๐ŸŒŸ](https://cloudogu.com/en/glossary/gitops/) - [gitops.tech: What is GitOps? ๐ŸŒŸ](https://www.gitops.tech/#tools) +- [dzone: GitOps โ€“ DevOps for Infrastructure Automation ๐ŸŒŸ](https://dzone.com/articles/gitops-devops-for-infrastructure-automation) GitOps offers a way to automate and manage infrastructure by using proven DevOps best practices such as version control, code review, and CI/CD pipelines. +- [unifiedguru.com: GitOps and the Cloud Operating Model โ€“ VMware Cloud Community ๐ŸŒŸ](https://www.unifiedguru.com/gitops-and-the-cloud-operating-model-vmware-cloud-community/) +- [thenewstack.io: Misconfiguration Worries Grow](https://thenewstack.io/misconfiguration-worries-grow/) +- [codefresh.io: The pains of GitOps 1.0 ๐ŸŒŸ](https://codefresh.io/devops/pains-gitops-1-0/) GitOps as a practice for releasing software has several advantages, but like all other solutions before it, has also several shortcomings. +- [weave.works: Managing Kubernetes with GitOps in a multi-cluster, multi-cloud world](https://www.weave.works/blog/managing-kubernetes-with-gitops-in-a-multi-cluster-multi-cloud-world) +- [viewnext.com: ยฟQuรฉ es GitOps?](https://www.viewnext.com/que-es-gitops/) +- [thenewstack.io: Have Containers Will Travel: Why GitOps Is Essential for Multicloud ๐ŸŒŸ](https://thenewstack.io/have-containers-will-travel-why-gitops-is-essential-for-multicloud/) +- [weave.works: Put Your Security Worries to Rest with GitOps Operational Control ๐ŸŒŸ](https://www.weave.works/use-cases/security-with-gitops/) GitOps workflows in the Weave Kubernetes Platform give teams a head start since they rely on Gitโ€™s strong correctness and security. Every pull request has a built-in and fully auditable trail. Many companies need to look beyond just compliance and seek a full GRC solution thatโ€™s integral to their workflows. +- [thenewstack.io: Push vs. Pull in GitOps: Is There Really a Difference?](https://thenewstack.io/push-vs-pull-in-gitops-is-there-really-a-difference/) +- [about.gitlab.com: 3 Ways to approach GitOps ๐ŸŒŸ](https://about.gitlab.com/blog/2021/04/27/gitops-done-3-ways/) + +
+[![gitops in a nutshell](images/GitOps-in-a-nutshell.png)](https://www.unifiedguru.com/gitops-and-the-cloud-operating-model-vmware-cloud-community/) +
+ +## GitOps Working Group +- [GitOps Working Group ๐ŸŒŸ](https://github.com/gitops-working-group/gitops-working-group) +- The Five GitOps Principles (as defined by the GitOps Working Group) to the lifecycle of an infrastructure resource, like a virtual machine or load balancer: + - Declarative Configuration (define the resource as code) + - Version controlled (use source control to manage the resource definition) + - Automated delivery (provision and manage the resource from the definition using automation) + - Software Agents (implement automated configuration management for the resource) + - Closed loop (build the delivery pipeline for integration testing for resource changes) ## Git Repositories Structures - [GitOps: How to Ops Your Git the Right Way ๐ŸŒŸ](https://dzone.com/articles/gitops-how-to-ops-your-git-the-right-way) In this article weโ€™ll look into the specifics of creating Git repositories structures โ€Šโ€” โ€Šthe very core of the GitOps approach. @@ -62,6 +86,11 @@ - [Tanka](https://tanka.dev/tutorial/jsonnet) a utility that blends Helm charts with Jsonnet, which combines the deployment speed and ubiquity of Helm charts with the more granular customizability supported by Jsonnet. - [openshift.com: Announcing OpenShift GitOps](https://www.openshift.com/blog/announcing-openshift-gitops) - [ibm.com: Enable GitOps](https://www.ibm.com/garage/method/practices/run/gitops/) GitOps focuses on the Ops side of DevOps and shows how operations configurations, infrastructures, and actions are like software. Everything is code and code is managed with Git. +- [openshift.com: OpenShift Pipelines and OpenShift GitOps are now Generally Available ๐ŸŒŸ](https://www.openshift.com/blog/openshift-pipelines-and-openshift-gitops-are-now-generally-available) + +
+[![gitops pipeline](images/gitops-pipeline.png)](https://www.unifiedguru.com/gitops-and-the-cloud-operating-model-vmware-cloud-community/) +
### Flux. The GitOps Operator for Kubernetes - [Flux](https://fluxcd.io/) The GitOps operator for Kubernetes @@ -136,6 +165,7 @@ Weaveworks's Flagger. * [blog.openshift.com: OpenShift Authentication Integration with ArgoCD](https://blogopenshift.com/openshift-authentication-integration-with-argocd/) * [openshift.com: From Code to Production with GitOps, Tekton and ArgoCD](https://www.openshift.com/blog/from-code-to-production-with-gitops) * [medium: GitOps with Istio, Tekton and Argo CD โ€” on OpenShift 4](https://medium.com/@joelkaplan1/gitops-with-istio-tekton-and-argo-cd-on-openshift-4-5e42d22994e3) +* [thenewstack.io: Red Hat Delivers Full GitOps CI/CD Built on Tekton and Argo](https://thenewstack.io/red-hat-delivers-full-gitops-ci-cd-built-on-tekton-and-argo/) ### AWS Kubernetes * [info.acloud.guru: Adopting GitOps for Kubernetes on AWS](https://info.acloud.guru/resources/deploying-kubernetes-with-gitops) diff --git a/docs/golang.md b/docs/golang.md index fcdc54dd..b791d463 100644 --- a/docs/golang.md +++ b/docs/golang.md @@ -15,6 +15,7 @@ - [The Ultimate Go Study Guide](https://github.com/hoanhan101/ultimate-go) - [ammeon.com: Profiling golang microservices for high throughput on kubernetes/openshift clusters](https://www.ammeon.com/profiling-golang-microservices-for-high-throughput-on-kubernetes-openshift-clusters/) - [cyberciti.biz: How to install Go [golang] on Ubuntu Linux](https://www.cyberciti.biz/faq/how-to-install-gol-ang-on-ubuntu-linux/) +- [developer.okta.com: Elasticsearch in Go: A Developer's Guide](https://developer.okta.com/blog/2021/04/23/elasticsearch-go-developers-guide) ## Client Go - [An example of using dynamic client of k8s.io/client-go](https://ymmt2005.hatenablog.com/entry/2020/04/14/An_example_of_using_dynamic_client_of_k8s.io/client-go) diff --git a/docs/helm.md b/docs/helm.md index b3811904..347a79a0 100644 --- a/docs/helm.md +++ b/docs/helm.md @@ -51,6 +51,12 @@ * [youtube: GitOps Guide to the Galaxy: Working with Helm](https://www.youtube.com/watch?v=1FzOlSed5ts&ab_channel=OpenShift) * [cncf.io: Quick application deployments on MicroK8s using Helm Charts](https://www.cncf.io/blog/2021/03/23/quick-application-deployments-on-microk8s-using-helm-chart) * [cncf.io: Add Java Agents to Existing Kubernetes and Helm Applications Instantly](https://www.cncf.io/blog/2021/03/24/add-java-agents-to-existing-kubernetes-and-helm-applications-instantly) +* [medium: Create Helm Charts to manage Kubernetes applications](https://medium.com/marionete/create-helm-charts-to-manage-kubernetes-applications-9c4235acf99e) Understand what is Helm, Helm Charts and how to configure GitHub pages to store and share your Charts. +* [blog.heyal.co.uk: How to unit-test your helm charts with Golang ๐ŸŒŸ](https://blog.heyal.co.uk/unit-testing-helm-charts/) Learn how to write Golang unit tests for your Helm charts to keep quality high and make changes with confidence. +* [Helm Diff Plugin ๐ŸŒŸ](https://github.com/databus23/helm-diff) A helm plugin that shows a diff explaining what a helm upgrade would change +* [bridgecrew.io: Part 1: Top trends from analyzing the security posture of open-source Helm charts](https://bridgecrew.io/blog/open-source-helm-security-research/) + * [bridgecrew.io: Part 2: Top trends from analyzing the security posture of open-source Helm charts](https://bridgecrew.io/blog/open-source-helm-security-research-part-2/) + * [bridgecrew.io: Part 3: Top trends from analyzing the security posture of open-source Helm charts](https://bridgecrew.io/blog/open-source-helm-security-research-part-3/) ## Helm Chart Documentation * [chart-doc-gen: Helm Chart Documentation Generator](https://github.com/kubepack/chart-doc-gen) diff --git a/docs/images/GitOps-in-a-nutshell.png b/docs/images/GitOps-in-a-nutshell.png new file mode 100644 index 00000000..4f6730af Binary files /dev/null and b/docs/images/GitOps-in-a-nutshell.png differ diff --git a/docs/images/gitops-pipeline.png b/docs/images/gitops-pipeline.png new file mode 100644 index 00000000..2e49987e Binary files /dev/null and b/docs/images/gitops-pipeline.png differ diff --git a/docs/images/lambdatest.jpg b/docs/images/lambdatest.jpg new file mode 100644 index 00000000..7492d56b Binary files /dev/null and b/docs/images/lambdatest.jpg differ diff --git a/docs/index.md b/docs/index.md index 722320c4..071ca098 100644 --- a/docs/index.md +++ b/docs/index.md @@ -9,7 +9,7 @@ A curated list of awesome references collected since 2018. Microservices archite [![container_with_cars](images/container_with_cars.png)](https://www.cncf.io/certification/software-conformance/)
[![docker videos](images/docker_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/dockerrun) [![cncf videos](images/cncf_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCvqbFHwN-nwalWPjPUKpvTA) [![kubernetes logo](images/kubernetes_logo.jpg){: style="width:7%"}](https://www.youtube.com/kubernetescommunity) [![redhat videos](images/redhat_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/RedHatVideos) [![openshift videos](images/openshift_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/rhopenshift) [![rancher logo](images/rancher-logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCh5Xtp82q8wjijP8npkVTBA) [![cloudbees videos](images/cloudbees_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/CloudBeesTV) [![jenkins videos](images/jenkins-logo.jpg){: style="width:7%"}](https://www.youtube.com/user/jenkinsci) [![jenkins-x videos](images/jenkins_x_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCN2kblPjXKMcjjVYmwvquvg) [![spinnaker videos](images/spinnaker_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCcxQbw8kT1-FRhFhO2QCetg) [![vmware tanzu logo](images/vmware_tanzu_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/goPivotal)
[![ibm cloud videos](images/ibm_cloud_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/IBMCloud) [![aws videos](images/aws_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/AmazonWebServices) [![gcp videos](images/gcp_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/googlecloudplatform/) [![azure videos](images/azure_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/windowsazure) [![oraclecloud videos](images/oracle_cloud_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC60OcDzeEtn194-UPYNJs8A) [![digitalocean videos](images/digital_ocean_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/DigitalOceanVideos) [![cloudflare](images/cloudflare_logo.jpg){: style="width:7%"}](https://www.youtube.com/cloudflare) [![openstack](images/openstack_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/OpenStackFoundation) [![harhicorp videos](images/hashicorp_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC-AdvAxaagE9W2f0webyNUQ) [![pulumi videos](images/pulumi_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC2Dhyn4Ev52YSbcpfnfP0Mw) [![liquibase video](images/liquibase_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC5qMsRjObu685rTBq0PJX8w)
-[![dzone videos](images/dzone_logo.jpg){: style="width:7%"}](https://www.youtube.com/c/dzone/) [![prometheus videos](images/prometheus_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC4pLFely0-Odea4B2NL1nWA) [![grafana videos](images/grafana_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCYCwgQAMm9sTJv0rgwQLCxw) [![istio videos](images/istio_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC-zVlo1F3mUbExQ96fABWcQ) [![elastic videos](images/elasticsearch_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/elasticsearch) [![dynatrace videos](images/dynatrace_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCcYJ-5q_AfmjQ4XTjTS0o3g) [![appdynamics videos](images/appdynamics_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCTL2V4fqMMERSWQa1kT4EMw) [![newrelic videos](images/newrelic_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/NewRelicInc) [![tigera calico](images/tigera_calico_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC8uN3yhpeBeerGNwDiQbcgw) [![weavecloud](images/weavecloud_logo.jpg){: style="width:7%"}](https://www.youtube.com/c/WeaveWorksInc) [![tetrate](images/tetrate_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCtV2o3OvEH6U3DQ0-_7chNw)
+[![dzone videos](images/dzone_logo.jpg){: style="width:7%"}](https://www.youtube.com/c/dzone/) [![prometheus videos](images/prometheus_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC4pLFely0-Odea4B2NL1nWA) [![grafana videos](images/grafana_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCYCwgQAMm9sTJv0rgwQLCxw) [![istio videos](images/istio_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC-zVlo1F3mUbExQ96fABWcQ) [![elastic videos](images/elasticsearch_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/elasticsearch) [![dynatrace videos](images/dynatrace_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCcYJ-5q_AfmjQ4XTjTS0o3g) [![appdynamics videos](images/appdynamics_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCTL2V4fqMMERSWQa1kT4EMw) [![newrelic videos](images/newrelic_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/NewRelicInc) [![tigera calico](images/tigera_calico_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC8uN3yhpeBeerGNwDiQbcgw) [![weavecloud](images/weavecloud_logo.jpg){: style="width:7%"}](https://www.youtube.com/c/WeaveWorksInc) [![lambdatest](images/lambdatest.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCCymWVaTozpEng_ep0mdUyw)
[![atlassian videos](images/atlassian_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/GoAtlassian) [![vscode videos](images/vscode_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCs5Y5_7XK8HLDX0SLNwkd3w) [![github videos](images/github_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/github) [![gitlab video](images/gitlab_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg) [![gitkraken](images/gitkraken_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCp06FAzrFalo3txskS1gCfA) [![rocketchat videos](images/rocket_chat_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCin9nv7mUjoqrRiwrzS5UVQ) [![slack videos](images/slack_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCY3YECgeBcLCzIrFLP4gblw) [![mattermost videos](images/mattermost_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCNR05H72hi692y01bWaFXNA) [![microsoft365](images/microsoft_365_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/officevideos) [![openproject](images/openproject_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCpDojas1X9ccix4mxadabpw) [![deiser](images/deiser_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/DEISERCHANNEL)
[![rh devel](images/rh_developer_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC7noUdfWp-ukXUlAsJnSm-Q/) [![spring logo](images/spring-logo.jpg){: style="width:7%"}](https://www.youtube.com/user/SpringSourceDev) [![quarkus logo](images/quarkus-logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCaW8QG_QoIk_FnjLgr5eOqg) [![lightbend videos](images/lightbend_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCcxTiKb1h2lY_gpTCDgXn1g) [![postman videos](images/postman_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCocudCGVb3MmhWQ1aoIgUQw) [![swagger videos](images/smartbear_swagger_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/SmartBearSoftware) [![jfrog](images/jfrog_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/artifrog) [![sonatype](images/sonatype_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/sonatype) [![sonarsource sonarqube](images/sonarsource_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCS5-gTYteN9rnFd98YxYtrA) [![chrome developers videos](images/chromedevtools_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/ChromeDevelopers) [![mozilla developer](images/mozilla_developer_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCh5UlGiu9d6LegIeUCW4N1w)
[![crunchydata](images/crunchydata_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCooRnlDz6VLAbFyKIChz4fg) [![kubedb appscode](images/kubedb_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCxObRDZ0DtaQe_cCP-dN-xg) [![cockroachdb](images/cockroachdb_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCc-m3P54YDVTjtMUJlmAuow) [![mongodb](images/mongodb_logo.jpg){: style="width:7%"}](https://www.youtube.com/user/MongoDB) [![redis](images/redis_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCD78lHSwYqMlyetR0_P4Vig/) [![confluent video](images/confluent_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCmZz-Gj3caLLzEWBtbYUXaA) [![kubemq video](images/kubemq_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCud7fErZAyMC6lHT_cWZNfA) [![openebs](images/openebs_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UC3ywadaAUQ1FI4YsHZ8wa0g) [![storageos](images/storageos_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCm63IQg81KP9vXRWSHQpu1w) [![robin](images/robin_logo.jpg){: style="width:7%"}](https://www.youtube.com/channel/UCt7N400Z8gB_3yKq1qrjP2w) [![portworx](images/portworx_logo.jpg){: style="width:7%"}](https://www.youtube.com/c/Portworx)
@@ -29,7 +29,7 @@ A curated list of awesome references collected since 2018. Microservices archite - [agilemanifesto.org](http://agilemanifesto.org/) - [12factor.net](https://12factor.net/) - [Are You 12-Factor Application Ready?](https://dzone.com/articles/are-you-12-factor-application-ready) - [12-factor app infographic](https://dzone.com/whitepapers/the-12-factor-app-infographic) - [An illustrated guide to 12 Factor Apps ๐ŸŒŸ](https://www.redhat.com/architect/12-factor-app) - [openpracticelibrary.com](https://openpracticelibrary.com/) -- [roadmap.sh](https://roadmap.sh/) +- [roadmap.sh](https://roadmap.sh/) - [DevOps Roadmap](https://roadmap.sh/devops) - [API Landscape](https://www.apidays.co/api-landscape) - [Stack Overflow Annual Developer Survey](https://insights.stackoverflow.com/survey) - [Open Source Guides](https://opensource.guide/) diff --git a/docs/introduction.md b/docs/introduction.md index 1a364840..f2914102 100644 --- a/docs/introduction.md +++ b/docs/introduction.md @@ -14,6 +14,7 @@ - [Software Development Models](#software-development-models) - [Software Development Tools](#software-development-tools) - [vFunction. A system to transform monolithic Java applications into microservices](#vfunction-a-system-to-transform-monolithic-java-applications-into-microservices) +- [Multi Cloud](#multi-cloud) ## Introduction * [developers.redhat.com: Why Kubernetes is The New Application Server](https://developers.redhat.com/blog/2018/06/28/why-kubernetes-is-the-new-application-server/) @@ -98,6 +99,8 @@ * [techerati.com: Microservices in the Cloud-Native Era](https://www.techerati.com/features-hub/opinions/microservices-in-the-cloud-native-era/) * [infoworld.com: 3 cloud architecture mistakes we all make, but shouldn't](https://www.infoworld.com/article/3616211/3-cloud-architecture-mistakes-we-all-make-but-shouldnt.html) * [ringcentral.co.uk: Cloud Management ๐ŸŒŸ](https://www.ringcentral.co.uk/gb/en/blog/definitions/cloud-management/) +* [rudderstack.com: Reinventing the On-Prem Deployment Model](https://rudderstack.com/blog/reinventing-the-on-prem-deployment-model) +* [medium: Honestly, We Shouldnโ€™t Have Used Microservices](https://medium.com/codex/honestly-we-shouldnt-have-used-microservices-443582def48b)
