diff --git a/docs/ChromeDevTools.md b/docs/ChromeDevTools.md index 2733f65f..a1477668 100644 --- a/docs/ChromeDevTools.md +++ b/docs/ChromeDevTools.md @@ -2,11 +2,6 @@ - [ChromeDevTools](#chromedevtools) - [Firefox DevTools](#firefox-devtools) - [Other Tools](#other-tools) -- [HTTP Protocols](#http-protocols) - - [HTTP Status Codes](#http-status-codes) - - [HTTP/2](#http2) - - [HTTP/3](#http3) - - [HTTP Structured Fields](#http-structured-fields) - [Tweets](#tweets) ## ChromeDevTools @@ -33,40 +28,6 @@ ## Other Tools - [jsontoolbox.com](https://jsontoolbox.com/) -## HTTP Protocols -- [wizardzines.com: Request Headers](https://wizardzines.com/comics/request-headers/) -- [wizardzines.com: Response Headers](https://wizardzines.com/comics/response-headers/) - -### HTTP Status Codes -- [wikipedia: List of HTTP status codes](https://en.wikipedia.org/wiki/List_of_HTTP_status_codes) -- [slideshare: Http Status Code Errors in SEO](http://www.slideshare.net/AdelaRoger/http-status-code-errors-in-seo) -- [http.cat 🌟](https://http.cat) - -### HTTP/2 -- [Wikipedia: HTTP/2](https://en.wikipedia.org/wiki/HTTP/2) -- [SPDY & HTTP 2 with Akamai CTO Guy Podjarny](https://www.youtube.com/watch?v=WkLBrHW4NhQ) - - [cURL mantainer: http2 explained 🌟](http://http2-explained.haxx.se/) - - [cURL mantainer: curl and HTTP/2 by default](http://daniel.haxx.se/blog/2015/12/14/curl-and-http2-by-default/) - - [cURL mantainer: A 2015 retrosprective](http://daniel.haxx.se/blog/2015/12/20/a-2015-retrospective/) - - [http2.github.io HTTP/2 🌟](https://http2.github.io) - - [http2.github.io HTTP/2 Frequently Asked Questions 🌟](https://http2.github.io/faq/) - - [HTTP/2 resources](https://pinboard.in/u:rmurphey/t:http2/) - - [A Simple Performance Comparison of HTTPS, SPDY and HTTP/2 🌟](https://blog.httpwatch.com/2015/01/16/a-simple-performance-comparison-of-https-spdy-and-http2/comment-page-1/) - - [blog.cloudflare.com - Tools for debugging, testing and using HTTP/2](https://blog.cloudflare.com/tools-for-debugging-testing-and-using-http-2/) - - [blog.cloudflare.com - HTTP/2 For Web Developers](https://blog.cloudflare.com/http-2-for-web-developers/) -- [HTTP/2 With JBoss EAP 7 - Tech Preview](http://blog.eisele.net/2015/11/http2-with-jboss-eap-7.html) - - [Dzone - HTTP/2 With JBoss EAP 7: Tech Preview](https://dzone.com/articles/http2-with-jboss-eap-7-tech-preview) -- [simple-talk.com: Script Loading between HTTP/1.1 and HTTP/2](https://www.simple-talk.com/dotnet/asp.net/script-loading-between-http1.1-and-http2/) -- [5 Tips to Boost the Performance of Your Apache Web Server](http://www.tecmint.com/apache-performance-tuning/) -- [DZone: How HTTP/2 Is Changing Web Performance Best Practices](https://dzone.com/articles/how-http2-is-changing-web-performance-best-practic-2) For people who write code for the web, transitioning to HTTP/2 isn’t always straightforward, and a speed boost isn’t automatically guaranteed. This article is an introduction to HTTP/2 and how it changes web performance best practices. - -### HTTP/3 -- [Wikipedia: HTTP/3](https://en.wikipedia.org/wiki/HTTP/3) - -### HTTP Structured Fields -- [Improving HTTP with structured header fields 🌟](https://www.fastly.com/blog/improve-http-structured-headers) -- [http-sfv: HTTP Structured Field Values in Python](https://pypi.org/project/http-sfv/) - ## Tweets
Click to expand! diff --git a/docs/GoogleCloudPlatform.md b/docs/GoogleCloudPlatform.md index b6b88cb0..1934cb24 100644 --- a/docs/GoogleCloudPlatform.md +++ b/docs/GoogleCloudPlatform.md @@ -130,6 +130,7 @@ ### gcloud - [==cloud.google.com: Declarative Export. Build your perfect Google Cloud infrastructure using Terraform and the gcloud CLI==](https://cloud.google.com/blog/products/application-development/google-cloud-cli-declarative-export-preview) **Google Cloud CLI’s preview release of Declarative Export for Terraform. Declarative Export allows you to export the current state of your Google Cloud infrastructure into a descriptive file compatible with Terraform (HCL) or Google’s KRM declarative tooling.** - [==cloud.google.com: The gcloud tool cheat sheet==](https://cloud.google.com/sdk/docs/cheatsheet?hl=en) +- [github.com/GoogleCloudPlatform/k8s-config-connector: GCP Config Connector](https://github.com/GoogleCloudPlatform/k8s-config-connector) Config Connector is a Kubernetes add-on that allows you to manage GCP resources, such as Cloud Spanner or Cloud Storage, through your Kubernetes cluster's API ## Videos