[![microservices infographic](images/microservices-infographic.png)](https://www.weave.works/technologies/going-cloud-native-6-essential-things-you-need-to-know) @@ -153,6 +156,7 @@ ## Career Path - [Kelsey Hightower Fireside Chat: An Unconventional Path to IT and Some Life Advice](https://www.hashicorp.com/resources/kelsey-hightower-fireside-chat-an-unconventional-path-to-it-and-some-life-advice/?utm_source=linkedin) +- [forbes.com: 13 Signs Youโ€™re Selling Yourself Short In Your Career](https://www.forbes.com/sites/adunolaadeshola/2021/04/28/13-signs-youre-selling-yourself-short-in-your-career/) ## Full Stack Developer's Roadmap - [Full Stack Developer's Roadmap ๐ŸŒŸ](https://dev.to/ender_minyard/full-stack-developer-s-roadmap-2k12) @@ -167,6 +171,9 @@ - [vFunction](https://vfunction.com/) vFunction accelerates your journey to cloud native by automating Java app modernization. - [thenewstack.io: vFunction Transforms Monolithic Java to Microservices](https://thenewstack.io/vfunction-transforms-monolithic-java-to-microservices/) +## Multi Cloud +- [acloudguru.com: Sharing data in the cloud: 4 patterns you should know](https://acloudguru.com/blog/business/sharing-data-in-the-cloud-four-patterns-everyone-should-know) +
[![Openshift SaaS VS Kubernetes SaaS](images/openshift-vs-kubernetes-saas.png)](https://proteon.com/2018/10/18/openshift-in-a-world-of-kubernetes-as-a-service/) @@ -181,4 +188,8 @@ + + + +
diff --git a/docs/istio.md b/docs/istio.md index d6900a14..7b643bbb 100644 --- a/docs/istio.md +++ b/docs/istio.md @@ -61,6 +61,10 @@ - [learncloudnative.com: Attach multiple VirtualServices to Istio Gateway](https://learncloudnative.com/blog/2020-11-23-multiple-vs-gateway) - [thenewstack.io: What Is Istio and Why Does Kubernetes Need it? ๐ŸŒŸ](https://thenewstack.io/what-is-istio-and-why-does-kubernetes-need-it/) - [youtube: Istio & Service Mesh - simply explained in 15 mins ๐ŸŒŸ](https://www.youtube.com/watch?v=16fgzklcF7Y&ab_channel=TechWorldwithNana) +- [dev.to: A GitOps recipe for Progressive Delivery with Istio ๐ŸŒŸ](https://dev.to/stefanprodan/a-gitops-recipe-for-progressive-delivery-2pa3) GitOps and Progressive Delivery featuring +IstioMesh, PrometheusIO, Flux v2 & Flagger. +- [samos-it.com: Securing Redis with Istio TLS origination](https://samos-it.com/posts/securing-redis-istio-tls-origniation-termination.html) Istio is daunting and not all use cases are well documented. The public docs focus mostly on using the egress gateway for TLS orignation. The use case of using the sidecar for TLS origination with a database isn't documented well. This blog post hopes to solve that. +- [solo.io: Istio multi-cluster on Red Hat OpenShift with Gloo Mesh](https://www.solo.io/blog/istio-multi-cluster-on-red-hat-openshift-with-gloo-mesh/) ## Maistra Istio - [Maistra.io](https://maistra.io) diff --git a/docs/java_frameworks.md b/docs/java_frameworks.md index 4321b1c9..5360f27e 100644 --- a/docs/java_frameworks.md +++ b/docs/java_frameworks.md @@ -167,6 +167,7 @@ optimizing Enterprise Java for the microservices architecture. - [containerjournal.com: Red Hat Adds Java Runtime for Kubernetes to Subscription](https://containerjournal.com/topics/container-ecosystems/red-hat-adds-java-runtime-for-kubernetes-to-subscription/) Quarkus provides access to a library of more than 200 extensions, including tools such as RESTEasy, Hibernate and Eclipse MicroProfile, along with specific extensions fo Red Hat cloud services such as Red Hat AMQ Streams, Red Hat AMQ Broker and Red Hat Fuse. - [developers.redhat.com: Quarkus and Jakarta EE: Together, or not?](https://developers.redhat.com/blog/2020/09/11/quarkus-and-jakarta-ee-together-or-not) - [youtube: CyberJUG-HH:Why is everybody talking about Quarkus?](https://www.youtube.com/watch?v=nXXPOS8gjtA) In this (Why is everybody talking about Quarkus?) Java User Group Hamburg (CyberJUG-HH) session I highlighted possible reasons for Quarkus' popularity, explained Quarkus' optimisation tricks, the differences between Jakarta EE / J2EE / Java EE application servers and Quarkus, discussed the role of MicroProfile and Jakarta EE, migrated a Java EE application to Quarkus, performed multiple deployments, decompiled some code, measured memory consumption and finally cross compiled the Java service to native code using GraalVM. +- [developers.redhat.com: Build an API using Quarkus from the ground up ๐ŸŒŸ](https://developers.redhat.com/blog/2021/05/11/building-an-api-using-quarkus-from-the-ground-up/) ## Thorntail (aka WildFly Swarm) - [Red Hat Thorntail](https://thorntail.io/) is a framework based on the popular [WildFly Java application server](https://wildfly.org/) to enable the creation of small, stand-alone microservice-based applications. Thorntail is capable of producing so-called just enough app-server to support each component of your system. diff --git a/docs/jenkins-alternatives.md b/docs/jenkins-alternatives.md index bca58fb2..b4721843 100644 --- a/docs/jenkins-alternatives.md +++ b/docs/jenkins-alternatives.md @@ -8,6 +8,7 @@ * [Circle CI](https://circleci.com/) * [Getting started with Kubernetes: how to set up your first cluster](https://circleci.com/blog/getting-started-with-kubernetes-how-to-set-up-your-first-cluster/) * [Adding approval jobs to your CI pipeline](https://circleci.com/blog/adding-approval-jobs-to-your-ci-pipeline/) + * [uilding CI/CD pipelines using dynamic config](https://circleci.com/blog/building-cicd-pipelines-using-dynamic-config/) * [Travis CI](https://travis-ci.org/) * [Concourse](https://concourse-ci.org/) * [Building a continious deployment pipeline with Kubernetes and Concourse-CI](https://blog.alterway.fr/en/building-a-continious-deployment-pipeline-with-kubernetes-and-concourse-ci.html) @@ -71,12 +72,15 @@ * [opensource.com: Why Spinnaker matters to CI/CD](https://opensource.com/article/19/8/why-spinnaker-matters-cicd) Spinnaker provides unique building blocks to create tailor-made, and highly-collaborative continuous delivery pipelines. * [medium: How we rolled out our Kubernetes platform in Adevinta Spain](https://medium.com/adevinta-tech-blog/how-we-rolled-out-our-kubernetes-platform-in-adevinta-spain-63495884a1db) * [harness.io: Best Spinnaker Alternatives to Consider](https://harness.io/blog/continuous-delivery/spinnaker-alternatives/) + * [armory.io: Build a Deployment Pipeline with Spinnaker on Kubernetes](https://www.armory.io/blog/build-a-deployment-pipeline-with-spinnaker-on-kubernetes/) * [ArgoCD](https://argoproj.github.io/argo-cd/) Declarative GitOps CD for Kubernetes * [Cloud Native Computing Foundation Accepts Argo as an Incubator Project](https://www.intuit.com/blog/technology/cloud-native-computing-foundation-accepts-argo-as-an-incubator-project/) * [openshift.com: OpenShift Authentication Integration with ArgoCD](https://www.openshift.com/blog/openshift-authentication-integration-with-argocd) * [developers.redhat.com: OpenShift joins the Argo CD community (KubeCon Europe 2020)](https://developers.redhat.com/blog/2020/08/17/openshift-joins-the-argo-cd-community-kubecon-europe-2020/) * [thenewstack.io: Applied GitOps with ArgoCD](https://thenewstack.io/applied-gitops-with-argocd/) * [IBM/argocd-vault-plugin](https://github.com/IBM/argocd-vault-plugin) An ArgoCD plugin to retrieve secrets from Hashicorp Vault and inject them into Kubernetes secrets. + * [thenewstack.io: Why Argo CD Is the Lifeline of GitOps](https://thenewstack.io/why-argo-cd-is-the-lifeline-of-gitops/) + * [openshift.com: Getting Started with ApplicationSets](https://www.openshift.com/blog/getting-started-with-applicationsets) "App of Apps" pattern. * [Tekton](https://github.com/tektoncd/) * [Tekton PetClinic Demo](https://github.com/tektoncd/pipeline) * [Tekton PetClinic Demo Youtube](https://www.youtube.com/watch?v=igwFpZOUTnw) @@ -85,6 +89,11 @@ * [blog.openshift.com: cloud native CI/CD with openshift pipelines](https://blog.openshift.com/cloud-native-ci-cd-with-openshift-pipelines/) * [learn.openshift.com/middleware/pipelines](https://learn.openshift.com/middleware/pipelines/) * [Easily reuse Tekton and Jenkins X from Jenkins](https://www.jenkins.io/blog/2021/04/21/tekton-plugin/) + * [lambda.grofers.com: Evolving Continuous Delivery in a Cloud-Native Environment ๐ŸŒŸ](https://lambda.grofers.com/evolving-cd-in-a-cloud-native-environment-bb64a38145ae) In this post, weโ€™ll discuss the stages through which continuous delivery infrastructure has evolved at Grofers. Weโ€™ll start with how we began with Kubernetes and Jenkins and managed its growing adoption. Weโ€™ll then discuss why we decided to move from Jenkins to Tekton, how we plan to scale it beyond a few teams, and what kind of challenges we have faced and are currently facing. + * We started with Jenkins shared libs, and wrote common implementation for one group of engineering teams. This worked very well because not only were we able to consolidate and refactor all pipelines at once leading to several optimizations, it also made it easy to understand the CI implementation for all similar services and if we were to add common features and bug fixes it was really easy to push it through a common implementation. + * There were benefits of doing this, but what was not desirable is that it took us a lot of effort to build these shared libs and despite our efforts to keep them simple, they ended up looking very complicated. Standard pipeline specs had departed from being declarative in nature and there was a lot of imperative Groovy logic mixed with Pipeline DSL. + * [itnext.io: Tekton Pipelines Kickstarter. Cloud Native CI/CD with Tekton โ€” Laying The Foundation](https://itnext.io/cloud-native-ci-cd-with-tekton-laying-the-foundation-a377a1b59ac0) + * [cd.foundation: Tekton Pipelines Kickstarter. Cloud Native CI/CD with Tekton โ€” Building Custom Tasks](https://cd.foundation/blog/2021/04/22/cloud-native-ci-cd-with-tekton-building-custom-tasks) * [Jenkins-X + Tekton on OpenShift](https://github.com/openshift/tektoncd-pipeline-operator) * [CI/CD OpenShift and Tekton](https://blog.sonatype.com/new-cloud-native-ci/cd-projects-openshift-and-tekton) * [github.com/openshift/pipelines-tutorial](https://github.com/openshift/pipelines-tutorial) diff --git a/docs/jenkins.md b/docs/jenkins.md index 227512c4..07fb3009 100644 --- a/docs/jenkins.md +++ b/docs/jenkins.md @@ -12,11 +12,13 @@ - [Jenkins Configuration as Code Solutions. 3 available DSLs](#jenkins-configuration-as-code-solutions-3-available-dsls) - [DSL 1. Job DSL Plugin. From Freestyle jobs to Declarative Pipeline](#dsl-1-job-dsl-plugin-from-freestyle-jobs-to-declarative-pipeline) - [DSL 2. Jenkins Pipeline. Pipeline as Code with Jenkins](#dsl-2-jenkins-pipeline-pipeline-as-code-with-jenkins) + - [How to share a Declarative Pipeline. Examples of Declarative Pipelines in Shared Libraries:](#how-to-share-a-declarative-pipeline-examples-of-declarative-pipelines-in-shared-libraries) - [Jenkins Pipeline Syntax. Scripted Syntax (Groovy DSL syntax) VS Declarative Syntax](#jenkins-pipeline-syntax-scripted-syntax-groovy-dsl-syntax-vs-declarative-syntax) - [Extending with Shared Libraries](#extending-with-shared-libraries) - [Jenkinsfile Runner. Serverless / function-as-a-service build execution](#jenkinsfile-runner-serverless--function-as-a-service-build-execution) - [DSL 3. Jenkins Configuration as Code (JCasC)](#dsl-3-jenkins-configuration-as-code-jcasc) - [Read-only Jenkins Configuration](#read-only-jenkins-configuration) +- [Jenkins Pipeline Unit Testing Framework](#jenkins-pipeline-unit-testing-framework) - [Jenkins Architecture. Performance and Scalability](#jenkins-architecture-performance-and-scalability) - [Ansible and Jenkins. Running Ansible Playbooks From Jenkins](#ansible-and-jenkins-running-ansible-playbooks-from-jenkins) - [Jenkins Tools](#jenkins-tools) @@ -86,6 +88,12 @@ * [youtube/Bribe By Bytes: Jenkins Pipelines | Pipeline Concept | Types of Pipelines | Part 1](https://www.youtube.com/watch?v=iddMXjmr7mk&t=657s&ab_channel=BribeByBytes) * [jenkins.io: Easily reuse Tekton and Jenkins X from Jenkins ๐ŸŒŸ](https://www.jenkins.io/blog/2021/04/21/tekton-plugin/) Jenkins can now be used to automate Tekton pipelines too which helps teams digitally transform to more cloud native solutions for their CI and CD. In such a case, you can use Tekton pipeline engine while getting all benefits from Jenkins as an orchestrator, user interface and the reporting engine. The Tekton Client plugin for Jenkins lets you easily use Jenkins to automate creating and running Tekton pipelines. It bridges the Kubernetes learning gap and allows invoking Tekton Pipelines and resources through Jenkins. This allows users to not have much of the Kubernetes specific knowledge beforehand and work. Its a single Jenkins plugin to install - so itโ€™s easy to use. * [harness.io: What is Pipeline as Code, and How Can You Leverage It?](https://harness.io/blog/devops/pipeline-as-code/) +* [lambdatest.com: How To Set Jenkins Pipeline Environment Variables? ๐ŸŒŸ](https://www.lambdatest.com/blog/set-jenkins-pipeline-environment-variables-list/) +* [intellipaat.com: Top Jenkins Interview Questions and Answers](https://intellipaat.com/blog/interview-question/jenkins-interview-questions-answers/) +* [slideshare.net: Jeff Geerling - Jenkins or: How I learned to stop worrying and love automation ๐ŸŒŸ](https://www.slideshare.net/geerlingguy/jenkins-or-how-i-learned-to-stop-worrying-and-love-automation) Configuring Jenkins like a pro. Use authorization strategies in jenkinsci unless you want to have Remote Code Execution as a Service! There are many plugins like Matrix Auth, Role Strategy and Folder Auth. Vendors like CloudBees also provide security engines in their products. +* [youtube - CloudBeesTV: How to Run a Shell Script in Jenkins Pipeline ๐ŸŒŸ](https://www.youtube.com/watch?v=mbeQWBNaNKQ&ab_channel=CloudBeesTV) +* [opensource.com: Make Jenkins logs pretty](https://opensource.com/article/21/5/jenkins-logs) Jenkins' default logs can be hard to read, but they don't have to be. +* [medium: Dynamic and reactive parameterization in Jenkins pipelines using HTML, Groovy, and Bash ๐ŸŒŸ](https://medium.com/globant/dynamic-and-reactive-parameterization-in-jenkins-pipelines-using-html-groovy-and-bash-27b031fcd69b) - [Jenkins Plugin: Active Choices ๐ŸŒŸ](https://plugins.jenkins.io/uno-choice/) The Active Choices plugin is used in parametrized freestyle Jenkins jobs to create scripted, dynamic and interactive job parameters. Active Choices parameters can be dynamically updated and can be rendered as combo-boxes, check-boxes, radio-buttons or rich HTML UI widgets.
[![Jenkins Is The Way](images/Jenkins-is-the-Way.png)](https://jenkinsistheway.io) @@ -95,6 +103,7 @@ ## eBooks - [Pipeline as Code](https://www.manning.com/books/pipeline-as-code) Continuous Delivery with Jenkins, Kubernetes, and Terraform +- [riptutorial.com: Learning Jenkins](https://riptutorial.com/ebook/jenkins) ## Jenkins on Kubernetes * [jenkins.io: Document Jenkins on Kubernetes: Installing Jenkins on Kubernetes Documentation Release ๐ŸŒŸ](https://www.jenkins.io/blog/2020/11/05/installing-jenkins-on-kubernetes/) @@ -109,6 +118,7 @@ * [Dzone: Introduction to Groovy](https://dzone.com/articles/introduction-groovy) * [Dzone refcard: Groovy, a Rapid-Development JVM Language](https://dzone.com/refcardz/groovy) * [opensource.com: Read and write files with Groovy](https://opensource.com/article/21/4/groovy-io) +* [dzone: Groovy Goodness: Using The Call Operator](https://dzone.com/articles/groovy-goodness-using-the-call-operator) In the newest installment of Groovy Goodness, Mr. Haki presents how to use Groovy's call operator to take our code density to the next level. ## Awesome Jenkins * [sahilsk/awesome-jenkins](https://github.com/sahilsk/awesome-jenkins) @@ -187,6 +197,20 @@ * [Dzone: Top 10 Best Practices for Jenkins Pipeline](https://dzone.com/articles/top-10-best-practices-for-jenkins-pipeline) * [opensource.com - Introduction to writing pipelines-as-code and implementing DevOps with Jenkins 2](https://opensource.com/article/18/8/devops-jenkins-2) * [thoughtworks.com: Modernizing your build pipelines ๐ŸŒŸ](https://www.thoughtworks.com/es/insights/blog/modernizing-your-build-pipelines) +* [jenkins users mailing list: Declarative pipelines vs scripted](http://jenkins-ci.361315.n4.nabble.com/Declarative-pipelines-vs-scripted-td4891792.html) +* [cloudbees.com: Top 10 Best Practices for Jenkins Pipeline Plugin ๐ŸŒŸ๐ŸŒŸ](https://www.cloudbees.com/blog/top-10-best-practices-jenkins-pipeline-plugin) + * **When writing a pipeline definition, use Declarative syntax.** First, a history lesson. Scripted syntax was released around December of 2014. In February 2017, Declarative syntax was introduced. Until Declarative was released, we had no choice but to use Scripted syntax. However, since that time, many new features, such as matrix, have only been made available for Declarative. + * **Use shared libraries.** Do you remember the days of when you used inline JavaScript in your web pages? When you introduce a "script" tag into a Declarative pipeline, that's a warning sign that you are starting to head down the same path. When you decide that the "script" tag is the only way to go, instead of using the "script" tag, you should instead create a custom step in a shared library and use that step within your Declarative pipeline. + * **Don't use shared libraries (the wrong way).** Wait, what? You just told me to use shared libraries and now you're telling me not to use shared libraries. What gives? Many people will treat shared libraries like a programming project. Here's the thing to keep in mind. Scripted and Declarative syntax are meant to only do CI tasks and not to be a general purpose programming language. Many Jenkins controller performance issues can be traced back to the misuse of scripted syntax and shared libraries written in a way where all the work is being done within the Jenkins controller itself instead of on the agents. + * **Only use Scripted syntax when it doesn't make sense to use Declarative plus a shared library.** + +#### How to share a Declarative Pipeline. Examples of Declarative Pipelines in Shared Libraries: +* [mtijhof.wordpress.com: Jenkins: Running a declarative pipeline from your Shared Library ๐ŸŒŸ](https://mtijhof.wordpress.com/2019/04/22/jenkins-running-a-declarative-pipeline-from-your-shared-library/) +* [Starting with Declarative 1.2, released in late September, 2017, you can define Declarative Pipelines in your shared libraries as well ๐ŸŒŸ](https://www.jenkins.io/doc/book/pipeline/shared-libraries/) Only entire pipelines can be defined in shared libraries as of this time. This can only be done in vars/*.groovy, and only in a call method. Only one Declarative Pipeline can be executed in a single build, and if you attempt to execute a second one, your build will fail as a result. +- [Declarative Pipeline - Jenkins shared library ๐ŸŒŸ](https://github.com/gfkse/jenkins-shared-library) +- [stackoverflow.com: Can I have an entire declarative pipeline defined and parameterized in a shared library?](https://stackoverflow.com/questions/45889796/can-i-have-an-entire-declarative-pipeline-defined-and-parameterized-in-a-shared) +- [jenkins.io: Share a standard Pipeline across multiple projects with Shared Libraries ๐ŸŒŸ](https://www.jenkins.io/blog/2017/10/02/pipeline-templates-with-shared-libraries/) +- [jenkins.io: Parallel stages with Declarative Pipeline 1.2 ๐ŸŒŸ](https://www.jenkins.io/blog/2017/09/25/declarative-1/)
[![real world pipeline flow](images/realworld-pipeline-flow.png)](https://www.jenkins.io/solutions/pipeline/) @@ -217,6 +241,8 @@
+ +