diff --git a/docs/ansible.md b/docs/ansible.md index 4d69d882..4bf81a0e 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -120,6 +120,9 @@ * [==redhat.com: How to create dynamic inventory files in Ansible==](https://www.redhat.com/sysadmin/ansible-dynamic-inventories) Learn how to use the host_list and Nmap plugins to build inventory files for your Ansible playbooks. * [==redhat.com: How to write a Python script to create dynamic Ansible inventories==](https://www.redhat.com/sysadmin/ansible-dynamic-inventory-python) Write a script in Python that fetches hosts using Nmap to generate dynamic inventories. * [==redhat.com: How to write an Ansible plugin to create inventory files==](https://www.redhat.com/sysadmin/ansible-plugin-inventory-files) +* [dlford.io: Orchestrate Your Systems with Ansible Playbooks - How to Home Lab Part 10 🌟](https://www.dlford.io/ansible-orchestration-how-to-home-lab-part-10/) Ansible is an administrative tool that aims to make server management easier by using declarative and idempotent configuration files. +* [learning-devops-tools-with-nandita.blogspot.com: Overview of Ansible and Ansible Playbooks](https://learning-devops-tools-with-nandita.blogspot.com/2022/08/overview-of-ansible-and-ansible.html) + ## Deploying custom files with Jinja2 templates - [infraxpertzz.com: Deploying Custom Files with Jinja2 Template 🌟](https://infraxpertzz.com/deploying-custom-files-with-jinja2-template/) - [video](https://www.youtube.com/watch?app=desktop&v=jokfVGdhBow&feature=youtu.be&ab_channel=InfraXpertzz) - [jinja 🌟](https://github.com/pallets/jinja/) Jinja is a fast, expressive, extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. Then the template is passed data to render the final document. diff --git a/docs/api.md b/docs/api.md index e63bea4f..60c608e3 100644 --- a/docs/api.md +++ b/docs/api.md @@ -1,6 +1,7 @@ # APIs with SOAP, REST and gRPC - [APIs](#apis) - [Python FastAPI](#python-fastapi) +- [Python REST APIs with flask](#python-rest-apis-with-flask) - [Motivation](#motivation) - [State of the API Report](#state-of-the-api-report) - [Postman State of the API Report](#postman-state-of-the-api-report) @@ -62,10 +63,20 @@ - [infoq.com: A Standardized, Specification-Driven API Lifecycle](https://www.infoq.com/articles/Standardized-Specification-Driven-API-Lifecycle/) - [levelup.gitconnected.com: What’s Wrong With Your CRUD APIs— Besides Everything?](https://levelup.gitconnected.com/whats-wrong-with-your-crudy-interfaces-besides-everything-bde4f4c8cb8a) So… I heard you worship CRUDy REST interfaces. - [==dzone: Exploring the API-First Design Pattern==](https://dzone.com/articles/exploring-the-api-first-design-pattern) Learn how the API-first design pattern is a carbon copy of the successful writing approach that John Vester has leveraged for several years. +- [genbeta.com: Hace 20 años, este correo de Jeff Bezos en Amazon cambió para siempre la forma en que programamos apps](https://www.genbeta.com/desarrollo/hace-20-anos-este-correo-jeff-bezos-amazon-cambio-para-siempre-forma-que-programamos-apps) Un aspecto fundamental del valor de una API reside en su 'efecto red': siendo un conjunto de 'bloques de construcción digitales', cuanto mayor sea el número de funcionalidades que proporcione más cosas valiosas permitirá crear. El texto completo de la ya conocida como 'API Mandate' ('Orden API') es el siguiente: + - Todos los equipos expondrán a partir de