### DSL 3. Jenkins Configuration as Code (JCasC) @@ -239,6 +265,9 @@ #### Read-only Jenkins Configuration - [Read-only Jenkins Configuration ๐ŸŒŸ](https://www.jenkins.io/blog/2020/05/25/read-only-jenkins-announcement/) This feature allows restricting configuration UIs and APIs while providing access to essential Jenkins system configuration, diagnostics, and self-monitoring tools through Web UI. Such mode is critical for instances managed as code, e.g. with Jenkins [Configuration-as-Code plugin](https://plugins.jenkins.io/configuration-as-code). It is delivered as a part of the [JEP-224: Read-only system configuration](https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc) effort. +## Jenkins Pipeline Unit Testing Framework +- [github.com/jenkinsci/JenkinsPipelineUnit: Framework for unit testing Jenkins pipelines ๐ŸŒŸ](https://github.com/jenkinsci/JenkinsPipelineUnit) Jenkins Pipeline Unit is a testing framework for unit testing Jenkins pipelines, written in [Groovy Pipeline DSL](https://www.jenkins.io/doc/book/pipeline/). If you aren't using jenkinsUnit to test your jenkins pipeline code, then I've got a treat for you. TDD with pipeline is possible and can centralized in a sharedLib can really improve development. (works nicely with Spock too) + ## Jenkins Architecture. Performance and Scalability * [devopscube.com: Jenkins Architecture Explained โ€“ Beginners Guide](https://devopscube.com/jenkins-architecture-explained/) * [dzone: how to setup scalable jenkins on top of a kubernetes cluster](https://dzone.com/articles/how-to-setup-scalable-jenkins-on-top-of-a-kubernet) @@ -252,6 +281,7 @@ * [devopscube.com: How to Setup Docker containers as Build Slaves for Jenkins](https://devopscube.com/docker-containers-as-build-slaves-jenkins/) * [cloudbees.com: Troubleshooting Jenkins Performance: Kubernetes Edition - Part 1 (2020) ๐ŸŒŸ](https://www.cloudbees.com/blog/apm-tools-jenkins-performance) * [cloudbees.com: Troubleshooting Jenkins Performance: Kubernetes Edition - Part 2 (2020) ๐ŸŒŸ](https://www.cloudbees.com/blog/application-performance-monitoring-tools) +* [cloudbees.com: The Two Most Common Issues with Jenkins and How to Fix Them ๐ŸŒŸ](https://www.cloudbees.com/blog/most-common-issues-scaling-jenkins) Jenkins is a fantastic CI/CD solution but it has a significant weak point: Managing & scaling Jenkins for the enterprise is an uphill battle. Tanya Jacob shares the 2 most common issues we hear from enterprises using Jenkins & how to fix them. ## Ansible and Jenkins. Running Ansible Playbooks From Jenkins * [Dzone: Running Ansible Playbooks From Jenkins](https://dzone.com/articles/running-ansible-playbooks-from-jenkins) @@ -264,6 +294,7 @@ * [Jenkinsfile Runner Test Framework](https://github.com/jenkinsci/jenkinsfile-runner-test-framework) * [Jenkins Pipeline Unit testing framework](https://github.com/jenkinsci/JenkinsPipelineUnit) * [Jenkins Custom WAR Packager](https://github.com/jenkinsci/custom-war-packager) +* [jenkins-version](https://github.com/jenkins-infra/jenkins-version) The goal of this tool is to provide a small, simple CLI that can be used to determine the latest Jenkins version, whether that be in the stable or weekly release train, from maven metadata. ### Plugin Installation Manager Tool * [Plugin Installation Manager Tool](https://github.com/jenkinsci/plugin-installation-manager-tool) The plugin manager downloads plugins and their dependencies into a folder so that they can easily be imported into an instance of Jenkins. The goal of this tool is to replace the [Docker install-plugins.sh script](https://github.com/jenkinsci/docker/blob/master/install-plugins.sh) and the many other implementations of plugin management that have been recreated across Jenkins. The tool also allows users to see more information about the plugins they are downloading such as available updates and security warnings. By default, plugins will be downloaded; the user can specify not to download plugins using the --no-download option. @@ -352,7 +383,11 @@ * [Git Forensics](https://plugins.jenkins.io/git-forensics/) This Git Forensics Jenkins plugin mines and analyzes data from a Git repository. It implements all extension points of Jenkins' Forensics API Plugin. * [Robot Framework](https://plugins.jenkins.io/robot/) * [Jenkins Prometheus Metrics Plugin ๐ŸŒŸ](https://github.com/jenkinsci/prometheus-plugin) Jenkins Prometheus Plugin expose an endpoint (default /prometheus) with metrics where a Prometheus Server can scrape. -* [tekton-plugin: Easily reuse Tekton and Jenkins X from Jenkins](https://www.jenkins.io/blog/2021/04/21/tekton-plugin/) Use tektoncd pipeline engine while getting all benefits from jenkinsci as an orchestrator, user interface and reporting eng. +* [tekton-plugin: Easily reuse Tekton and Jenkins X from Jenkins](https://www.jenkins.io/blog/2021/04/21/tekton-plugin/) Use tektoncd pipeline engine while getting all benefits from jenkinsci as an orchestrator, user interface and reporting eng. - [jenkinsci/tekton-client-plugin](https://github.com/jenkinsci/tekton-client-plugin) +* [pipeline-maven: Pipeline Maven Integration ๐ŸŒŸ](https://plugins.jenkins.io/pipeline-maven/) For modern pipelines, I rather recommend looking at the Pipeline Maven Plugin. As many other older job types, Pipeline Maven Plugin is limited to a single node and does not allow implementing multi-platform builds. +* [Warnings Next Generation ๐ŸŒŸ](https://plugins.jenkins.io/warnings-ng/) The Jenkins Next Generation Warnings plugin collects compiler warnings or issues reported by static analysis tools and visualizes the results. It has built-in support for more than hundred report formats. [youtube: How to Use the Warnings Next Generation Plugin in Jenkins](https://www.youtube.com/watch?v=tj3xYFA6Q2o&ab_channel=CloudBeesTV) +* [robot-plugin: Robot Framework Plugin](https://github.com/jenkinsci/robot-plugin) This plugin publishes [Robot Framework](https://robotframework.org/) test reports for Jenkins. +* [Active Choices ๐ŸŒŸ](https://plugins.jenkins.io/uno-choice/) The Active Choices plugin is used in parametrized freestyle Jenkins jobs to create scripted, dynamic and interactive job parameters. Active Choices parameters can be dynamically updated and can be rendered as combo-boxes, check-boxes, radio-buttons or rich HTML UI widgets. ### Plugin Development. Jenkins Plugin Parent POM 4.0 - [Plugin Development](https://www.jenkins.io/doc/developer/plugin-development/) @@ -402,6 +437,7 @@ * [20 Jenkins Plugins You Canโ€™t Live Without](https://caylent.com/jenkins-plugins) * [youtube - CloudBeesTV: Jenkins Performance: Avoiding Pitfalls, Diagnosing Issues & Scaling for Growth](https://www.youtube.com/watch?v=yTafQ-e84eY) * [Jenkins opentelemetry-plugin ๐ŸŒŸ](https://github.com/jenkinsci/opentelemetry-plugin) Publish Jenkins performances metrics to an OpenTelemetry endpoint, including distributed traces of job executions and health metrics of the controller. What if you could transform your jenkinsci pipeline into an observable transaction that can be analyzed using OpenTelemetry backends such as Elastic APM? Code analyzed via code? +* [influxdata.com: Monitoring Jenkins CI with InfluxDB](https://www.influxdata.com/influxdb-templates/jenkins-monitoring/) ## Externalizing Fingerprint Storage for Jenkins - New FingerprintStorage API to build external fingerprint storage plugins. @@ -455,8 +491,17 @@ ## Jenkins and SAP - [blogs.sap.com: Continuous quality using plugins and Jenkins (ABAP & UI5)](https://blogs.sap.com/2020/10/18/continuous-quality-using-plugins-and-jenkins-abap-ui5/) - [blogs.sap.com: CI/CD Tools for SAP Cloud Platform ABAP Environment](https://blogs.sap.com/2020/10/22/ci-cd-tools-for-sap-cloud-platform-abap-environment/) +- [sap.github.io/jenkins-library](https://sap.github.io/jenkins-library/) Jenkins shared library for Continuous Delivery pipelines. - [Project Piper Repository](https://github.com/SAP/jenkins-library) The [Project "Piper"](https://www.project-piper.io/) offers default pipelines to easily implement CI/CD processes integrating SAP systems. The corresponding "Shared Library" provides a set of "steps" to build your own scenarios beyond defaults. +
[![jenkins and openshift](images/jenkins-ose.png)](https://www.cloudbees.com/) +
+
[![jenkins hub CD](images/jenkins-hub.png)](https://hostadvice.com/blog/devops-toolbox-jenkins-ansible-chef-puppet-vagrant-saltstack/) +
+ +
+ +
diff --git a/docs/kubernetes-tools.md b/docs/kubernetes-tools.md index 755d1925..2fbdf5e8 100644 --- a/docs/kubernetes-tools.md +++ b/docs/kubernetes-tools.md @@ -1,4 +1,12 @@ # Kubernetes Plugins, Tools, Extensions and Projects +- [K8s Tools](#k8s-tools) +- [Porter](#porter) +- [Datree](#datree) +- [Kaniko Build Images in Kubernetes](#kaniko-build-images-in-kubernetes) +- [Kubevela](#kubevela) +- [Kubesploit](#kubesploit) + +## K8s Tools * [ramitsurana/awesome-kubernetes: Tools ๐ŸŒŸ](https://github.com/ramitsurana/awesome-kubernetes#configuration) * [VMware octant](https://github.com/vmware/octant) A web-based, highly extensible platform for developers to better understand the complexity of Kubernetes clusters. * [octant.dev](https://octant.dev/) Visualize your Kubernetes workloads. Octant is an open source developer-centric web interface for Kubernetes that lets you inspect a Kubernetes cluster and its applications. @@ -9,7 +17,7 @@ * [Kubecle](https://github.com/rydogs/kubecle) is a web ui running locally that provides useful information about your kubernetes clusters. It is an alternative to Kubernetes Dashboard. Because it runs locally, you can access any kubernetes clusters you have access to * [Permission Manager](https://github.com/sighupio/permission-manager) is a project that brings sanity to Kubernetes RBAC and Users management, Web UI FTW * [developer.sh: Kubernetes client tools overview](https://developer.sh/posts/kubernetes-client-tools-overview) -* [kubectx](https://github.com/ahmetb/kubectx) Faster way to switch between clusters and namespaces in kubectl +* [kubectx ๐ŸŒŸ๐ŸŒŸ](https://github.com/ahmetb/kubectx) Faster way to switch between clusters and namespaces in kubectl * [go-kubectx](https://github.com/aca/go-kubectx) 5x-10x faster alternative to kubectx. Uses client-go. * [kubevious: application centric Kubernetes UI ๐ŸŒŸ](https://kubevious.io/) is open-source software that provides a usable and highly graphical interface for Kubernetes. Kubevious renders all configurations relevant to the application in one place. * [Guard](https://github.com/appscode/guard) is a Kubernetes Webhook Authentication server. Using guard, you can log into your Kubernetes cluster using various auth providers. Guard also configures groups of authenticated user appropriately. @@ -111,6 +119,7 @@ * [Kubernetes DaemonSet that enables a direct shell on each Node using SSH to localhost](https://gist.github.com/xandout/8d24558c75c53f3cb8bf0a97ec25fcfc) Learn how you can use a DaemonSet to expose an SSH shell on each node of your cluster (even if you don't have SSH installed). I run several K8S cluster on EKS and by default do not setup inbound SSH to the nodes. Sometimes I need to get into each node to check things or run a one-off tool. Rather than update my terraform, rebuild the launch templates and redeploy brand new nodes, I decided to use kubernetes to access each node directly. * [NS Killer](https://github.com/germainlefebvre4/ns-killer) A Kubernetes project to kill all namespace living over X times. Quite useful when auto-generated development environments on the fly and give them a lifecycle out-of-the-box from Kubernetes or even Helm. You might find it useful if auto-generate development environments on the fly and want to remove old ones on a schedule. * [kubeswitch: Kubernetes Version Switcher ๐ŸŒŸ](https://github.com/steamhaus/kubeswitch) Easily switch kubectl binary versions. +* [Kubeswitch (for operators) ๐ŸŒŸ](https://github.com/danielfoehrKn/kubeswitch) The kubectx for operators. kubeswitch (lazy: switch) takes Kubeconfig context switching to the next level, catering to operators of large scale Kubernetes installations. Designed as a drop-in replacement for kubectx. * [Move2Kube ๐ŸŒŸ](https://github.com/konveyor/move2kube) a tool that can help users migrate from Cloud Foundry and Docker Swarm to Kubernetes. Move2Kube is a command-line tool that accelerates the process of re-platforming to Kubernetes/Openshift. It does so by analysing the environment and source artifacts, and asking guidance from the user when required. * [kubectl build (formerly known as kubectl-kaniko)](https://github.com/kvaps/kubectl-build) Kubectl build mimics the kaniko executor, but performs building on your Kubernetes cluster side. This allows you to simply build your local dockerfiles remotely without leaving your cozy environment. * [Kubei ๐ŸŒŸ](https://github.com/Portshift/Kubei) is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images used in a Kubernetes cluster including images of application pods and system pods @@ -122,7 +131,6 @@ * [kubectl-eksporter ๐ŸŒŸ](https://github.com/Kyrremann/kubectl-eksporter) A simple Ruby-script to export k8s resources, and removes a pre-defined set of fields for later import. * [kubectl-neat ๐ŸŒŸ](https://github.com/itaysk/kubectl-neat) Remove clutter from Kubernetes manifests to make them more readable. * [medium: 4 Simple Kubernetes Terminal Customizations to Boost Your Productivity](https://medium.com/better-programming/4-simple-kubernetes-terminal-customizations-to-boost-your-productivity-deda60a19924) -* [kubeswitch: Kubernetes Version Switcher](https://github.com/steamhaus/kubeswitch) Easily switch kubectl binary versions. * [Move2Kube ๐ŸŒŸ](https://github.com/konveyor/move2kube) Move2Kube is a command-line tool that accelerates the process of re-platforming to Kubernetes/Openshift. It does so by analysing the environment and source artifacts, and asking guidance from the user when required. This tool that can help users migrate from Cloud Foundry and Docker Swarm to Kubernetes. * [skopeo ๐ŸŒŸ](https://github.com/containers/skopeo) Use skopeo to copy images between registries * [junit5-kubernetes](https://github.com/JeanBaptisteWATENBERG/junit5-kubernetes) aims at using a kubernetes pod directly form your junit5 test classes. @@ -189,3 +197,34 @@ * [tremolosecurity.com: Secure Access to Kubernetes From Your Pipeline](https://www.tremolosecurity.com/post/secure-access-to-kubernetes-from-your-pipeline) * [openpitrix ๐ŸŒŸ](https://github.com/openpitrix/openpitrix) Application Management Platform on Multi-Cloud Environment. OpenPitrix is a web-based open-source system to package, deploy and manage different types of applications including Kubernetes application, microservice application and serverless applications into multiple cloud environment such as AWS, Azure, Kubernetes, QingCloud, OpenStack, VMWare etc. * [kube-burner ๐ŸŒŸ](https://github.com/cloud-bulldozer/kube-burner) Kube-burner is a tool aimed at stressing kubernetes clusters. +* [gimletd - the GitOps release manager](https://github.com/gimlet-io/gimletd) GimletD acts as a release manager and detaches the release workflow from CI. By doing so, it unlocks the possibility of advanced release logics and flexibility to refactor workflows. +* [kubectl skew ๐ŸŒŸ](https://github.com/dty1er/kubectl-skew) A simple kubectl plugin to show if your kubernetes/kubectl version is "skewed". In kubernetes, version skew policy is a bit confusing, especially for beginners. However, it is important to make sure you are always following the policy because using unsupported cluster/kubectl is problematic and even dangerous. +* [github.com/cloudflare/lockbox](https://github.com/cloudflare/lockbox) Offline encryption of Kubernetes Secrets. Lockbox is a secure way to store Kubernetes Secrets offline. Secrets are asymmetrically encrypted, and can only be decrypted by the Lockbox Kubernetes controller. A companion CLI tool, locket, makes encrypting secrets a one-step process. +* [Suspicious pods ๐ŸŒŸ](https://github.com/edrevo/suspicious-pods) Prints a list of k8s pods that might not be working correctly +* [Armada](https://github.com/G-Research/armada) A multi-cluster batch queuing system for high-throughput workloads on Kubernetes. Armada is an application to achieve high throughput of run-to-completion jobs on multiple Kubernetes clusters. It stores queues for users/projects with pod specifications and creates these pods once there is available resource in one of the connected Kubernetes clusters. +* [Ko: Easy Go Containers ๐ŸŒŸ](https://github.com/google/ko) Build and deploy Go applications on Kubernetes +* [Kubetail ๐ŸŒŸ](https://github.com/johanhaleby/kubetail) Bash script to tail Kubernetes logs from multiple pods at the same time + * [Stern ๐ŸŒŸ](https://github.com/wercker/stern) Multi pod and container log tailing for Kubernetes + +## Porter +- [Porter](https://porter.sh/) Package your application artifact, client tools, configuration and deployment logic together as a versioned bundle that you can distribute, and then install with a single command - [github.com/getporter/porter](https://github.com/getporter/porter) + +## Datree +- [Datree.io](https://www.datree.io/) Datree prevents kubernetes misconfigurations from reaching production. Datree is a CLI solution that supports kubernetes owners in their roles, by preventing developers from making errors in k8s configurations. + +## Kaniko Build Images in Kubernetes +- [Kaniko ๐ŸŒŸ](https://github.com/GoogleContainerTools/kaniko) Kaniko is a tool to build container images from a Dockerfile. Unlike Docker, Kaniko doesnโ€™t require the Docker daemon. With the help of Kaniko, you wonโ€™t be needing to run docker containers with privileged mode. +- [medium: Multibranch and HA Pipeline in Jenkins with Kaniko on GKE](https://medium.com/searce/multibranch-and-ha-pipeline-in-jenkins-with-kaniko-on-gke-8a1e7fa93403) + +## Kubevela +- [kubevela.io ๐ŸŒŸ](https://kubevela.io/) KubeVela is a modern application platform that makes deploying and managing applications across today's hybrid, multi-cloud environments easier and faster. KubeVela is runtime agnostic, natively extensible, yet most importantly, application-centric . +- [blog.logrocket.com: Intro to KubeVela: A better way to ship applications](https://blog.logrocket.com/kubevela-intro-better-way-ship-applications/) KubeVela makes deploying applications to Kubernetes much easier. Rather than knowing about service, deployment, pods, and horizontal pod scaling, you can specify a much lighter configuration. + +## Kubesploit +- [github.com/cyberark/kubesploit ๐ŸŒŸ](https://github.com/cyberark/kubesploit) Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project +- [cyberark.com: Kubesploit: A New Offensive Tool for Testing Containerized Environments](https://www.cyberark.com/resources/threat-research-blog/kubesploit-a-new-offensive-tool-for-testing-containerized-environments) + + +
+ +