ahora sus datos y funcionalidad a través de interfaces de servicio. + - Los equipos deben comunicarse entre sí a través de estas interfaces. + - No se permitirá ninguna otra forma de comunicación entre procesos: nada de vinculación directa, ni lecturas directas del depósito de datos de otro equipo, ni modelo de memoria compartida, ni ninguna clase de puertas traseras: la única comunicación permitida será mediante llamadas a la interfaz de servicio a través de la red. + - No importa qué tecnología utilicéis: HTTP, Corba, Pubsub, protocolos personalizados? da igual. + - Todas las interfaces de servicio, sin excepción, deberán diseñarse desde cero para que sean externalizables. Es decir, el equipo debe planificar y diseñar para poder exponer la interfaz a los desarrolladores en el mundo exterior. Sin excepciones. + - Cualquiera que no haga esto será despedido. ## Python FastAPI - [writersbyte.com: Introduction to APIs with Python FastAPI](https://writersbyte.com/introduction-to-apis-with-python-fastapi/) +## Python REST APIs with flask +- [==blog.devgenius.io: REST APIs with Python== 🌟](https://blog.devgenius.io/rest-apis-with-python-f330c7ffc6ab) + ## Motivation - [APIs published, APIs consumed: mainstream enterprises increasingly behave like software vendors](https://www.zdnet.com/article/apis-published-apis-consumed-mainstream-enterprises-increasingly-behave-like-software-vendors/) Mainstream enterprises increasingly reach out to customers with APIs, digital services. Unlike software providers though, many still have mostly on-premises infrastructure. - [You Bet That APIs Power DevOps Tools](http://seguridad-informacion.blogspot.com/2020/07/you-bet-that-apis-power-devops-tools.html) @@ -100,9 +111,12 @@ - [dev.to: Make your own API under 30 lines of code 🌟](https://dev.to/shreyazz/make-your-own-api-under-30-lines-of-code-4doh) - [dzone: REST API Versioning Strategies](https://dzone.com/articles/rest-api-versioning-strategies-1) Today microservices are a hot trend for developing cloud-native applications. API versioning helps to iterate faster when the needed changes are identified. - [freecodecamp.org: What is REST? Rest API Definition for Beginners](https://www.freecodecamp.org/news/what-is-rest-rest-api-definition-for-beginners/) +- [blog.devgenius.io: Principles & Best practices of REST API Design](https://blog.devgenius.io/best-practice-and-cheat-sheet-for-rest-api-design-6a6e12dfa89f) +- [==javarevisited.blogspot.com: How to send POST Request with JSON Payload using Curl Command in Linux to Test RESTful Web Services?==](https://javarevisited.blogspot.com/2022/08/how-to-post-json-data-with-curl-command.html) #### OpenAPI Specification (originally known as the Swagger Specification) - [OpenAPI](https://www.openapis.org/) evolved from the [Swagger](https://swagger.io/) project. Swagger started out as a specification for documenting RESTful APIs. Later on, tools to generate client and server code and generating of test cases were added. While the original Swagger Specification was donated to the Linux Foundation and renamed the OpenAPI, Swagger remains one of the most widely used open-source toolsets for developing OpenAPIs. +- [OpenAPI](https://www.openapis.org/) (f.k.a Swagger) has introduced a set of standardized specifications for REST APIs that, among many things, allows producers and consumers of APIs to work together in designing an API before even writing a single line of code! This design-first approach has improved the experience of API developers by giving them the opportunity to use tools like [OpenAPI generator](https://openapi-generator.tech/) which takes an OpenAPI definition and generates scaffolding code for backenders, making the development of APIs much faster. - [Wikipedia: OpenAPI Specification 🌟](https://en.wikipedia.org/wiki/OpenAPI_Specification) - [OpenAPI FAQ. What is OpenAPI Specification (OAS)? OpenAPI Specification](https://www.openapis.org/faq) The