diff --git a/docs/kubernetes.md b/docs/kubernetes.md index a7cb78d0..62a0323c 100644 --- a/docs/kubernetes.md +++ b/docs/kubernetes.md @@ -11,7 +11,7 @@ - [Disruptions](#disruptions) - [Cost Estimation Strategies](#cost-estimation-strategies) - [kubecost](#kubecost) - - [Kubernetes Resource and Capacity Management](#kubernetes-resource-and-capacity-management) + - [Kubernetes Resource and Capacity Management. Capacity Planning](#kubernetes-resource-and-capacity-management-capacity-planning) - [Kubernetes Monitoring](#kubernetes-monitoring) - [Logging in Kubernetes](#logging-in-kubernetes) - [Health Checks](#health-checks) @@ -84,8 +84,10 @@ - [K8s KPIs with Kuberhealthy Operator](#k8s-kpis-with-kuberhealthy-operator) - [Writing Kubernetes Operators](#writing-kubernetes-operators) - [Kubernetes Networking](#kubernetes-networking) + - [Gateway API](#gateway-api) - [Multicloud communication for Kubernetes](#multicloud-communication-for-kubernetes) - [Kubernetes Network Policy](#kubernetes-network-policy) + - [Cilium](#cilium) - [Kubernetes Ingress Specification](#kubernetes-ingress-specification) - [Xposer Kubernetes Controller To Manage Ingresses](#xposer-kubernetes-controller-to-manage-ingresses) - [Software-Defined IP Address Management (IPAM)](#software-defined-ip-address-management-ipam) @@ -96,7 +98,7 @@ - [Kubernetes Node Local DNS Cache](#kubernetes-node-local-dns-cache) - [Kubernetes Sidecars](#kubernetes-sidecars) - [Kubernetes Security](#kubernetes-security) - - [Encrypting the certificate for Kubernetes](#encrypting-the-certificate-for-kubernetes) + - [Encrypting the certificate for Kubernetes. SSL certificates with Let's Encrypt in Kubernetes Ingress via cert-manager](#encrypting-the-certificate-for-kubernetes-ssl-certificates-with-lets-encrypt-in-kubernetes-ingress-via-cert-manager) - [RBAC](#rbac) - [Admission Control](#admission-control) - [Security Best Practices Across Build, Deploy, and Runtime Phases](#security-best-practices-across-build-deploy-and-runtime-phases) @@ -209,7 +211,6 @@ * [youtube: deployment strategies in kubernetes | recreate | rolling update | blue/green | canary](https://youtu.be/efiMiaFjtn8) * [kodekloud.com: Kubernetes Features Every Beginner Must Know](https://kodekloud.com/blog/200628/kubernetes-features-every-beginner-must-know) * [platform9.com: Kubernetes CI/CD Pipelines at Scale](https://platform9.com/blog/kubernetes-ci-cd-pipelines-at-scale/) -* [magalix.com: Capacity Planning ๐ŸŒŸ](https://www.magalix.com/blog/kubernetes-patterns-capacity-planning) When we have multiple Pods with different Priority Class values, the admission controller starts by sorting Pods according to their priority. What happens when there are no nodes with available resources to schedule a high-priority pods? * [4 trends for Kubernetes cloud-native teams to watch in 2020](https://searchapparchitecture.techtarget.com/tip/4-trends-for-Kubernetes-cloud-native-teams-to-watch-in-2020) * [enterprisersproject.com: Kubernetes: Everything you need to know (2020) ๐ŸŒŸ](https://enterprisersproject.com/article/2020/4/kubernetes-everything-you-need-know) * [learnk8s.io: Provisioning cloud resources (AWS, GCP, Azure) in Kubernetes ๐ŸŒŸ](https://learnk8s.io/cloud-resources-kubernetes) @@ -375,7 +376,6 @@ * [ronaknathani.com: How a Kubernetes Pod Gets an IP Address](https://ronaknathani.com/blog/2020/08/how-a-kubernetes-pod-gets-an-ip-address/) * [dustinspecker.com: iptables: How Kubernetes Services Direct Traffic to Pods](https://dustinspecker.com/posts/iptables-how-kubernetes-services-direct-traffic-to-pods/) * [medium: ConfigMaps in Kubernetes (K8s)](https://medium.com/faun/configmaps-in-kubernetes-k8s-2f2ce79d7e66) -* [learnk8s.io: Extending applications on Kubernetes with multi-container pods ๐ŸŒŸ](https://learnk8s.io/sidecar-containers-patterns) Can you change an application without changing any code in Kubernetes? You can when you use multiple containers in a single Pod. * [devopscube.com: 10 Key Considerations for Kubernetes Cluster Design & Setup ๐ŸŒŸ](https://devopscube.com/key-considerations-kubernetes-cluster-design-setup/) * [sysdig.com: Kubernetes admission controllers in 5 minutes](https://sysdig.com/blog/kubernetes-admission-controllers/) * [blog.pixielabs.ai: Building Kubernetes Native SaaS applications: iterating quickly by deploying in-cluster data planes](https://blog.pixielabs.ai/hybrid-architecture/hybrid-architecture/) @@ -451,7 +451,7 @@ * [kubernetes.io: PodSecurityPolicy Deprecation: Past, Present, and Future ๐ŸŒŸ](https://kubernetes.io/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/) * [betterprogramming.pub: How to Implement Your Distributed Filesystem With GlusterFS And Kubernetes](https://betterprogramming.pub/how-to-implement-your-distributed-filesystem-with-glusterfs-and-kubernetes-83ee7f5f834f) Learn the advantages of using GlusterFS and how can it help in achieving a highly-scalable, distributed filesystem. * [compliantkubernetes.io: Compliant Kubernetes is a Certified Kubernetes distribution, that complies with: HIPAA, GDPR, PCI DSS, FFFS 2014:7, ISO 27001, etc. ๐ŸŒŸ](https://compliantkubernetes.io) -* [blog.gopaddle.io: Strange things you never knew about Kubernetes ConfigMaps on day one ๐ŸŒŸ](https://blog.gopaddle.io/2021/04/01/strange-things-you-never-knew-about-kubernetes-configmaps-on-day-one/) +* [blog.gopaddle.io: Strange things you never knew about Kubernetes ConfigMaps on day one ๐ŸŒŸ๐ŸŒŸ](https://blog.gopaddle.io/2021/04/01/strange-things-you-never-knew-about-kubernetes-configmaps-on-day-one/) * [medium: Scaling Kubernetes with Assurance at Pinterest](https://medium.com/pinterest-engineering/scaling-kubernetes-with-assurance-at-pinterest-a23f821168da) * [platform9.com: Kubernetes Cluster Sizing โ€“ How Large Should a Kubernetes Cluster Be? ๐ŸŒŸ](https://platform9.com/blog/kubernetes-cluster-sizing-how-large-should-a-kubernetes-cluster-be/) * [learnsteps.com: What is a control plane? Basics on Kubernetes](https://www.learnsteps.com/what-is-a-control-plane-what-do-people-mean-by-this-basics-on-kubernetes/) @@ -468,6 +468,38 @@ * [kubernetes.io: Graceful Node Shutdown Goes Beta ๐ŸŒŸ](https://kubernetes.io/blog/2021/04/21/graceful-node-shutdown-beta/) * [blog.min.io: Kubernetes, Consistency and Commoditization - The Way of the Cloud](https://blog.min.io/the_way_of_the_cloud/) * [hjrocha.medium.com: Add a Custom Host to Kubernetes](https://hjrocha.medium.com/add-a-custom-host-to-kubernetes-a06472cedccb) +* [rancher.com: The Three Pillars of Kubernetes Container Orchestration ๐ŸŒŸ](https://rancher.com/three-pillars-kubernetes-container-orchestration) +* [qwinix.io: What Is Kubernetes? K8s Uses, Benefits, & More](https://www.qwinix.io/blog-what-is-kubernetes/) +* [thenewstack.io: Governance, Risk and Compliance with Kubernetes](https://thenewstack.io/governance-risk-and-compliance-with-kubernetes/) +* [itnext.io: Kubernetes Probes: Startup, Liveness, Readiness ๐ŸŒŸ](https://itnext.io/kubernetes-probes-startup-liveness-readiness-a9fc9ccff4b2) +* [containerjournal.com: Best of 2020: How Docker and Kubernetes Work Together](https://containerjournal.com/topics/container-ecosystems/how-docker-and-kubernetes-work-together/) +* [zhimin-wen.medium.com: Custom Notifications with Alert Managerโ€™s Webhook Receiver in Kubernetes](https://zhimin-wen.medium.com/custom-notifications-with-alert-managers-webhook-receiver-in-kubernetes-8e1152ba2c31) +* [harness.io: Introducing Recommendations API: Find Potential Cost Savings Programmatically](https://harness.io/blog/product-updates/recommendations-api/) +* [blog.harbur.io: Demystifying stateful apps on Kubernetes by deploying an etcd cluster](https://blog.harbur.io/demystifying-stateful-apps-on-kubernetes-by-deploying-an-etcd-cluster-b85bf8c16fea) In this tutorial you will learn how to deploy an etcd cluster in Kubernetes +* [blog.kintone.io: Rebooting a LOT of Kubernetes nodes in a declarative way](https://blog.kintone.io/entry/2021/01/14/160935) +* [ithands-on.com: Kubernetes 101 : Performing tasks in kubernetes - Jobs](https://www.ithands-on.com/2021/05/kubernetes-101-performing-tasks-in.html) +* [ithands-on.com: Kubernetes 101 : Deployments, replicaSets, services, pods and endpoints](https://www.ithands-on.com/2021/05/kubernetes-101-deployment-replicasets.html) +* [ithands-on.com: Kubernetes 101 : Changing a Pod's label on the fly](https://www.ithands-on.com/2021/04/kubernetes-101-changing-pods-label-on.html) +* [ithands-on.com: Kubernetes 101 : An overview of StatefulSets and Deployments](https://www.ithands-on.com/2021/05/kubernetes-101-overview-of-statefulsets.html) +* [infoworld.com: How Kubernetes works](https://www.infoworld.com/article/3617008/how-kubernetes-works.html) If you want to understand containers, microservices architecture, modern application development, and cloud native computing, you need to understand Kubernetes. +* [infoq.com: Cloud Native and Kubernetes Observability: Expert Panel](https://www.infoq.com/articles/cloud-native-observability/) +* [kubernetes.io: Don't Panic: Kubernetes and Docker](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/) +* [thenewstack.io: Exploring the New Kubernetes Maturity Model](https://thenewstack.io/exploring-the-new-kubernetes-maturity-model/) +* [blog.bandowski.eu: Tools that should be used in every Kubernetes cluster ๐ŸŒŸ](https://blog.bandowski.eu/tools-that-should-be-used-in-every-kubernetes-cluster-38969ed3e603) + * [ArgoCD](https://argoproj.github.io/) for deploying your resources the GitOps way + * [MetalLB](https://metallb.universe.tf/) in case you need a load balancer when running Kubernetes on-prem and not in a cloud + * [external-secrets](https://github.com/external-secrets/kubernetes-external-secrets) to easily sync the secrets of your external secret manager with your Kubernetes cluster + * [cert-manager](https://cert-manager.io/) to easily retrieve and/or generate new certificates on the fly + * [external-dns](https://github.com/kubernetes-sigs/external-dns) to manage your DNS entries automatically +* [redhat.com: Building containers by hand: The PID namespace](https://www.redhat.com/sysadmin/pid-namespace) The PID namespace is an important one when it comes to building isolated environments. Find out why and how to use it. +* [cncf.io: Simplifying multi-clusters in Kubernetes](https://www.cncf.io/blog/2021/04/12/simplifying-multi-clusters-in-kubernetes/) +* [infoq.com: The Kubernetes Effect](https://www.infoq.com/articles/kubernetes-effect/) +* [dustinspecker.com: Scaling Kubernetes Pods using Prometheus Metrics ๐ŸŒŸ](https://dustinspecker.com/posts/scaling-kubernetes-pods-prometheus-metrics/) one of Kubernetes many features is auto-scaling workloads. Typically, Horizontal Pod Autoscalers scale pods based on CPU or memory usage. During other times we could better scale by using custom metrics that Prometheus is already scraping. Fortunately, Horizontal Pod Autoscalers can support using custom metrics. Iโ€™m a fan of the [kube-prometheus](https://github.com/prometheus-operator/kube-prometheus) project, but it wasnโ€™t apparent how to set up a Horizontal Pod Autoscaler using custom metrics. This post walks through: + * Deploying kube-prometheus (Prometheus operator, Prometheus adapter, Grafana, and more) + * Creating a custom metrics APIService + * Configuring Prometheus adapter to support our custom metrics + * Deploying a Horizontal Pod Autoscaler for Grafana using a custom metric +* [dev.to: How to switch container runtime in a Kubernetes cluster](https://dev.to/stack-labs/how-to-switch-container-runtime-in-a-kubernetes-cluster-1628)
[![Kubernetes architecture](images/kubernetes-pod-creation.png)](https://www.padok.fr/en/blog/kubernetes-architecture-clusters) @@ -485,6 +517,7 @@ ### Kubernetes API - [kubernetes.io: Kubernetes API ๐ŸŒŸ](https://kubernetes.io/docs/reference/kubernetes-api/) - [thenewstack.io: Living with Kubernetes: API Lifecycles and You](https://thenewstack.io/living-with-kubernetes-api-lifecycles-and-you/) +- [blog.tilt.dev: Kubernetes is so Simple You Can Explore it with Curl](https://blog.tilt.dev/2021/03/18/kubernetes-is-so-simple.html) ### Kubernetes Releases * [sysdig.com: Whatโ€™s new in Kubernetes 1.20?](https://sysdig.com/blog/whats-new-kubernetes-1-20/) @@ -504,6 +537,7 @@ * [analyticsindiamag.com: Kubernetes v1.21 Released: Major Updates & Latest Features](https://analyticsindiamag.com/kubernetes-v1-21-released-major-updates-latest-features/) * [openshift.com: Kubernetes 1.21 Grows Innovative New Features](https://www.openshift.com/blog/kubernetes-1.21-grows-innovative-new-features) * [Kubernetes v1.16 API deprecation testing](https://gist.github.com/jimangel/0014770713cdca8b363816930ef2520f) Examples of how to test the impact of the v1.16 API deprecations and ways to debug early! +* [kubernetes.io: Kubernetes 1.21: Metrics Stability hits GA](https://kubernetes.io/blog/2021/04/23/kubernetes-release-1.21-metrics-stability-ga/) ### Namespaces * [qvault.io: How to Restart All Pods in a Kubernetes Namespace ๐ŸŒŸ](https://qvault.io/2020/10/26/how-to-restart-all-pods-in-a-kubernetes-namespace/) @@ -520,7 +554,14 @@ * [medium: Kubernetes Tip: How Does OOMKilled Work?](https://medium.com/tailwinds-navigator/kubernetes-tip-how-does-oomkilled-work-ba71b135993b) * [cloud.google.com: Kubernetes Best Practices ๐ŸŒŸ](https://cloud.google.com/blog/topics/kubernetes-best-practices) A collection of blog posts aimed at guide you through the Kubernetes best practices * [releasehub.com: Kubernetes Health Checks - 2 Ways to Improve Stability in Your Production Applications](https://releasehub.com/blog/kubernetes-health-checks-2-ways-to-improve-stability) - +* [stackpulse.com: Kubernetes and SRE: 5 Best Practices for K8s Reliability in Production ๐ŸŒŸ](https://stackpulse.com/blog/https-stackpulse-com-blog-kubernetes-production-best-practices/) +* [fairwinds.com: Never Should You Ever In Kubernetes: #1 Do K8S The Hard Way](https://www.fairwinds.com/blog/never-should-you-ever-in-kubernetes-1-do-k8s-the-hard-way) +* [fairwinds.com: Never Should You Ever In Kubernetes Part 2: Kubernetes Security Mistakes](https://www.fairwinds.com/blog/never-should-you-ever-in-kubernetes-part-2-kubernetes-security-mistakes) +* [fairwinds.com: Never Should You Ever In Kubernetes Part 3: 6 K8s Reliability Mistakes](https://www.fairwinds.com/blog/6-kubernetes-reliability-mistakes) +* [fairwinds.com: Never Should You Ever In Kubernetes Part 4: Three K8s Efficiency Mistakes](https://www.fairwinds.com/blog/3-kubernetes-efficiency-mistakes) +* [stackpulse.com: Challenges of Running Services With K8s Reliably](https://stackpulse.com/blog/challenges-of-running-services-with-k8s-reliably/) +* [blog.lukechannings.com: Mistakes made and lessons learned with Kubernetes and GitOps ๐ŸŒŸ](https://blog.lukechannings.com/2020-05-10-kubernetes-gitops-lessons.html) + ### Disruptions - [thenewstack.io: Kubernetes: Use PodDisruptionBudgets for Application Maintenance and Upgrades](https://thenewstack.io/kubernetes-use-poddisruptionbudgets-for-application-maintenance-and-upgrades/) @@ -539,15 +580,18 @@ - [github.com/kubecost: kubecost-exporter - Running Kubecost as a Prometheus metric exporter ๐ŸŒŸ](https://github.com/kubecost/cost-model/blob/develop/kubecost-exporter.md) - [blog.kubecost.com: Kubecost raises $5.5 million to help teams monitor and reduce their Kubernetes spend](http://blog.kubecost.com/blog/announcing-kubecost-first-round/) - [kubectl-cost ๐ŸŒŸ](https://github.com/kubecost/kubectl-cost) is a kubectl plugin that provides easy CLI access to Kubernetes cost allocation metrics via the kubecost APIs. It allows developers, devops, and others to quickly determine the cost & efficiency for any Kubernetes workload +- [blog.kubecost.com: AKS Cost Monitoring and Governance With Kubecost](https://blog.kubecost.com/blog/aks-cost/) - -### Kubernetes Resource and Capacity Management +### Kubernetes Resource and Capacity Management. Capacity Planning * [itnext.io: Kubernetes Resource Management in Production ๐ŸŒŸ](https://itnext.io/kubernetes-resource-management-in-production-d5382c904ed1) Requests, Limits, Overcommitment, Slack/Waste, Throttling * [medium: Ultimate Kubernetes Resource Planning Guide ๐ŸŒŸ](https://medium.com/dev-genius/ultimate-kubernetes-resource-planning-guide-449a4fddd1d6) * [learnk8s.io: Setting the right requests and limits in Kubernetes ๐ŸŒŸ](https://learnk8s.io/setting-cpu-memory-limits-requests) * [openshift.com: Sizing Applications in Kubernetes ๐ŸŒŸ](https://www.openshift.com/blog/sizing-applications-in-kubernetes) - +* [magalix.com: Capacity Planning ๐ŸŒŸ](https://www.magalix.com/blog/kubernetes-patterns-capacity-planning) When we have multiple Pods with different Priority Class values, the admission controller starts by sorting Pods according to their priority. What happens when there are no nodes with available resources to schedule a high-priority pods? +* [sysdig.com: Kubernetes capacity planning: How to rightsize your cluster ๐ŸŒŸ](https://sysdig.com/blog/kubernetes-capacity-planning) + ### Kubernetes Monitoring +* [kube-prometheus ๐ŸŒŸ](https://github.com/prometheus-operator/kube-prometheus) Use Prometheus to monitor Kubernetes and applications running on Kubernetes * [medium: Kubernetes Monitoring: Kube-State-Metrics](https://medium.com/@chrisedrego/kubernetes-monitoring-kube-state-metrics-df6546aea324) * [Kubernetes Monitoring 101 โ€” Core pipeline & Services Pipeline ๐ŸŒŸ](https://levelup.gitconnected.com/kubernetes-monitoring-101-core-pipeline-services-pipeline-a34cd4cc9627) * [medium: Utilizing and monitoring kubernetes cluster resources more effectively](https://medium.com/@martin.schneppenheim/utilizing-and-monitoring-kubernetes-cluster-resources-more-effectively-using-this-tool-df4c68ec2053) @@ -558,6 +602,8 @@ * [thenewstack.io: 12 Critical Kubernetes Health Conditions You Need to Monitor ๐ŸŒŸ](https://thenewstack.io/12-critical-kubernetes-health-conditions-you-need-to-monitor/) * [devopscurry.com: Best Open-Source Monitoring Tools for Kubernetes in 2021 ๐ŸŒŸ](https://devopscurry.com/best-open-source-monitoring-tools-for-kubernetes-in-2021/) * [circonus.com: 12 Critical Kubernetes Health Conditions You Need to Monitor and Why](https://www.circonus.com/2020/12/12-critical-kubernetes-health-conditions-you-need-to-monitor-and-why/) +* [circonus.com: Guide to Kubernetes Monitoring: Part 1](https://www.circonus.com/2020/09/guide-to-kubernetes-monitoring-part-1/) + * [circonus.com: Guide to Monitoring Kubernetes, Part 2: Which Metrics and Health Conditions You Should be Monitoring](https://www.circonus.com/2021/01/guide-to-monitoring-kubernetes-part-2-which-metrics-and-health-conditions-you-should-be-monitoring/) #### Logging in Kubernetes - [cncf.io: Logging in Kubernetes: EFK vs PLG Stack ๐ŸŒŸ](https://www.cncf.io/blog/2020/07/27/logging-in-kubernetes-efk-vs-plg-stack/) @@ -702,6 +748,7 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names - [microcks.io: Podman Compose support in Microcks](https://microcks.io/blog/podman-compose-support) - [kinvolk.io: Shining a light on the Kubernetes User Experience with Headlamp](https://kinvolk.io/blog/2020/11/shining-a-light-on-the-kubernetes-user-experience-with-headlamp/) - [kubevious](https://github.com/kubevious/kubevious) +- [cncf.io: Tools to develop apps on Kubernetes ๐ŸŒŸ](https://www.cncf.io/blog/2021/05/10/tools-to-develop-apps-on-kubernetes) ### Okteto local kubernetes development - [okteto.com: How to Develop and Debug Java Applications on Kubernetes](https://okteto.com/blog/how-to-develop-java-apps-in-kubernetes/) @@ -765,6 +812,7 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names * [medium: 2/3 Autoscaling in Kubernetes: Options, Features, and Use Cases](https://medium.com/expedia-group-tech/autoscaling-in-kubernetes-options-features-and-use-cases-c8a6ce145957) * [medium: 3/3 Autoscaling in Kubernetes: Why doesnโ€™t the Horizontal Pod Autoscaler work for me?](https://medium.com/expedia-group-tech/autoscaling-in-kubernetes-why-doesnt-the-horizontal-pod-autoscaler-work-for-me-5f0094694054) * [around25.com: Horizontal Pod Autoscaler in Kubernetes ๐ŸŒŸ](https://around25.com/blog/horizontal-pod-autoscaler-in-kubernetes/) +* [superawesome.com: Scaling pods with HPA using custom metrics. How we scale our kid-safe technology using Kubernetes ๐ŸŒŸ](https://www.superawesome.com/blog/how-we-scale-our-kid-safe-technology-using-auto-scaling-on-kubernetes/) ### Cluster Autoscaler and Helm * [hub.helm.sh: cluster-autoscaler](https://hub.helm.sh/charts/stable/cluster-autoscaler) The cluster autoscaler scales worker nodes within an AWS autoscaling group (ASG) or Spotinst Elastigroup. @@ -857,6 +905,7 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names * tree * node-shell * [kubectl-trace ๐ŸŒŸ](https://github.com/iovisor/kubectl-trace) kubectl trace is a kubectl plugin that allows you to schedule the execution of bpftrace programs in your Kubernetes cluster. +* [pixelstech.net: Build a Kubectl Plugin from Scratch](https://www.pixelstech.net/article/1606901393-Build-a-Kubectl-Plugin-from-Scratch)
@@ -1018,6 +1067,10 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names - [codefresh.io: Kubernetes Deployment Antipatterns โ€“ part 2 ๐ŸŒŸ](https://codefresh.io/kubernetes-tutorial/kubernetes-antipatterns-2/) - [iximiuz.com: Service discovery in Kubernetes - combining the best of two worlds ๐ŸŒŸ](https://iximiuz.com/en/posts/service-discovery-in-kubernetes/) - [github.com/sharadbhat/KubernetesPatterns: YAML and Golang implementations of common Kubernetes patterns](https://github.com/sharadbhat/KubernetesPatterns) +- [developers.redhat.com: Kubernetes configuration patterns, Part 1: Patterns for Kubernetes primitives ๐ŸŒŸ](https://developers.redhat.com/blog/2021/04/28/kubernetes-configuration-patterns-part-1-patterns-for-kubernetes-primitives) + - [developers.redhat.com: Kubernetes configuration patterns, Part 2: Patterns for Kubernetes controllers ๐ŸŒŸ](https://developers.redhat.com/blog/2021/05/05/kubernetes-configuration-patterns-part-2-patterns-for-kubernetes-controllers/) +- [learnk8s.io: Extending applications on Kubernetes with multi-container pods ๐ŸŒŸ](https://learnk8s.io/sidecar-containers-patterns) Can you change an application without changing any code in Kubernetes? You can when you use multiple containers in a single Pod. Developing and deploying new apps in Kubernetes is easy. But what about legacy apps? In Kubernetes, you can use multiple containers in a Pod to change how your application works. +- [dev.to: Kubernetes Deployment Antipatterns โ€“ part 1 ๐ŸŒŸ๐ŸŒŸ](https://dev.to/codefreshio/kubernetes-deployment-antipatterns-part-1-2116) [![Top 10 Kubernetes patterns](images/top_10_kubernetes_patterns.png)](https://developers.redhat.com/blog/2020/05/11/top-10-must-know-kubernetes-design-patterns/) @@ -1115,6 +1168,7 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names * [codilime.com: How to create a custom resource with Kubernetes Operator](https://codilime.com/how-to-create-a-custom-resource-with-kubernetes-operator/) Implementing DaemonJob from scratch learn how to create a custom resource with the Kubernetes Operator Framework. * [rookout.com: Lessons Learned When Building A Kubernetes Operator](https://www.rookout.com/blog/lessons-learned-when-building-a-kubernetes-operator) * [pavel.cool: Oxidizing the Kubernetes operator](https://www.pavel.cool/rust/rust-kubernetes-operators/) +* [brennerm.github.io: Kubernetes operators with Python #1: Creating CRDs](https://brennerm.github.io/posts/k8s-operators-with-python-part-1.html) ## Kubernetes Networking * [kubernetes.io: The Kubernetes network model. How to implement the Kubernetes networking model](https://kubernetes.io/docs/concepts/cluster-administration/networking/) @@ -1148,7 +1202,18 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names * [K8GB - Kubernetes Global Balancer](https://github.com/AbsaOSS/k8gb) - [openshift.com: K8GB - Kubernetes Global Balancer ](https://www.openshift.com/blog/openshift-commons-briefing-k8gb-kubernetes-global-balancer-with-yuri-tsarev-absa-and-paul-morie-red-hat) * [altoros.com: Kubernetes Networking: How to Write Your Own CNI Plug-in with Bash](https://www.altoros.com/blog/kubernetes-networking-writing-your-own-simple-cni-plug-in-with-bash/) * [Network Node Manager](https://github.com/kakao/network-node-manager) network-node-manager is a kubernetes controller that controls the network configuration of a node to resolve network issues of kubernetes. By simply deploying and configuring network-node-manager, you can solve kubernetes network issues that cannot be resolved by kubernetes or resolved by the higher kubernetes Version. Below is a list of kubernetes's issues to be resolved by network-node-manager. network-node-manager is based on kubebuilder v2.3.1. +* [getenroute.io: Drive API Security At Kubernetes Ingress Using Helm And Envoy ๐ŸŒŸ](https://getenroute.io/docs/ingress-filter-legos-secure-microservices-apis-using-helm-envoy/) +* [ithands-on.com: Kubernetes 101 : External services - ExternalName, DNS and Endpoints](https://www.ithands-on.com/2021/04/kubernetes-101-external-services.html) +* [ibm.com: Multizone Kubernetes and VPC Load Balancer Setup](https://www.ibm.com/cloud/blog/multizone-kubernetes-and-vpc-load-balancer-setup) Securely expose your Kubernetes app by setting up a Load Balancer for VPC in a different zone. +* [opensource.googleblog.com: Kubernetes: Efficient Multi-Zone Networking with Topology Aware Routing](https://opensource.googleblog.com/2020/11/kubernetes-efficient-multi-zone.html) +* [nbailey.ca: Domesticated Kubernetes Networking](https://nbailey.ca/post/k8s-networking/) +* [sookocheff.com: A Guide to the Kubernetes Networking Model ๐ŸŒŸ](https://sookocheff.com/post/kubernetes/understanding-kubernetes-networking-model/) +* [build.thebeat.co: A curious case of AWS NLB timeouts in Kubernetes](https://build.thebeat.co/a-curious-case-of-aws-nlb-timeouts-in-kubernetes-522bd88a3399) A debugging adventure that allowed us to solve the tail latencies our Kubernetes applications were experiencing when talking with our AWS NLB. + +### Gateway API +* [gateway-api.sigs.k8s.io ๐ŸŒŸ](https://gateway-api.sigs.k8s.io/) Gateway API is an open source project managed by the SIG-NETWORK community. It's is a collection of resources that model service networking in Kubernetes. These resources - GatewayClass,Gateway, HTTPRoute, TCPRoute, Service, etc - aim to evolve Kubernetes service networking through expressive, extensible, and role-oriented interfaces that are implemented by many vendors and have broad industry support. * [kubernetes.io: Evolving Kubernetes networking with the Gateway API](https://kubernetes.io/blog/2021/04/22/evolving-kubernetes-networking-with-the-gateway-api/) +* [thenewstack.io: Unifying Kubernetes Service Networking (Again) with the Gateway API ๐ŸŒŸ](https://thenewstack.io/unifying-kubernetes-service-networking-again-with-the-gateway-api/) The [Gateway API](https://gateway-api.sigs.k8s.io/), formerly known as the Services API and before that Ingress V2, was first discussed in detail โ€” and in-person โ€” at Kubecon 2019 in San Diego. There were already many well-known and [well-documented](https://dave.cheney.net/paste/ingress-is-dead-long-live-ingressroute.pdf) limitations of Ingress and Kubernetes networking APIs. The [Gateway API](https://www.youtube.com/watch?v=GiFQNevrxYA) was intended as a redo of these APIs, built on the lessons from Services, Ingress and the service mesh community. ### Multicloud communication for Kubernetes * [developers.redhat.com: Use Skupper to connect multiple Kubernetes clusters ๐ŸŒŸ](https://developers.redhat.com/blog/2021/04/20/use-skupper-to-connect-multiple-kubernetes-clusters/) - [skupper.io](https://skupper.io/) Multicloud communication for Kubernetes. Skupper is a layer 7 service interconnect. It enables secure communication across Kubernetes clusters with no VPNs or special firewall rules. With Skupper, your application can span multiple cloud providers, data centers, and regions. @@ -1159,9 +1224,14 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names * [learncloudnative.com: Kubernetes Network Policy](https://www.learncloudnative.com/blog/2020-10-07-network-policies) * [bionconsulting.com: Kubernetes Network Policies](https://www.bionconsulting.com/blog/kubernetes-network-policies) * [bionconsulting.com: Kubernetes Network Policies - Part 2](https://www.bionconsulting.com/blog/kubernetes-network-policies-part-2) -* [cilium.io: NetworkPolicy Editor: Create, Visualize, and Share Kubernetes NetworkPolicies ๐ŸŒŸ](https://cilium.io/blog/2021/02/10/network-policy-editor) * [thenewstack.io: The Kubernetes Network Security Effect ๐ŸŒŸ](https://thenewstack.io/the-kubernetes-network-security-effect/) Kubernetes has a built-in object for managing network security: NetworkPolicy. While it allows the user to define the relationship between pods with ingress and egress policies, it is basic and requires very precise IP mapping of a solution โ€” which changes constantly, so most users Iโ€™ve talked to are not using it. +#### Cilium +* [cilium.io ๐ŸŒŸ](https://cilium.io/) eBPF-based Networking, Observability, and Security +* [cilium.io: NetworkPolicy Editor: Create, Visualize, and Share Kubernetes NetworkPolicies ๐ŸŒŸ](https://cilium.io/blog/2021/02/10/network-policy-editor) +* [editor.cilium.io ๐ŸŒŸ](https://editor.cilium.io/) Learn how to create Network Policies for Kubernetes using an interactive playground +* [buoyant.io: Kubernetes network policies with Cilium and Linkerd](https://buoyant.io/2020/12/23/kubernetes-network-policies-with-cilium-and-linkerd) +
@@ -1219,6 +1289,7 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names * [medium: Calico for Kubernetes networking: the basics & examples](https://medium.com/flant-com/calico-for-kubernetes-networking-792b41e19d69) * [thenewstack.io: Tigera's Calico Aims to Ease Connectivity Pain with Kubernetes](https://thenewstack.io/tigera-aims-ease-connectivity-pain-kubernetes/) * [projectcalico.org: Advertising Kubernetes Service IPs with Calico and BGP](https://www.projectcalico.org/advertising-kubernetes-service-ips-with-calico-and-bgp/) +* [mhmxs.blogspot.com: Autoscaling Calico Route Reflector topology in Kubernetes](https://mhmxs.blogspot.com/2020/12/autoscaling-calico-route-reflector.html) ### DNS Service with CoreDNS - [medium: How to Autoscale the DNS Service in a Kubernetes Cluster](https://medium.com/faun/how-to-autoscale-the-dns-service-in-a-kubernetes-cluster-cbb46ae89678) @@ -1267,16 +1338,20 @@ kubectl get secret --namespace=โ€Š-o yaml | sed โ€˜s/names * [microsoft.com: Secure containerized environments with updated threat matrix for Kubernetes](https://www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/) * [kyverno.io ๐ŸŒŸ](https://kyverno.io/) Kubernetes Native Policy Management. Open Policy Agent? Thatโ€™s old school. Securely manage workloads on your kubernetesio clusters with this handy new tool, Kyverno.Kyverno is a policy engine designed for Kubernetes. With Kyverno, policies are managed as Kubernetes resources and no new language is required to write policies. This allows using familiar tools such as kubectl, git, and kustomize to manage policies. Kyverno policies can validate, mutate, and generate Kubernetes resources. The Kyverno CLI can be used to test policies and validate resources as part of a CI/CD pipeline. [youtube: The Way of the Future | Kubernetes Policy Management with Kyverno](https://www.youtube.com/watch?v=8fgrjBnxqi0&t=270s&ab_channel=AppSecEngineer) * [cyberark.com: Attacking Kubernetes Clusters Through Your Network Plumbing: Part 1](https://www.cyberark.com/resources/threat-research-blog/attacking-kubernetes-clusters-through-your-network-plumbing-part-1?utm_sq=goa40uvlx1) -* [cyberark.com: Kubesploit: A New Offensive Tool for Testing Containerized Environments ๐ŸŒŸ](https://www.cyberark.com/resources/threat-research-blog/kubesploit-a-new-offensive-tool-for-testing-containerized-environments) * [redkubes.com: 10 Kubernetes Security Risks & Best Practices](https://redkubes.com/10-kubernetes-security-risks-best-practices/) * [thenewstack.io: Defend the Core: Kubernetes Security at Every Layer](https://thenewstack.io/defend-the-core-kubernetes-security-at-every-layer/) * [techmanyu.com: Kubernetes Security with Kube-bench and Kube-hunter ๐ŸŒŸ](https://www.techmanyu.com/kubernetes-security-with-kube-bench-and-kube-hunter-6765bf44ebc6) +* [Analyze Kubernetes Audit logs using Falco ๐ŸŒŸ](https://github.com/developer-guy/falco-analyze-audit-log-from-k3s-cluster) Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco +* [blog.kasten.io: Kubernetes Ransomware Protection with Kasten K10 v4.0](https://blog.kasten.io/ransomware-protection-kasten-k10-v4) +* [helpnetsecurity.com: Kubestriker: A security auditing tool for Kubernetes clusters ๐ŸŒŸ](https://www.helpnetsecurity.com/2021/05/04/security-kubernetes/) Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. -### Encrypting the certificate for Kubernetes +### Encrypting the certificate for Kubernetes. SSL certificates with Let's Encrypt in Kubernetes Ingress via cert-manager * [Kubernetes Certs](https://github.com/jetstack/cert-manager/) * [Using SSL certificates from Letโ€™s Encrypt in your Kubernetes Ingress via cert-manager ๐ŸŒŸ](https://medium.com/flant-com/cert-manager-lets-encrypt-ssl-certs-for-kubernetes-7642e463bbce) * [medium: Encrypting the certificate for Kubernetes (Letโ€™s Encrypt) ๐ŸŒŸ](https://medium.com/avmconsulting-blog/encrypting-the-certificate-for-kubernetes-lets-encrypt-805d2bf88b2a) - +* [rejupillai.com: Letโ€™s Encrypt the Web (for free)](https://www.rejupillai.com/index.php/2021/03/06/configure-tls-on-gke-ingress-for-free-with-lets-encrypt/) +* [betterprogramming.pub: Kubernetes and SSL Certificate Management ๐ŸŒŸ](https://betterprogramming.pub/kubernetes-and-ssl-certificate-management-5f6a4b6f5ae9) Manage SSL certificate orders in K8s with Helm and Letโ€™s Encrypt. +
@@ -1458,6 +1533,7 @@ Kubernetes supports several authentication methods out-of-the-box, such as X.509 * [clickittech.com: Amazon ECS vs EKS : The Best Container Orchestration Platform ๐ŸŒŸ](https://www.clickittech.com/aws/amazon-ecs-vs-eks/) * [POKE - Provision Opinionated Kubernetes on EKS](https://github.com/bit-cloner/poke) Poke is infrastructure as software to provision EKS cluster in an opinianated way. Code is written in nodejs utilising pulumi framework. It is opinionated in such a way to improve security and simplicity.Consider this similar to terraform module. This package can be used to provision eks clusters declaratively with immutability and repeatability. * [clickittech.com: Kubernetes Multi tenancy with Amazon EKS: Best practices and considerations](https://www.clickittech.com/saas/kubernetes-multi-tenancy/) +* [automateinfra.com: Getting Started with Amazon Elastic kubernetes Service (AWS EKS)](https://automateinfra.com/2021/04/01/the-only-ultimate-for-beginners-getting-started-with-amazon-eks/) ### Kubesphere - [kubesphere.io](https://kubesphere.io/) The Kubernetes platform tailored for hybrid multicloud. KubeSphere is a distributed operating system managing cloud native applications with Kubernetes as its kernel, and provides plug-and-play architecture for the seamless integration of third-party applications to boost its ecosystem. @@ -1489,6 +1565,7 @@ Kubernetes supports several authentication methods out-of-the-box, such as X.509 * On AWS, the best tool is **kops**. Since [AWS EKS (hosted kubernetes)](https://aws.amazon.com/eks) is currently available, this is the preferred option **(you don't need to maintain the masters)**. * For other installs, or if you can't get kops to work, you can use **kubeadm**. * Setup **kops** in your windows with **virtualbox.org** and **vagrantup.com** . Once downloaded, to type a new linux VM, just spin up ubuntu via vagrant in cmd/powershell and run kops installer: +* [blog.ivnilv.com: Rotating Kops Etcd Certificates](https://blog.ivnilv.com/posts/rotating-kops-etcd-certificates/) ``` C:\ubuntu> vagrant init ubuntu/xenial64 @@ -1551,6 +1628,7 @@ $ sudo mv kops-linux-amd64 /usr/local/bin/kops - [medium: ClusterOps: 1-Line Commit to Upgrade Your Kubernetes Clusters ๐ŸŒŸ](https://medium.com/swlh/clusterops-1-line-commit-to-upgrade-your-kubernetes-clusters-de3548124d04) - [cncf.io webinar: Deploying Kubernetes to bare metal using cluster API](https://www.cncf.io/webinars/deploying-kubernetes-to-bare-metal-using-cluster-api/) - [itnext.io: Multi-Cloud and Multi-Cluster Declarative Kubernetes Cluster Creation and Management with Cluster API (CAPI โ€” v1alpha3)](https://itnext.io/multi-cloud-and-multi-cluster-declarative-kubernetes-cluster-creation-and-management-with-cluster-6df8efdc2a89) +- [github.com: Cluster API Helm Chart](https://github.com/kgamanji/cluster-api-helm-chart) - [youtube: Cluster API & FluxCD - the power of GitOps](https://www.youtube.com/watch?v=QbSw8dPhHGM&ab_channel=KatieGamanji) A Helm chart to install Cluster API manifests ### Microk8s - [**Microk8s**](https://microk8s.io/) @@ -1609,6 +1687,7 @@ $ sudo mv kops-linux-amd64 /usr/local/bin/kops #### K0s - [K0s - Zero Friction Kubernetes](https://github.com/k0sproject/k0s) k0s is an all-inclusive Kubernetes distribution with all the required bells and whistles preconfigured to make building a Kubernetes clusters a matter of just copying an executable to every host and running it. +- [medium: k0s Ready for Production](https://medium.com/k0sproject/k0s-ready-for-production-20255c4b0791) ## Cloud Development Kit (CDK) for Kubernetes * [cdk8s.io ๐ŸŒŸ](https://cdk8s.io/) Define Kubernetes apps and components using familiar languages. cdk8s is an open-source software development framework for defining Kubernetes applications and reusable abstractions using familiar programming languages and rich object-oriented APIs. cdk8s apps synthesize into standard Kubernetes manifests which can be applied to any Kubernetes cluster. diff --git a/docs/linux-dev-env.md b/docs/linux-dev-env.md index 1751e4cd..bc0ebe25 100644 --- a/docs/linux-dev-env.md +++ b/docs/linux-dev-env.md @@ -26,4 +26,7 @@ multiple versions of software on the same system, without affecting system-wide - [Microsoft debuts Windows Package Manager for your dev environment](https://venturebeat.com/2020/05/19/microsoft-windows-package-manager-powertoys/) ## ASDF-VM -- [asdf version manager (asdf-vm)](https://asdf-vm.com/) is a CLI tool that can manage multiple language runtime versions on a per-project basis. It is like gvm, nvm, rbenv & pyenv (and more) all in one! Simply install your languageโ€™s plugin! \ No newline at end of file +- [asdf version manager (asdf-vm)](https://asdf-vm.com/) is a CLI tool that can manage multiple language runtime versions on a per-project basis. It is like gvm, nvm, rbenv & pyenv (and more) all in one! Simply install your languageโ€™s plugin! + +## Alternatives to WSL on Windows +- [cmder ๐ŸŒŸ](https://cmder.net/) \ No newline at end of file diff --git a/docs/linux.md b/docs/linux.md index 30051924..87b036d3 100644 --- a/docs/linux.md +++ b/docs/linux.md @@ -10,6 +10,7 @@ - [Linux Commands and Tools](#linux-commands-and-tools) - [Bash](#bash) - [Zsh](#zsh) +- [ZX](#zx) - [Linux processes](#linux-processes) - [Linux Memory](#linux-memory) - [Linux and Kubernetes](#linux-and-kubernetes) @@ -51,9 +52,11 @@ - [paepper.com: How to properly manage ssh keys for server access](https://www.paepper.com/blog/posts/how-to-properly-manage-ssh-keys-for-server-access/) - [goteleport.com: SSH Certificates Security. SSH Access Hardening ๐ŸŒŸ](https://goteleport.com/blog/ssh-certificates/) - [dev.to: How to Manage Multiple SSH Key Pairs](https://dev.to/josephmidura/how-to-manage-multiple-ssh-key-pairs-1ik) +- [cyberciti.biz: Top 20 OpenSSH Server Best Security Practices](https://www.cyberciti.biz/tips/linux-unix-bsd-openssh-server-best-practices.html) ## OpenSSL - [redhat.com: 6 OpenSSL command options that every sysadmin should know](https://www.redhat.com/sysadmin/6-openssl-commands) Look beyond generating certificate signing requests and see how OpenSSL commands can display practical information about certificates. +- [tecmint.com: Testssl.sh โ€“ Testing TLS/SSL Encryption Anywhere on Any Port](https://www.tecmint.com/testssl-sh-test-tls-ssl-encryption-in-linux-commandline/) ## Linux Blogs - [The Linux Foundation](http://www.linuxfoundation.org/) @@ -129,6 +132,11 @@ - [cyberciti.biz: How to install ncdu on Linux / Unix to see disk usage](https://www.cyberciti.biz/open-source/install-ncdu-on-linux-unix-ncurses-disk-usage/) - [cyberciti.biz: 21 Examples To Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors](https://www.cyberciti.biz/tips/check-unix-linux-configuration-file-for-syntax-errors.html) - [opensource.com: Don't love diff? Use Meld instead](https://opensource.com/article/20/3/meld) Meld is a visual diff tool that makes it easier to compare and merge changes in files, directories, Git repos, and more. +- [kalilinuxtutorials.com: Ldsview : Offline search tool for LDAP directory dumps in LDIF format](https://kalilinuxtutorials.com/ldsview/) +- [medium: Useful Commands/Solutions](https://medium.com/cloud-techies/useful-commands-solutions-49f1c1b4e033) +- [CLImagic subscription](https://www.patreon.com/climagic) +- [cyberciti.biz: How to save terminal output to a file under Linux/Unix](https://www.cyberciti.biz/faq/how-to-save-terminal-output-to-a-file-under-linux-unix/) +- [cyberciti.biz: ls* Commands Are Even More Useful Than You May Have Thought](https://www.cyberciti.biz/open-source/command-line-hacks/linux-ls-commands-examples/) ## Bash - [igoroseledko.com: Checking Multiple Variables in Bash](https://www.igoroseledko.com/checking-multiple-variables-in-bash/) @@ -141,9 +149,14 @@ - [github: Safe ways to do things in bash](https://github.com/anordal/shellharden/blob/master/how_to_do_things_safely_in_bash.md) - [rexegg.com: Regex Syntax Tricks](https://rexegg.com/regex-tricks.html) - [pement.org: Handy one-line scripts for AWK](http://www.pement.org/awk/awk1line.txt) +- [flowfactor.be: Unit testing bash scripts the cloud-native way](https://www.flowfactor.be/2021/03/23/unit-testing-bash-scripts-the-cloud-native-way/) ## Zsh - [Oh My Zsh](https://ohmyz.sh/) Oh My Zsh is a delightful, open source, community-driven framework for managing your Zsh configuration. It comes bundled with thousands of helpful functions, helpers, plugins, themes, and a few things that make you shout... +- [zshdb.readthedocs.io](https://zshdb.readthedocs.io) zshdb - a gdb-like debugger for zsh + +## ZX +- [zx](https://github.com/google/zx) A tool for writing better scripts ## Linux processes - [percona.com: How Much Memory Does the Process Really Take on Linux? ๐ŸŒŸ](https://www.percona.com/blog/2020/09/11/how-much-memory-does-the-process-really-take-on-linux/) diff --git a/docs/maven-gradle.md b/docs/maven-gradle.md index 3cf64af4..1d3475c3 100644 --- a/docs/maven-gradle.md +++ b/docs/maven-gradle.md @@ -32,6 +32,7 @@ * [Dzone: 7 Tips to Achieve High-Availability(HA) For Your Maven Repository](https://dzone.com/articles/7-tips-to-achieve-high-availabilityha-for-your-mav-1) * [maarten.mulders.it: What's New in Maven 4](https://maarten.mulders.it/2020/11/whats-new-in-maven-4/) * [dev.to: Maven Plugin Configuration - The (Unknown) Tiny Details](https://dev.to/khmarbaise/maven-plugin-configuration-the-unknown-tiny-details-1emm) +* [ashishtechmill.com: Demystifying Google Container Tool Jib: Java Image Builder](https://ashishtechmill.com/demystifying-google-container-tool-jib-java-image-builder) This article covers some internals of image layering created by container image builder Jib and explore what distroless images are and their benefits. ### Scaffolding a project with Maven (maven archetype) * [vogella.com: Maven for Building Java application - Tutorial](https://www.vogella.com/tutorials/ApacheMaven/article.html) diff --git a/docs/message-queue.md b/docs/message-queue.md index 34d2cbab..1cdbabf3 100644 --- a/docs/message-queue.md +++ b/docs/message-queue.md @@ -17,6 +17,8 @@ - [Data Processing (aka Streaming Data, Data Pipeline or Big Data Pipeline)](#data-processing-aka-streaming-data-data-pipeline-or-big-data-pipeline) - [Apache Kafka](#apache-kafka) - [Strimzi kubernetes operator for apache kafka](#strimzi-kubernetes-operator-for-apache-kafka) + - [AWS Kinesis](#aws-kinesis) + - [MQTT](#mqtt) - [Banzai Cloud Supertubes (Cloud Native Kafka implementation)](#banzai-cloud-supertubes-cloud-native-kafka-implementation) - [Confluent Cloud (Apache Kafka Re-engineered for the Cloud)](#confluent-cloud-apache-kafka-re-engineered-for-the-cloud) - [Redpanda (kafka alternative). A modern streaming platform for mission critical workloads](#redpanda-kafka-alternative-a-modern-streaming-platform-for-mission-critical-workloads) @@ -53,6 +55,7 @@ - [ibm.com: Event-driven cloud-native applications (microservices)](https://www.ibm.com/cloud/architecture/architecture/practices/event-driven-cloud-native-apps-architecture) The event backbone is being part of the microservices mesh, providing the publish-and-subscribe communication between microservices and enabling the support of loosely coupled event-driven microservices. - [stackoverflow.blog: How event-driven architecture solves modern web app problems ๐ŸŒŸ](https://stackoverflow.blog/2020/03/16/how-event-driven-architecture-solves-modern-web-app-problems/) In this article, weโ€™ll discuss some of the problems driving innovation in modern web development. Then weโ€™ll dive into the basics of event-driven architecture (EDA), which tries to address these problems by thinking about back-end architecture in a novel way. - [sebalopezz.medium.com: Monolith to Microservices + Event-Driven Architecture ๐ŸŒŸ](https://sebalopezz.medium.com/monolith-to-microservices-event-driven-architecture-ff4284bf4ecf) +- [confluent.io: Event-Driven Microservices Architecture (white paper) ๐ŸŒŸ](https://www.confluent.io/resources/event-driven-microservices/) Microservices are an architectural pattern that structures an application as a collection of small, loosely coupled services that operate together to achieve a common goal. Because they work independently, they can be added, removed, or upgraded without interfering with other applications. While there are numerous benefits to microservices architecture, like easier deployment and testing, improved productivity, flexibility, and scalability, they also pose a few disadvantages, as independently run microservices require a seamless method of communication to operate as one larger application. Event-driven microservices allow for real-time microservices communication, enabling data to be consumed in the form of events before theyโ€™re even requested. In this white paper, weโ€™ll cover how event-driven microservices work, presenting a sample currency exchange platform to illustrate the design and architecture of an application composed of event-driven microservices using Apache Kafkaยฎ and Confluent Platform. We also discuss other aspects of microservices architectures, such as team structure, continuous delivery, deployment, and testing. Lastly, we discuss how Apache Kafka and Confluent Platform enable and extend core principles of microservices, including decoupling, separation of concerns, agility, and real-time streaming of event data. ## Message Brokers - [Apache ActiveMQ](https://activemq.apache.org/) @@ -197,6 +200,10 @@ comsysto about their usage of Debezium, touching on many details like outbox pat - [confluent.io: Whatโ€™s New in Apache Kafka 2.8](https://www.confluent.io/blog/kafka-2-8-0-features-and-improvements-with-early-access-to-kip-500/) - [devclass.com: Apache Kafka 2.8.0 previews life without ZooKeeper](https://devclass.com/2021/04/20/apache-kafka-2-8-0-previews-life-without-zookeeper/) - [KLoadGen - Kafka + (Avro/Json Schema) Load Generator ๐ŸŒŸ](https://github.com/corunet/kloadgen) KLoadGen is kafka load generator plugin for jmeter designed to work with AVRO and JSON schema. It allows sending kafka messages with a structure defined as an AVRO Schema or a Json Schema. It connects to the Scheme Registry Server, retrieve the subject to send and generate a random message every time. +- [instaclustr.com: Apache Kafka Architecture: A Complete Guide ๐ŸŒŸ](https://www.instaclustr.com/apache-kafka-architecture/) +- [youtube playlist: Kafka Connect Tutorials | Kafka Connect 101: REST API ๐ŸŒŸ](https://www.youtube.com/watch?v=9wu-j9gIlBY&list=PLa7VYi0yPIH1MB2n2w8pMZguffCDu2L4Y&index=8&ab_channel=Confluent) KafkaConnect uses a REST API to expose its management capabilities. tlberglund demonstrates many of the key functions available using the REST API, including creating connectors, viewing their status, and accessing troubleshooting information. +- [developers.redhat.com: Event-driven APIs and schema governance for Apache Kafka: Get ready for Kafka Summit Europe 2021](https://developers.redhat.com/blog/2021/05/04/event-driven-apis-and-schema-governance-for-apache-kafka-get-ready-for-kafka-summit-europe-2021/) +- [developers.redhat.com: Building resilient event-driven architectures with Apache Kafka](https://developers.redhat.com/blog/2021/05/05/building-resilient-event-driven-architectures-with-apache-kafka/) #### Strimzi kubernetes operator for apache kafka - [strimzi.io](https://strimzi.io/) @@ -211,6 +218,15 @@ comsysto about their usage of Debezium, touching on many details like outbox pat [![airflow vs kafka debezium](images/airflow_vs_debezium.jpg)](https://medium.com/convoy-tech/logs-offsets-near-real-time-elt-with-apache-kafka-snowflake-473da1e4d776)
+### AWS Kinesis +- [AWS Kinesis](https://docs.aws.amazon.com/kinesis/index.html) +- [softkraft.co: WS Kinesis vs Kafka comparison: Which is right for you? ๐ŸŒŸ](https://www.softkraft.co/aws-kinesis-vs-kafka-comparison/) + +### MQTT +- [mqtt.org](https://mqtt.org/) MQTT: The Standard for IoT Messaging +- [developers.redhat.com: Deploying the Mosquitto MQTT message broker on Red Hat OpenShift, Part 1](https://developers.redhat.com/blog/2021/04/16/deploying-the-mosquitto-mqtt-message-broker-on-red-hat-openshift-part-1/) + - [developers.redhat.com: Deploying the Mosquitto MQTT message broker on Red Hat OpenShift, Part 2](https://developers.redhat.com/blog/2021/04/26/deploying-the-mosquitto-mqtt-message-broker-on-red-hat-openshift-part-2) + ### Banzai Cloud Supertubes (Cloud Native Kafka implementation) - [Banzai Cloud](https://banzaicloud.com/) - [Banzai Kafka Operator](https://github.com/banzaicloud/kafka-operator) @@ -257,6 +273,7 @@ comsysto about their usage of Debezium, touching on many details like outbox pat - [towardsdatascience.com: A journey to Airflow on Kubernetes](https://towardsdatascience.com/a-journey-to-airflow-on-kubernetes-472df467f556) - [dzone: Apache Airflow Architecture on OpenShift](https://dzone.com/articles/apache-airflow-architecture-on-openshift) - [redhat.com: Monitoring Apache Airflow using Prometheus](https://www.redhat.com/en/blog/monitoring-apache-airflow-using-prometheus) +- [towardsdatascience.com: Apache Airflow for containerized data-pipelines](https://towardsdatascience.com/apache-airflow-for-containerized-data-pipelines-4d7a3c385bd) Are you having problems running tasks with a different version of Python on Airflow? In this article, I explain how to solve this issue. ### Couler - [Couler](https://github.com/couler-proj/couler) Couler aims to provide a unified interface for constructing and managing workflows on different workflow engines, such as Argo Workflows, Tekton Pipelines, and Apache Airflow. diff --git a/docs/mlops.md b/docs/mlops.md index 766f8085..86de9c87 100644 --- a/docs/mlops.md +++ b/docs/mlops.md @@ -8,6 +8,9 @@ - [itnext.io: Building ML Componentes on Kubernetes](https://itnext.io/building-ml-componentes-on-kubernetes-fc7e24cb9269) - [towardsdatascience.com: Deploying An ML Model With FastAPI โ€” A Succinct Guide](https://towardsdatascience.com/deploying-an-ml-model-with-fastapi-a-succinct-guide-69eceda27b21) - [analyticsvidhya.com: Bring DevOps To Data Science With MLOps](https://www.analyticsvidhya.com/blog/2021/04/bring-devops-to-data-science-with-continuous-mlops/) +- [redhat.com: Introducing Red Hat OpenShift Data Science](https://www.redhat.com/en/blog/introducing-red-hat-openshift-data-science) +- [towardsdatascience.com: Production Machine Learning Monitoring: Outliers, Drift, Explainers & Statistical Performance](https://towardsdatascience.com/production-machine-learning-monitoring-outliers-drift-explainers-statistical-performance-d9b1d02ac158) A practical deep dive on production monitoring architectures for machine learning at scale using real-time metrics, outlier detectors, drift detectors, metrics servers and explainers. +- [towardsdatascience.com: From DevOps to MLOPS: Integrate Machine Learning Models using Jenkins and Docker](https://towardsdatascience.com/from-devops-to-mlops-integrate-machine-learning-models-using-jenkins-and-docker-79034dbedf1) How to automate data science code with Jenkins and Docker: MLOps = ML + DEV + OPS ## Kubeflow - [kubeflow](https://www.kubeflow.org/) The Machine Learning Toolkit for Kubernetes diff --git a/docs/monitoring.md b/docs/monitoring.md index 499b19a4..f528a5de 100644 --- a/docs/monitoring.md +++ b/docs/monitoring.md @@ -10,6 +10,7 @@ - [Prometheus for OpenShift 3.11](#prometheus-for-openshift-311) - [OpenShift 4](#openshift-4) - [Prometheus](#prometheus) + - [Promcat Resource Catalog](#promcat-resource-catalog) - [Prometheus Demo](#prometheus-demo) - [Prometheus Storage](#prometheus-storage) - [Scalability, High Availability (HA) and Long-Term Storage](#scalability-high-availability-ha-and-long-term-storage) @@ -98,6 +99,7 @@ * [thenewstack.io: Kubernetes Observability Challenges in Cloud Native Architecture ๐ŸŒŸ](https://thenewstack.io/kubernetes-observability-challenges-in-cloud-native-architecture/) * [opsdis.com: Building a custom monitoring solution with Grafana, Prometheus and Loki](https://opsdis.com/custom-monitoring-solution-with-grafana-prometheus-and-loki/) * [harness.io: Metrics to Improve Continuous Integration Performance](https://harness.io/blog/continuous-integration/continuous-integration-performance-metrics/) +* [thenewstack.io: Best Practices to Optimize Infrastructure Monitoring within DevOps Teams](https://thenewstack.io/best-practices-to-optimize-infrastructure-monitoring-within-devops-teams/) ### Key Performance Indicator (KPI) * [KPIs](https://kpi.org/KPI-Basics) @@ -225,9 +227,13 @@ OpenShift Cluster Monitoring components cannot be extended since they are read o * [timber.io: PromQL For Humans ๐ŸŒŸ](https://timber.io/blog/promql-for-humans) * [medium: Prometheus monitoring with Elastic Stack in Kubernetes](https://medium.com/avmconsulting-blog/prometheus-monitoring-with-elastic-stack-in-kubernetes-5cf0aaa7ce04) * [grafana.com: How we use metamonitoring Prometheus servers to monitor all other Prometheus servers at Grafana Labs](https://grafana.com/blog/2021/04/08/how-we-use-metamonitoring-prometheus-servers-to-monitor-all-other-prometheus-servers-at-grafana-labs/) +* [portworx.com: Monitoring Kubernetes Backup with Prometheus and Grafana](https://portworx.com/kubernetes-backup-monitoring/) [![prometheus architecture](images/prometheus-architecture.png)](https://github.com/prometheus/prometheus) +### Promcat Resource Catalog +- [Promcat: A resource catalog for enterprise-class Prometheus monitoring ๐ŸŒŸ](https://promcat.io/) + ### Prometheus Demo - [Prometheus Demo: prometheus.demo.do.prometheus.io ๐ŸŒŸ](https://prometheus.demo.do.prometheus.io) @@ -319,6 +325,7 @@ Although it's exciting to see attempts to address the challenges of running Prom * [OpenTelemetry Launchers ๐ŸŒŸ](https://github.com/search?q=org%3Alightstep+launcher) * [thenewstack.io: Demystifying Distributed Traces in OpenTelemetry](https://thenewstack.io/demystifying-distributed-traces-in-opentelemetry/) * [medium: OpenTelemetry Specification v1.0.0, Tracing Edition](https://medium.com/opentelemetry/opentelemetry-specification-v1-0-0-tracing-edition-72dd08936978) +* [cncf.io: From distributed tracing to APM: Taking OpenTelemetry and Jaeger up a level](https://www.cncf.io/blog/2021/04/29/from-distributed-tracing-to-apm-taking-opentelemetry-and-jaeger-up-a-level/?utm_source=thenewstack&utm_medium=twitter&utm_campaign=platform) ##### Telegraf Collector * [Telegraf Collector](https://www.influxdata.com/time-series-platform/telegraf/) @@ -327,6 +334,7 @@ Although it's exciting to see attempts to address the challenges of running Prom * [Grafana Dashboards with Telegraf Collectors](https://grafana.com/grafana/dashboards?collector=Telegraf) * [dzone: Synthetic Monitoring With Telegraf (white-box monitoring)](https://dzone.com/articles/synthetic-monitoring-with-telegraf) Monitoring based on metrics exposed by the internals of the system * [grafana.com: Using Telegraf plugins to visualize industrial IoT data with the Grafana Cloud Hosted Prometheus service](https://grafana.com/blog/2021/04/05/using-telegraf-plugins-to-visualize-industrial-iot-data-with-the-grafana-cloud-hosted-prometheus-service/) +* [sysadminxpert.com: How to Monitor Linux System with Grafana and Telegraf](https://sysadminxpert.com/monitor-linux-system-with-grafana-and-telegraf/) ##### Micrometer Collector * [**Micrometer** Collector](http://micrometer.io/) @@ -809,6 +817,7 @@ JMeter|Artemis Grafana|Artemis Dashboard - [devops.com: How Centralized Log Management Can Save Your Company](https://devops.com/how-centralized-log-management-can-save-your-company/) ### ElasticSearch +- [pythonsimplified.com: Elasticsearch Core Concepts Explained](https://pythonsimplified.com/elasticsearch-core-concepts-explained/) - [zdnet.com: AWS, as predicted, is forking Elasticsearch](https://www.zdnet.com/article/aws-as-predicted-is-forking-elasticsearch/) Amazon Web Services, however, isn't the only one who dislikes Elastic's move to relicense Elasticsearch under the non-open-source Server Side Public License. - [amazon.com: Stepping up for a truly open source Elasticsearch](https://aws.amazon.com/blogs/opensource/stepping-up-for-a-truly-open-source-elasticsearch/) - [Store NGINX access logs in Elasticsearch with Logging operator ๐ŸŒŸ](https://banzaicloud.com/docs/one-eye/logging-operator/quickstarts/es-nginx/) This guide describes how to collect application and container logs in Kubernetes using the Logging operator, and how to send them to Elasticsearch. @@ -997,6 +1006,7 @@ done * [dynatrace.com: Why conventional observability fails in Kubernetes environmentsโ€”A real-world use case ๐ŸŒŸ](https://www.dynatrace.com/news/blog/why-conventional-observability-fails-in-kubernetes-environments-a-real-world-use-case) * [dynatrace.com: A look behind the scenes of AWS Lambda and our new Lambda monitoring extension](https://www.dynatrace.com/news/blog/a-look-behind-the-scenes-of-aws-lambda-and-our-new-lambda-monitoring-extension/) * [dynatrace.com: Analyze all AWS data in minutes with Amazon CloudWatch Metric Streams available in Dynatrace](https://www.dynatrace.com/news/blog/amazon-cloudwatch-metric-streams-launch-partnership/) +* [dynatrace.com: New Dynatrace Operator elevates cloud-native observability for Kubernetes](https://www.dynatrace.com/news/blog/new-dynatrace-operator-elevates-cloud-native-observability-for-kubernetes/) ## Message Queue Monitoring @@ -1057,7 +1067,8 @@ OpenShift 3|Prometheus JMX Exporter|**Grafana Dashboard not available**, [ref1]( - [Glances](https://github.com/nicolargo/glances) Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems. It is written in Python and uses libraries to grab information from your system. It is based on an open architecture where developers can add new plugins or exports modules. - [TDengine](https://github.com/taosdata/TDengine) is an open-sourced big data platform under GNU AGPL v3.0, designed and optimized for the Internet of Things (IoT), Connected Cars, Industrial IoT, and IT Infrastructure and Application Monitoring. - [stackpulse.com: Automated Kubernetes Pod Restarting Analysis with StackPulse](https://stackpulse.com/blog/automated-kubernetes-pod-restarting-analysis-with-stackpulse/) - +- [Checkly](https://www.checklyhq.com/) is the API & E2E monitoring platform for the modern stack: programmable, flexible and loving JavaScript. + - [hashicorp.com: Monitoring as Code with Terraform Cloud and Checkly](https://www.hashicorp.com/blog/monitoring-as-code-with-terraform-cloud-and-checkly) ## Other Awesome Lists - [Awesome APM](https://github.com/antonarhipov/awesome-apm) diff --git a/docs/nexus-jfrog.md b/docs/nexus-jfrog.md index f5d96a73..dbc73d89 100644 --- a/docs/nexus-jfrog.md +++ b/docs/nexus-jfrog.md @@ -81,6 +81,7 @@ - [jfrog.com: JFrog and Docker Partner to Combine the Power of JFrog Artifactory and Docker Hub to Improve Quality, Performance, and Developer Experience for Modern Application Development](https://jfrog.com/press/jfrog-docker-partner-to-combine-the-power-jfrog-artifactory-docker-hub/) - [jfrog.com: How I Leaped Forward My Jenkins Build with JFrog Pipelines](https://jfrog.com/blog/how-i-leaped-forward-my-jenkins-build-with-jfrog-pipelines/) - [jfrog.com: GitHub vs JFrog: Who Can do the Job for DevOps?](https://jfrog.com/blog/github-vs-jfrog-who-can-do-the-job-for-devops/) +- [seekingalpha.com: JFrog Reminds Me Of MongoDB](https://seekingalpha.com/article/4427517-jfrog-reminds-me-of-mongodb) JFrogโ€™s software is similarly disruptive as MongoDBโ€™s, and likewise its cloud offering is growing faster than the overall company. ## JFrog DevOps Platform - [jfrog.com: JFrog DevOps Platform](https://jfrog.com/platform/) diff --git a/docs/nosql.md b/docs/nosql.md index 5e2023d2..e942a969 100644 --- a/docs/nosql.md +++ b/docs/nosql.md @@ -24,6 +24,7 @@ - [dev.to: NoSQL Database Design for E-Commerce Apps in 2021](https://dev.to/danielkolb/nosql-database-design-for-e-commerce-apps-in-2021-390e) - [stackoverflow.blog: Have the tables turned on NoSQL?](https://stackoverflow.blog/2021/01/14/have-the-tables-turned-on-nosql/) NoSQL was the next big thing in system architecture in 2011, but overall interest in it has plateaued recently. What is NoSQL, what does it have to do with modern development, and is it worth implementing in your project? - [vishnu.hashnode.dev: 4 Types Of NoSQL Databases](https://vishnu.hashnode.dev/4-types-of-nosql-databases) Evaluate which type of NoSQL database best fits your use case +- [medium: When to Use MongoDB Rather than MySQL](https://medium.com/@rsk.saikrishna/when-to-use-mongodb-rather-than-mysql-d03ceff2e922) ### MongoDB Tools and MongoDB as a Service - [MongoDB Tools - Admin GUIs, Monitoring and Other Good Stuff](http://mongodb-tools.com/) diff --git a/docs/ocp4.md b/docs/ocp4.md index 53c12483..99da4b1e 100644 --- a/docs/ocp4.md +++ b/docs/ocp4.md @@ -105,6 +105,11 @@ * [openshift.com: How to Offer Service Running on OpenShift on AWS to Other AWS VPCs, Privately ๐ŸŒŸ](https://www.openshift.com/blog/how-to-offer-service-running-on-openshift-on-aws-to-other-aws-vpcs-privately) * [developers.redhat.com: A guide to Red Hat OpenShift 4.5 installer-provisioned infrastructure on vSphere ๐ŸŒŸ](https://developers.redhat.com/blog/2021/03/09/a-guide-to-red-hat-openshift-4-5-installer-provisioned-infrastructure-on-vsphere/) * [openshift.com: OpenShift Security Best Practices for Kubernetes Cluster Design ๐ŸŒŸ](https://www.openshift.com/blog/openshift-security-best-practices-for-kubernetes-cluster-design) +* [fiercetelecom.com: Red Hat bundles security, management into OpenShift Plus](https://www.fiercetelecom.com/platforms/red-hat-bundles-security-management-into-openshift-plus) IBM subsidiary Red Hat put its recently acquired StackRox assets to work, rolling out a new version of its OpenShift cloud platform that incorporates security, cluster management and registry capabilities in a single package. +* [openshift.com: Descheduler GA in OpenShift 4.7 ๐ŸŒŸ](https://www.openshift.com/blog/descheduler-ga-in-openshift-4.7) The [Descheduler](https://github.com/kubernetes-sigs/descheduler) is an upstream Kubernetes subproject owned by SIG-Scheduling. Its purpose is to serve as a complement to the stock kube-scheduler, which assigns new pods to nodes based on the myriad criteria and algorithms it provides. +* [opensourcerers.org: Automated Application Packaging and Distribution with OpenShift โ€“ Part 1/2](https://www.opensourcerers.org/2021/04/26/automated-application-packaging-and-distribution-with-openshift-part-12/ ๐ŸŒŸ) Learn how to automate application deployment and packaging with openshift and tools like source-to-image, templates, kustomize. +* [openshift.com: How to Configure LDAP Sync With CronJobs in OpenShift ๐ŸŒŸ](https://www.openshift.com/blog/how-to-configure-ldap-sync-with-cronjobs-in-openshift) +* [schabell.org: How to setup the OpenShift Container Platform 4.7 on your local machine](https://www.schabell.org/2021/03/codeready-containers-howto-setup-openshift-47-on-local-machine.html) ### OpenShift Platform Plus - [Red Hat OpenShift Platform Plus ๐ŸŒŸ](https://www.openshift.com/products/platform-plus) Build, deploy, run, manage, and secure intelligent applications at scale across the hybrid cloud. @@ -125,6 +130,7 @@ * [redhat.com: Amazon and Red Hat Announce the General Availability of Red Hat OpenShift Service on AWS (ROSA)](https://www.redhat.com/en/about/press-releases/amazon-and-red-hat-announce-general-availability-red-hat-openshift-service-aws-rosa) * [amazon.com: Red Hat OpenShift Service on AWS Now GA](https://aws.amazon.com/es/blogs/aws/red-hat-openshift-service-on-aws-now-generally-availably/) * [infoq.com: AWS Announces the General Availability of the Red Hat OpenShift Service on AWS](https://www.infoq.com/news/2021/04/red-hat-openshift-aws/) +* [datacenterknowledge.com: Red Hat Brings Its Managed OpenShift Kubernetes Service to AWS](https://www.datacenterknowledge.com/devops/red-hat-brings-its-managed-openshift-kubernetes-service-aws)
[![OCP 4 Architecture](images/ocp4_arch.png)](https://www.openshift.com/blog/enterprise-kubernetes-with-openshift-part-one) diff --git a/docs/other-awesome-lists.md b/docs/other-awesome-lists.md index a8d1656f..73c14767 100644 --- a/docs/other-awesome-lists.md +++ b/docs/other-awesome-lists.md @@ -41,6 +41,9 @@ ## Other Awesome Lists - [free-for.dev ๐ŸŒŸ](https://free-for.dev) This is a list of software (SaaS, PaaS, IaaS, etc.) and other offerings that have free tiers for developers. - [Awesome WSL](https://awesomeopensource.com/project/sirredbeard/Awesome-WSL) +- [Awesome Container](https://github.com/tcnksm/awesome-container) A curated list of awesome container technologies and services +- [Awesome Productivity](https://github.com/jyguyomarch/awesome-productivity) A curated list of delightful productivity resources. +- [Awesome Linux](https://github.com/inputsh/awesome-linux) A list of awesome projects and resources that make Linux even more awesome ### Project Management - [Awesome Project Management](https://github.com/shahedbd/awesome-project-management) - [Awesome Agile](https://github.com/lorabv/awesome-agile) diff --git a/docs/performance-testing-with-jenkins-and-jmeter.md b/docs/performance-testing-with-jenkins-and-jmeter.md index eb862899..039c8ac0 100644 --- a/docs/performance-testing-with-jenkins-and-jmeter.md +++ b/docs/performance-testing-with-jenkins-and-jmeter.md @@ -76,3 +76,5 @@ ## Alternatives * [webpagetest.org](https://webpagetest.org/) * [devops.com: Catchpoint to Acquire Webpagetest.org](https://devops.com/catchpoint-to-acquire-webpagetest-org/) +* [Distributed Load Testing on AWS ๐ŸŒŸ](https://aws.amazon.com/solutions/implementations/distributed-load-testing-on-aws/) + * [amazon.com: Introducing Distributed Load Testing v1.3](https://aws.amazon.com/about-aws/whats-new/2021/05/introducing-distributed-load-testing-v1-3/) diff --git a/docs/postman.md b/docs/postman.md index ab02dd01..9ce5a7b6 100644 --- a/docs/postman.md +++ b/docs/postman.md @@ -16,11 +16,12 @@ - [vaishnavidontha.hashnode.dev: API Testing using Postman - Part 1](https://vaishnavidontha.hashnode.dev/api-testing-using-postman-part-1) - [vaishnavidontha.hashnode.dev: API Testing using Postman - Part 2](https://vaishnavidontha.hashnode.dev/api-testing-using-postman-part-2) - [vaishnavidontha.hashnode.dev: API Testing using Postman - Part 3](https://vaishnavidontha.hashnode.dev/api-testing-using-postman-part-3) +- [blog.postman.com: Postmanโ€™s Proxy Now Fully Supports HTTPS Endpoints](https://blog.postman.com/postmans-proxy-now-fully-supports-https-endpoints/) ## Newman - [Newman](https://github.com/postmanlabs/newman) is a command-line collection runner for Postman -- [Automated API testing for the KIE Server ๐ŸŒŸ](https://developers.redhat.com/blog/2020/05/01/automated-api-testing-for-the-kie-server/) -## Drools +## KIE Server and Drools - [Drools](https://www.drools.org/) +- [Automated API testing for the KIE Server ๐ŸŒŸ](https://developers.redhat.com/blog/2020/05/01/automated-api-testing-for-the-kie-server/) - [KIE Server](https://registry.hub.docker.com/r/jboss/kie-server/) diff --git a/docs/project-management-methodology.md b/docs/project-management-methodology.md index 6ff6cbdb..a6cdafd6 100644 --- a/docs/project-management-methodology.md +++ b/docs/project-management-methodology.md @@ -30,6 +30,7 @@ - [scrum.org: Kanban Guide for Scrum Teams](https://www.scrum.org/resources/kanban-guide-scrum-teams) The Kanban Guide for Scrum Teams helps you add professional flow concepts to improve your value delivery. - [redhat.com: 11 considerations for effectively managing a Linux sysadmin team ๐ŸŒŸ](https://www.redhat.com/sysadmin/11-manager-considerations) Here are some guidelines for managers when dealing with your system administrator staff members. - [medium: Scrum Teams That Donโ€™t Verify Their Outcomes Are Basically Waterfall Teams](https://medium.com/serious-scrum/scrum-teams-that-dont-verify-their-outcomes-are-basically-waterfall-teams-cb208acdcc61) +- [codefresh.io: Using a Kanban board to manage and promote Helm Releases ๐ŸŒŸ](https://codefresh.io/helm-tutorial/kanban-promotion-boards/) ### Team Topologies - [The Problem With Org Charts](https://itrevolution.com/the-problem-with-org-charts/) diff --git a/docs/public-cloud-solutions.md b/docs/public-cloud-solutions.md index 5daf2cb8..950f0137 100644 --- a/docs/public-cloud-solutions.md +++ b/docs/public-cloud-solutions.md @@ -1,15 +1,16 @@ # Public Cloud Solutions - [Public Cloud References](#public-cloud-references) -- [AWS Vs Azure Vs Google Cloud](#aws-vs-azure-vs-google-cloud) +- [Public Cloud Services Comparison](#public-cloud-services-comparison) - [Openshift as a Service](#openshift-as-a-service) - [Kubernetes as a Service](#kubernetes-as-a-service) ## Public Cloud References - [cloud-mercato.com: Public Cloud Reference ๐ŸŒŸ](https://pcr.cloud-mercato.com/) A unique website gathering all catalogs - [cloud-mercato.com: State of the art of Public Object Storage Europe ๐ŸŒŸ](https://projector.cloud-mercato.com/projects/state-of-the-art-of-public-object-storage-europe) -## AWS Vs Azure Vs Google Cloud +## Public Cloud Services Comparison * [intellipaat.com: AWS vs Azure vs Google โ€“ Detailed Cloud Comparison](https://intellipaat.com/blog/aws-vs-azure-vs-google-cloud/) * [Dzone.com: GCP vs. AWS](https://dzone.com/articles/gcp-vs-aws-1) This article takes a look at the differences in using GCP vs. AWS in the contexts of agility, cost, deep tech services, tools, and market share. - +* [comparecloud.in: Public Cloud Services Comparison ๐ŸŒŸ](https://comparecloud.in/) +* [zarantech.com: Difference between AWS and Azure](https://www.zarantech.com/blog/difference-between-aws-and-azure/) ## Openshift as a Service * [Openshift.com pricing](https://www.openshift.com/products/pricing/) * [OpenShift in Azure](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/openshift-get-started) diff --git a/docs/pulumi.md b/docs/pulumi.md index 36ce18cb..2d08221a 100644 --- a/docs/pulumi.md +++ b/docs/pulumi.md @@ -10,4 +10,5 @@ - [octopus.com: Create an AKS Cluster with Pulumi and Octopus Deploy](https://octopus.com/blog/pulumi-and-aks-with-octopus-deploy) - [build5nines.com: Beginnerโ€™s Guide to Pulumi CI/CD Pipelines](https://build5nines.com/beginners-guide-to-pulumi-ci-cd-pipelines/) - [pulumi.com: Announcing Pulumi 3.0](https://www.pulumi.com/blog/pulumi-3-0) -- [devops.com: Pulumi Moves to Automate Cloud Infrastructure Provisioning](https://devops.com/pulumi-moves-to-automate-cloud-infrastructure-provisioning/) \ No newline at end of file +- [devops.com: Pulumi Moves to Automate Cloud Infrastructure Provisioning](https://devops.com/pulumi-moves-to-automate-cloud-infrastructure-provisioning/) +- [thenewstack.io: The Next Step after DevOps and GitOps Is Cloud Engineering, Pulumi Says](https://thenewstack.io/the-next-step-after-devops-and-gitops-is-cloud-engineering-pulumi-says/) \ No newline at end of file diff --git a/docs/python.md b/docs/python.md index 0cfbc64f..8eddbdef 100644 --- a/docs/python.md +++ b/docs/python.md @@ -114,6 +114,7 @@ - [towardsdatascience.com: There is more to โ€˜pandas.read_csv()โ€™ than meets the eye](https://towardsdatascience.com/there-is-more-to-pandas-read-csv-than-meets-the-eye-8654cb2b3a03) A deep dive into some of the parameters of the read_csv function in pandas - [blog.adnansiddiqi.me: Getting started with Elasticsearch 7 in Python ๐ŸŒŸ](http://blog.adnansiddiqi.me/getting-started-with-elasticsearch-7-in-python/) - [towardsdatascience.com: Concurrency and Parallelism in Python](https://towardsdatascience.com/concurrency-and-parallelism-in-python-bbd7af8c6625) +- [pythonsimplified.com: Introduction to Python Sequence Types ๐ŸŒŸ](https://pythonsimplified.com/python-sequence-types-an-introduction/)
@@ -152,6 +153,8 @@ - [Getting Started with Django REST Framework (DRF) and AngularJS (Part 2)](http://engineroom.trackmaven.com/blog/getting-started-drf-angularjs-part-2/) - [Part 2 Supplementary Code](https://github.com/TrackMaven/getting-started-with-drf-angular/tree/part-2) - [webcodegeeks.com: Python Django Tutorial](http://www.webcodegeeks.com/python/python-django-tutorial/) +- [digitalocean.com: Building a REST API With Django REST Framework](https://www.digitalocean.com/community/tech_talks/building-a-rest-api-with-django-rest-framework) +- [github.com: Django Blog Site](https://github.com/AmineAsli/django-blog-site) A simple blog application based on Django ## Python Flask Lightweight Framework (microframework) - Flask is a Python lightweight web application development framework with simplicity and extensibility. Flask is called **โ€œmicroframeworkโ€** because of using a simple core and extensions are used to add other functions. @@ -227,6 +230,7 @@ - [Kite ๐ŸŒŸ](https://www.kite.com/) Kite is the best autocompletions engine available for Python, powered by AI. Check it out โ€” It's free! - [pyxll-jupyter: Integration for Jupyter notebooks and Microsoft Excel](https://github.com/pyxll/pyxll-jupyter) - [medium: Build Interactive CLI Tools in Python](https://medium.com/codestory/build-interactive-cli-tools-in-python-47303c50d75) Bored of traditional CLIs? Develop interactive command lines with PyInquirer +- [Pydeps ๐ŸŒŸ](https://github.com/thebjorn/pydeps) Python Module Dependency graphs ### Web Scraping with Python - [Scrapy](http://scrapy.org/) An open source and collaborative framework for extracting the data you need from websites. In a fast, simple, yet extensible way. @@ -244,6 +248,4 @@ - -
diff --git a/docs/qa.md b/docs/qa.md index b5854791..21a40851 100644 --- a/docs/qa.md +++ b/docs/qa.md @@ -6,6 +6,10 @@ * [automationreinvented.blogspot.com: Top 40 API Automation testing interview question for SDET and Automation QA ?](https://automationreinvented.blogspot.com/2021/03/top-40-api-testing-interview-question.html) * [thenewstack.io: Optimizing App Performance in a Multicloud Stack](https://thenewstack.io/optimizing-app-performance-in-a-multicloud-stack/) * [botplayautomation.com: Automation Testing Implementation Guide](https://www.botplayautomation.com/post/what-is-automation-testing-the-need-for-automation-testing-automation-testing-implementation-guide) +* [botplayautomation.com: Types of Software Testing](https://www.botplayautomation.com/post/types-of-software-testing) + +## Release Testing +- [launchdarkly.com: Release Testing Explained ๐ŸŒŸ](https://launchdarkly.com/blog/get-a-detailed-explanation-of-release-testing-several/) Release testing refers to coding practices and test strategies that give teams confidence that a software release candidate is ready for users. Release testing aims to find and eliminate errors and bugs from a software release so that it can be released to users. Letโ€™s dive in and explore several methods used to perform release testing. ## Tools * [collabnix.com: The Ultimate Docker Tutorial for Automation Testing](https://collabnix.com/the-ultimate-docker-tutorial-for-automation-testing/) @@ -15,7 +19,6 @@ * [venturebeat.com: Reflect brings automated no-code web testing to the cloud](https://venturebeat.com/2021/01/22/reflect-brings-automated-no-code-web-testing-to-the-cloud/) * [Semgrep](https://semgrep.dev/) Static analysis at ludicrous speed. Find bugs and enforce code standards * [meetup.com: A single open-source security scanner for most languages on Jenkins](https://www.meetup.com/es/Jenkins-online-meetup/events/276135789/) As software security is becoming an increasingly bigger organization risk, static and dynamic analysis are becoming indispensable. However most popular open-source static analysis scanners cover only a handful of languages, or offer limited security rules. In this talk, weโ€™ll present Semgrep, an open-source static analysis tool that support 12+ languages, and simplifies writing custom rules for organization-specific code patterns. In addition, weโ€™ll show how to integrate Semgrep into a Jenkins Pipeline for scanning every commit or PR. - ## Performance Testing - [devops.com: Best Practices for Application Performance Testing](https://devops.com/best-practices-for-application-performance-testing/) diff --git a/docs/rancher.md b/docs/rancher.md index be8b5bcb..341a4ef4 100644 --- a/docs/rancher.md +++ b/docs/rancher.md @@ -72,6 +72,7 @@ * [blog.alexellis.io: Bare-metal Kubernetes with K3s](https://blog.alexellis.io/bare-metal-kubernetes-with-k3s/) * [rancher.com: Set up K3s in High Availability using k3d](https://rancher.com/blog/2020/set-up-k3s-high-availability-using-k3d) * [rancher.com: Set up Your K3s Cluster for High Availability on DigitalOcean](https://rancher.com/blog/2020/k3s-high-availability) +* [community.suse.com: Introduction to K3s ๐ŸŒŸ](https://community.suse.com/posts/13903989) ### K3S Use Cases - [K3S Use Cases](https://www.youtube.com/watch?v=2LNxGVS81mE): diff --git a/docs/scaffolding.md b/docs/scaffolding.md index 86d1b3ca..e62936e7 100644 --- a/docs/scaffolding.md +++ b/docs/scaffolding.md @@ -30,6 +30,7 @@ - [Skaffold ๐ŸŒŸ](https://skaffold.dev/) - [cloud.google.com: Kubernetes development, simplifiedโ€”Skaffold is now GA](https://cloud.google.com/blog/products/application-development/kubernetes-development-simplified-skaffold-is-now-ga) - [Cloud Code](https://cloud.google.com/code) Skaffold is the underlying engine that drives Cloud Code. + - [ashishtechmill.com: CI/CD Workflow for Spring Boot Application on Kubernetes via Skaffold](https://ashishtechmill.com/cicd-workflow-for-spring-boot-application-on-kubernetes-via-skaffold) This article will cover how to create CI/CD workflow for a SpringBoot Application deployed to Kubernetes using Skaffold. - [Draft](https://draft.sh/) - [Garden](https://garden.io/) - [codefresh.io: The ultimate guide for local development on Kubernetes: Draft vs Skaffold vs Garden.io](https://codefresh.io/howtos/local-k8s-draft-skaffold-garden/) diff --git a/docs/securityascode.md b/docs/securityascode.md index f13d2bf0..10eba040 100644 --- a/docs/securityascode.md +++ b/docs/securityascode.md @@ -1,20 +1,20 @@ -# Security Policy as Code and Open Policy Agent (OPA) -- [SSL certificates with Let's Encrypt in Kubernetes Ingress via cert-manager](#ssl-certificates-with-lets-encrypt-in-kubernetes-ingress-via-cert-manager) -- [Security Policy as Code](#security-policy-as-code) -- [Open Policy Agent in Kubernetes](#open-policy-agent-in-kubernetes) -- [Open Policy Agent in OpenShift](#open-policy-agent-in-openshift) -- [Open Policy Agent in Cloudflare Workers](#open-policy-agent-in-cloudflare-workers) -- [Policy as Code in Terraform Cloud](#policy-as-code-in-terraform-cloud) +# Security Policy as Code +- [Introduction](#introduction) +- [Open Policy Agent (OPA)](#open-policy-agent-opa) + - [Open Policy Agent in Kubernetes](#open-policy-agent-in-kubernetes) + - [Open Policy Agent in OpenShift](#open-policy-agent-in-openshift) + - [Open Policy Agent in Cloudflare Workers](#open-policy-agent-in-cloudflare-workers) + - [Policy as Code in Terraform Cloud](#policy-as-code-in-terraform-cloud) +- [Kyverno](#kyverno) - [Cloud Custodian](#cloud-custodian) -## SSL certificates with Let's Encrypt in Kubernetes Ingress via cert-manager -- [medium: Using SSL certificates from Letโ€™s Encrypt in your Kubernetes Ingress via cert-manager](https://medium.com/flant-com/cert-manager-lets-encrypt-ssl-certs-for-kubernetes-7642e463bbce) -- [rejupillai.com: Letโ€™s Encrypt the Web (for free)](https://www.rejupillai.com/index.php/2021/03/06/configure-tls-on-gke-ingress-for-free-with-lets-encrypt/) - -## Security Policy as Code -- [OPA Open Policy Agent ๐ŸŒŸ](https://www.openpolicyagent.org/) +## Introduction - [Dzone: DevOps Security at Scale - Security Policy as Code](https://dzone.com/articles/devops-security-at-scale) - [searchitoperations.techtarget.com: Kubernetes policy project takes enterprise IT by storm](https://searchitoperations.techtarget.com/news/252467102/Kubernetes-policy-project-takes-enterprise-IT-by-storm) A Kubernetes-friendly compliance as code project hosted by the CNCF has caught on among large enterprises in the first half of 2019, largely through word of mouth. +- [amazon.com: Policy-based countermeasures for Kubernetes โ€“ Part 1](https://aws.amazon.com/blogs/containers/policy-based-countermeasures-for-kubernetes-part-1/) + +## Open Policy Agent (OPA) +- [OPA Open Policy Agent ๐ŸŒŸ](https://www.openpolicyagent.org/) - [magalix.com: Integrating Open Policy Agent (OPA) With Kubernetes ๐ŸŒŸ](https://www.magalix.com/blog/integrating-open-policy-agent-opa-with-kubernetes-a-deep-dive-tutorial) - [fugue.co: 5 tips for using the Rego language for Open Policy Agent (OPA)](https://www.fugue.co/blog/5-tips-for-using-the-rego-language-for-open-policy-agent-opa) - [PolicyHub CLI, a CLI tool that makes Rego policies searchable ๐ŸŒŸ](https://github.com/policy-hub/policy-hub-cli) a list of community OPA policies @@ -24,8 +24,10 @@ - [itprotoday.com: Who Needs Open Policy Agent?](https://www.itprotoday.com/devops-and-software-development/who-needs-open-policy-agent) Open Policy Agent makes it possible to create a single set of configuration rules and deploy them automatically across a large-scale environment. - [blog.styra.com: Dynamic Policy Composition for OPA](https://blog.styra.com/blog/dynamic-policy-composition-for-opa) - [blog.styra.com: 5 OPA Deployment Performance Models for Microservices](https://blog.styra.com/blog/5-opa-deployment-performance-models-for-microservices) +- [blog.styra.com: Open Policy Agent: The Top 5 Kubernetes Admission Control Policies](https://blog.styra.com/blog/open-policy-agent-the-top-5-kubernetes-admission-control-policies) +- [thenewstack.io: Getting Open Policy Agent Up and Running](https://thenewstack.io/getting-open-policy-agent-up-and-running/) -## Open Policy Agent in Kubernetes +### Open Policy Agent in Kubernetes - [infracloud.io: Kubernetes Pod Security Policies with Open Policy Agent](https://www.infracloud.io/kubernetes-pod-security-policies-opa/) - [banzaicloud.com: Istio and Kubernetes ft. OPA policies](https://banzaicloud.com/blog/istio-opa/) - [fugue.co: 5 tips for using the Rego language for Open Policy Agent (OPA)](https://www.fugue.co/blog/5-tips-for-using-the-rego-language-for-open-policy-agent-opa) @@ -36,14 +38,19 @@ - [github.com/instrumenta/policies: A set of shared policies for use with Conftest and other Open Policy Agent tools ๐ŸŒŸ](https://github.com/instrumenta/policies) - [blog.styra.com: Using OPA with GitOps to speed Cloud-Native development](https://blog.styra.com/blog/using-opa-with-gitops-to-speed-cloud-native-development) -## Open Policy Agent in OpenShift +### Open Policy Agent in OpenShift - [blog.openshift.com: Fine-Grained Policy Enforcement in OpenShift with Open Policy Agent ๐ŸŒŸ](https://blog.openshift.com/fine-grained-policy-enforcement-in-openshift-with-open-policy-agent/) -## Open Policy Agent in Cloudflare Workers +### Open Policy Agent in Cloudflare Workers * [compile OpenPolicyAgent policies into WebAssembly and run them on the edge](https://github.com/open-policy-agent/contrib/tree/master/wasm/cloudflare-worker) -## Policy as Code in Terraform Cloud +### Policy as Code in Terraform Cloud - [hashicorp.com: Securing Infrastructure In Application Pipelines](https://www.hashicorp.com/resources/securing-infrastructure-in-application-pipelines/) Learn how to use policy as code in Terraform Cloud to securely deliver applications. +## Kyverno +- [Kyverno ๐ŸŒŸ](https://kyverno.io/) Kubernetes Native Policy Management. Open Policy Agent? Thatโ€™s old school. Securely manage workloads on your kubernetesio clusters with this handy new tool, Kyverno.Kyverno is a policy engine designed for Kubernetes. With Kyverno, policies are managed as Kubernetes resources and no new language is required to write policies. This allows using familiar tools such as kubectl, git, and kustomize to manage policies. Kyverno policies can validate, mutate, and generate Kubernetes resources. The Kyverno CLI can be used to test policies and validate resources as part of a CI/CD pipeline. [youtube: The Way of the Future | Kubernetes Policy Management with Kyverno](https://www.youtube.com/watch?v=8fgrjBnxqi0&t=270s&ab_channel=AppSecEngineer) +- [neonmirrors.net: Kubernetes Policy Comparison: OPA/Gatekeeper vs Kyverno ๐ŸŒŸ](https://neonmirrors.net/post/2021-02/kubernetes-policy-comparison-opa-gatekeeper-vs-kyverno/) +- [kyverno.io: 56 sample policies ๐ŸŒŸ](https://kyverno.io/policies/) + ## Cloud Custodian -- [Cloud Custodian](https://github.com/cloud-custodian/cloud-custodian) is a rules engine for managing public cloud accounts and resources. It allows users to define policies to enable a well managed cloud infrastructure, that's both secure and cost optimized. \ No newline at end of file +- [Cloud Custodian](https://github.com/cloud-custodian/cloud-custodian) is a rules engine for managing public cloud accounts and resources. It allows users to define policies to enable a well managed cloud infrastructure, that's both secure and cost optimized. diff --git a/docs/selenium-appium-zephyr.md b/docs/selenium-appium-zephyr.md index c5bb91b7..24289fb6 100644 --- a/docs/selenium-appium-zephyr.md +++ b/docs/selenium-appium-zephyr.md @@ -1,6 +1,7 @@ # Test Automation Frameworks and Behavior Driven Development. Selenium, Cucumber, Appium & Zephyr Jira Plugin - [Introduction](#introduction) - [Selenium](#selenium) +- [Robot Framework](#robot-framework) - [Cypress](#cypress) - [Mobile Tests](#mobile-tests) - [Appium](#appium) @@ -32,6 +33,13 @@ - [lambdatest.com/selenium: Introduction to Selenium Basics](https://www.lambdatest.com/selenium) Selenium is an open-source software to automate web testing by controlling browsers based on your test scripts. - [lambdatest.com: Selenium Webdriver Java Tutorial โ€“ Guide for Beginners](https://www.lambdatest.com/blog/selenium-java-tutorial-how-to-test-login-process/) +- [lambdatest.com: Complete Guide To Selenium Testing with GitHub Actions ๐ŸŒŸ](https://www.lambdatest.com/blog/selenium-github-actions-example/) +- [lambdatest.com: 49 Most Common Selenium Exceptions for Automation Testing](https://www.lambdatest.com/blog/49-common-selenium-exceptions-automation-testing/) +- [lambdatest.com: How to execute JUnit 4 tests with JUnit 5 [Tutorial]](https://www.lambdatest.com/blog/execute-junit4-tests-with-junit5/) +- [lambdatest.com: How To Run Selenium Tests In Docker ? ๐ŸŒŸ](https://www.lambdatest.com/blog/run-selenium-tests-in-docker/) + +## Robot Framework +* [Robot Framework ๐ŸŒŸ](https://robotframework.org/) Robot Framework is a generic open source automation framework. It can be used for test automation and robotic process automation (RPA). ## Cypress - [lambdatest.com: Selenium vs Cypress โ€“ Which Is Better in 2021?](https://www.lambdatest.com/blog/cypress-vs-selenium-comparison/) diff --git a/docs/serverless.md b/docs/serverless.md index 80977531..701735fc 100644 --- a/docs/serverless.md +++ b/docs/serverless.md @@ -65,6 +65,7 @@ * [itnext.io: **arkade** by example โ€” Kubernetes apps, the easy way ๐ŸŒŸ](https://itnext.io/kubernetes-apps-the-easy-way-f06d9e5cad3c) * [xenonstack.com: Serverless Architecture with OpenFaaS and Java](https://www.xenonstack.com/blog/serverless-openfaas-java/) * [dzone: Getting Started with the OpenFaaS Kubernetes Operator on EKS ๐ŸŒŸ](https://dzone.com/articles/getting-started-with-the-openfaas-kubernetes-opera) +* [openfaas.com: Learn how to build functions faster using Rancher's kim and K3s](https://www.openfaas.com/blog/kim/) Learn how the kim tool from Rancher can be used to build functions directly into a K3s cluster. ### Knative * [knative.dev](https://knative.dev/) diff --git a/docs/servicemesh.md b/docs/servicemesh.md index e01a09a5..fd2913ae 100644 --- a/docs/servicemesh.md +++ b/docs/servicemesh.md @@ -43,6 +43,8 @@ * [opensource.com: Why you should care about service mesh](https://opensource.com/article/21/3/service-mesh) Service mesh provides benefits for development and operations in microservices environments. * [containerjournal.com: When Is Service Mesh Worth It?](https://containerjournal.com/features/when-is-service-mesh-worth-it/) * [thenewstack.io: Service Meshes in the Cloud Native World](https://thenewstack.io/service-meshes-in-the-cloud-native-world/) +* [koyeb.com: Service Mesh and Microservices: Improving Network Management and Observability](https://www.koyeb.com/blog/service-mesh-and-microservices-improving-network-management-and-observability) +* [thenewstack.io: Accelerate Kubernetes Adoption with a Service Mesh](https://thenewstack.io/accelerate-kubernetes-adoption-with-a-service-mesh/) ## Service Mesh and API Gateways * [medium: The Roles of Service Mesh and API Gateways in Microservice Architecture ๐ŸŒŸ](https://medium.com/better-programming/the-roles-of-service-mesh-and-api-gateways-in-microservice-architecture-f6e7dfd61043) diff --git a/docs/sre.md b/docs/sre.md index 8e8fa03d..85cd35a7 100644 --- a/docs/sre.md +++ b/docs/sre.md @@ -16,7 +16,6 @@ - [openshift.com: From Ops to SRE - Evolution of the OpenShift Dedicated Team](https://www.openshift.com/blog/from-ops-to-sre-evolution-of-the-openshift-dedicated-team) - [cncf.io: DevOps vs. SRE](https://www.cncf.io/blog/2020/07/17/site-reliability-engineering-sre-101-with-devops-vs-sre/) - [kelda.io: Why SREs Should be Responsible for Development Environments](https://kelda.io/blog/sres-should-manage-development-environments/) -- [thenewstack.io: The Site Reliability Engineering Tool Stack](https://thenewstack.io/the-site-reliability-engineering-tool-stack/) - [youtube: Platform9โ€™s Madhura Maskasky says observability is also essential for diagnosing and debugging in order for SREs to "get to the root cause quickly enough so that you can feed that back to the development teams." ๐ŸŒŸ](https://www.youtube.com/watch?v=tgRPlAQpHYk&ab_channel=TheNewStack) Debugging remains complex. Debugging in "a world of microservices is a very difficult task," requiring the identification of which specific part in a microservices deployment must be fixed, says Platform9โ€™s Madhura Maskasky. - "What's happening to the system administrator or is the system administrator becoming an SRE? Are they going into different roles? Are they taking multiple roles? How do they play a part in ensuring that reliability in these new roles?" - "The way Google defines SRE is that an SRE by nature needs to be someone who develops or writes code 50% of the time and only remaining 50% of the time they do the traditional ops/operations and this is because they want to do more through automation as part of the role of the requirements of the SRE himself, so that you can run apps that can serve billions of requests but that are still handled by a few dozens of SREs." @@ -26,11 +25,17 @@ - [linkedin.com: SRE: Key Insights-"Done the right wayโ€](https://www.linkedin.com/pulse/sre-key-insights-done-right-way-shankar-muniyappa/) - [hernan-david-hd.medium.com: 5 pilares del SRE/DevOps](https://hernan-david-hd.medium.com/5-pilares-del-sre-devops-f16e45f8d3fd) - [hernan-david-hd.medium.com: Breaking down SRE/DevOps into 5 key areas](https://hernan-david-hd.medium.com/breaking-down-sre-devops-into-5-key-areas-5aacf40e8392) -- [getcortexapp.com: A guide to the best SRE tools](https://www.getcortexapp.com/post/a-guide-to-the-best-sre-tools) - [devops.com: How the SRE Role Is Evolving](https://devops.com/how-the-sre-role-is-evolving/) - [itprotoday.com: Why Site Reliability Engineering Is Key to Modern DevOps](https://www.itprotoday.com/testing-and-quality-assurance/why-site-reliability-engineering-key-modern-devops) Among the hottest areas of growth in DevOps is the emerging field of site reliability engineering as organizations look to bake reliability into the earliest stages of the software development cycle. - [stackpulse.com: Managing Reliability for Monoliths vs. Microservices: The Challenges for SREs](https://stackpulse.com/blog/monoliths-vs-microservices-challenges/) - [stackpulse.com: Managing Reliability for Monoliths vs. Microservices: Best Practices for SREs](https://stackpulse.com/blog/monoliths-vs-microservices-best-practices/) +- [cloud.google.com: SRE at Google: Our complete list of CRE life lessons ๐ŸŒŸ](https://cloud.google.com/blog/products/devops-sre/sre-at-google-our-complete-list-of-cre-life-lessons) +- [circonus.com: Monitoring for Success: What All SREs Need to Know](https://www.circonus.com/2021/04/monitoring-for-success-what-all-sres-need-to-know/) + +## SRE Tools +- [thenewstack.io: The Site Reliability Engineering Tool Stack](https://thenewstack.io/the-site-reliability-engineering-tool-stack/) +- [getcortexapp.com: A guide to the best SRE tools](https://www.getcortexapp.com/post/a-guide-to-the-best-sre-tools) +- [thenewstack.io: The Best Site Reliability Engineering Tools in 2021](https://thenewstack.io/the-best-site-reliability-engineering-tools-in-2021/)
[![cn do sre](images/CN-DO-SRE.png)](https://devops.com/sre-devops-cloud-native-server-cage-match/) @@ -38,4 +43,6 @@ [![devops vs sre](images/devops_vs_sre.jpg)](https://devops.com/site-reliability-engineering-101-devops-versus-sre/) + +
\ No newline at end of file diff --git a/docs/storage.md b/docs/storage.md index 561abd56..95ddf257 100644 --- a/docs/storage.md +++ b/docs/storage.md @@ -42,6 +42,7 @@ ### Rook - [Rook](https://rook.io/) - [itnext.io: Using Rook On A K3s Cluster](https://itnext.io/using-rook-on-a-k3s-cluster-8a97a75ba25e) +- [documentation.suse.com: Rook Best Practices for running Ceph on Kubernetes (PDF)](https://documentation.suse.com/sbp/all/pdf/SBP-rook-ceph-kubernetes_color_en.pdf) ### Robin - [Robin](https://robin.io/) diff --git a/docs/terraform.md b/docs/terraform.md index 94a75c59..4fab9c82 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -93,6 +93,10 @@ * [itnext.io: How to use Terraform to create a small-scale Cloud Infrastructure ๐ŸŒŸ](https://itnext.io/how-to-use-terraform-to-create-a-small-scale-cloud-infrastructure-abf54fabc9dd) * [acloudguru.com: Securing your multi-cloud Terraform pipelines with policy-as-code](https://acloudguru.com/blog/engineering/securing-your-multi-cloud-terraform-pipelines-with-policy-as-code) * [youtube: GitOps for infrastructure using GitHub and Terraform Cloud ๐ŸŒŸ](https://www.youtube.com/watch?v=W_PmtDm4IXk&ab_channel=RobertdeBock) +* [medium: Terraform โ€” Remote States Overview ๐ŸŒŸ](https://medium.com/devops-mojo/terraform-remote-states-overview-what-is-terraform-remote-state-storage-introduction-936223a0e9d0) What is Terraform Remote State โ€” Introduction to Terraform Remote Storage! +* [prcode.co.uk: Connect Azure MySQL to Private Endpoint with Terraform](https://prcode.co.uk/2021/04/29/connect-azure-mysql-to-private-endpoint-with-terraform/) +* [infoq.com: Cloudflare Improves Automated Terraform Generation Tool ๐ŸŒŸ](https://www.infoq.com/news/2021/04/cloudflare-terraform/) Cloudflare recently released an updated version of their [cf-terraforming](https://github.com/cloudflare/cf-terraforming) tool. This tool streamlines generating Terraform HCL from existing Cloudflare resources. The new release simplifies the generation process and introduces changes to better future proof the tool. +* [hashicorp.com: Building Azure Resources with TypeScript Using the CDK for Terraform](https://www.hashicorp.com/blog/building-azure-resources-with-typescript-using-the-cdk-for-terraform) Learn a quick method for getting started with the Cloud Development Kit (CDK) for Terraform using TypeScript as infrastructure code and provisioning on Microsoft Azure. ### CDK Cloud Development Kit Terraform * [terraform-cdk ๐ŸŒŸ](https://github.com/hashicorp/terraform-cdk) CDK (Cloud Development Kit) for Terraform allows developers to use familiar programming languages to define cloud infrastructure and provision it through HashiCorp Terraform. diff --git a/docs/visual-studio.md b/docs/visual-studio.md index af2475ef..b1b72f17 100644 --- a/docs/visual-studio.md +++ b/docs/visual-studio.md @@ -12,7 +12,7 @@ - [Git Flow Extensions](#git-flow-extensions) - [Jenkins Extensions](#jenkins-extensions) - [Integrated Terminal on Visual Studio Code](#integrated-terminal-on-visual-studio-code) -- [Test Debugging](#test-debugging) +- [Debugging in VScode](#debugging-in-vscode) - [Python in Visual Studio Code](#python-in-visual-studio-code) - [Go in Visual Studio Code](#go-in-visual-studio-code) - [Bridge to Kubernetes](#bridge-to-kubernetes) @@ -41,6 +41,8 @@ * [jung-christian.de: Ansible support in Visual Studio Code ๐ŸŒŸ](https://www.jung-christian.de/post/2021/02/ansible-vscode/) * [youtube: Source Control Tip 9: Dealing with Merge Conflicts in VS Code](https://www.youtube.com/watch?v=ybCxPHzRJfA&ab_channel=VisualStudioCode) * [dev.to: Video: Visualize the architecture of your Java app, in VS Code, in 2 ยน/โ‚‚ minutes](https://dev.to/appland/video-visualize-the-architecture-of-your-java-app-in-vs-code-in-2-minutes-568j) +* [serverless-stack.com: How to debug Lambda functions with Visual Studio Code](https://serverless-stack.com/examples/how-to-debug-lambda-functions-with-visual-studio-code.html) +* [github.blog: VS Code: Now creating pull requests ๐ŸŒŸ](https://github.blog/2019-01-07-create-pull-requests-in-vscode/) Remember all those times youโ€™ve wanted to manage a pull request but didnโ€™t want to leave VS Code? Now theyโ€™re in the past. Create and manage them with the GitHub Pull Requests Extension. ### Updates * [VSCode Updates](https://code.visualstudio.com/updates) @@ -160,8 +162,9 @@ A simple extension to make indentation more readable "terminal.integrated.shell.windows": "C:\\Program Files\\Git\\bin\\bash.exe" ``` -## Test Debugging +## Debugging in VScode - [How to configure Visual Studio Code for test debugging](https://medium.com/guidesmiths-dev/how-to-configure-visual-studio-code-for-test-debugging-39d0d7f24d79) +- [blog.getambassador.io: Debugging Go Microservices in Kubernetes with VScode ๐ŸŒŸ](https://blog.getambassador.io/debugging-go-microservices-in-kubernetes-with-vscode-a36beb48ef1) Tutorial: Learn to debug Go microservices locally while testing against dependencies in a remote Kubernetes cluster ## Python in Visual Studio Code - [Python in Visual Studio Code โ€“ September 2020 Release](https://devblogs.microsoft.com/python/python-in-visual-studio-code-september-2020-release/) diff --git a/docs/yaml.md b/docs/yaml.md index 86d83949..d4becaf9 100644 --- a/docs/yaml.md +++ b/docs/yaml.md @@ -5,6 +5,7 @@ - [Kubernetes examples](#kubernetes-examples) - [Helm and Kustomize](#helm-and-kustomize) - [Templating JSON Files](#templating-json-files) + - [JSON in Ansible](#json-in-ansible) - [JSON formatting with jq](#json-formatting-with-jq) - [Static Checking of Kubernetes YAML Files. Kubernetes YAML Validation Tools](#static-checking-of-kubernetes-yaml-files-kubernetes-yaml-validation-tools) - [Alternatives](#alternatives) @@ -51,6 +52,9 @@ - [Building a high performance JSON parser](https://dave.cheney.net/high-performance-json.html) - [json-schema.org: Understanding JSON Schema ๐ŸŒŸ](https://json-schema.org/understanding-json-schema/) +### JSON in Ansible +- [opensource.com: 5 ways to process JSON data in Ansible ๐ŸŒŸ](https://opensource.com/article/21/4/process-json-data-ansible) Structured data is friendly for automation, and you can take full advantage of it with Ansible. + ### JSON formatting with jq - [about.gitlab.com: Tips for productive DevOps workflows: JSON formatting with jq and CI/CD linting automation](https://about.gitlab.com/blog/2021/04/21/devops-workflows-json-format-jq-ci-cd-lint/) - ```jq -C '.' data.json | less -R``` Use jq to pretty print some JSON data with ANSI color coded syntax and use -R in less to process the color.