OAS defines a standard, programming language-agnostic interface description for REST APIs, which allows both humans and computers to discover and understand the capabilities of a service without requiring access to source code, additional documentation, or inspection of network traffic. - [apis.guru/openapi-directory: large archive of sample OpenAPI descriptions](https://apis.guru/openapi-directory/) @@ -153,6 +167,8 @@ - [levelup.gitconnected.com: Truth About { SOAP vs REST vs GRPC vs GraphQL } Checklist](https://levelup.gitconnected.com/truth-about-soap-vs-rest-vs-grpc-vs-graphql-checklist-f50bcb475adf) - [medium: REST, RPC, GraphQL… What to choose?](https://medium.com/geekculture/rest-rpc-graphql-what-to-choose-c57c78c0593d) API protocols comparison from the practical straightpoint - [blog.logrocket.com: GraphQL vs. gRPC vs. REST: Choosing the right API](https://blog.logrocket.com/graphql-vs-grpc-vs-rest-choosing-right-api/) +- [medium.com/dlt-labs-publication: gRPC vs. REST — Performance Test using JMeter](https://medium.com/dlt-labs-publication/grpc-vs-rest-performance-test-using-jmeter-f17e5ba1c23b) + ### SOAP vs REST - [geeksforgeeks.org: Difference between REST API and SOAP API](https://www.geeksforgeeks.org/difference-between-rest-api-and-soap-api/) - [dzone: A Comprehensive Guide to REST vs. SOAP](https://dzone.com/articles/comprehensive-guide-rest-vs-soap) Learn the primary differences between REST and SOAP APIs, each one's benefits, and when it's appropriate to use the two. @@ -172,6 +188,8 @@ - [danhacks.com: REST vs. GraphQL vs. gRPC](https://www.danhacks.com/software/grpc-rest-graphql.html) ## Tools +- [OpenAPI Generator 🌟](https://openapi-generator.tech/) Generate clients, servers, and documentation from OpenAPI 2.0/3.x documents + ### API Testing * [softwaretestingportal.com: API Testing, Key Terminologies and more...](http://www.softwaretestingportal.com/2020/03/31/api-testing/) * [dzone.com: 10 API Testing Tips for Beginners (SOAP and REST)](https://dzone.com/articles/10-api-testing-tips-for-beginners-soap-amp-rest) Let's take a look at ten API testing tips for beginners with a focus on REST APIs and SOAP APIs. @@ -194,6 +212,7 @@ - [world.hey.com: Another REST vs GraphQL comparison](https://world.hey.com/sammy.henningsson/another-rest-vs-graphql-comparison-8e8357bb) - [dzone: A Schema Architecture for Microservices](https://dzone.com/articles/a-schema-architecture-for-microservices) - [medium.datadriveninvestor.com: Everything You Wanted to Know About GraphQL (But Were Afraid to Ask)](https://medium.datadriveninvestor.com/everything-you-wanted-to-know-about-graphql-but-were-afraid-to-ask-ad66980116cb) API’s are Everywhere now. So, modern developers need an efficient Query Language, GraphQL. Learn everything about this query language used by Twitter, Facebook, Github, Shopify, Pinterest and thousands more. +- [betterprogramming.pub: Building GraphQL Server Using Schema-first Approach in Python](https://betterprogramming.pub/building-graphql-server-using-schema-first-approach-in-python-68aeee38bcc3) Handle CRUD operations with ease #### Hasura - [Hasura 🌟](https://hasura.io/) Instant realtime GraphQL APIs for all your data @@ -209,6 +228,7 @@ - [devops.com: Web Application Security is not API Security 🌟](https://devops.com/web-application-security-is-not-api-security/) - [biztechmagazine.com: 6 Steps to Improved API Security](https://biztechmagazine.com/article/2021/07/6-steps-improved-api-security) Application programming interfaces are critical to businesses. Tech leaders must do more to protect them. - [portswigger.net: Introducing vAPI – an open source lab environment to learn about API security](https://portswigger.net/daily-swig/introducing-vapi-an-open-source-lab-environment-to-learn-about-api-security) +- [thenewstack.io: Developer, Beware: The 3 API Security Risks You Can’t Overlook](https://thenewstack.io/developer-beware-the-3-api-security-risks-you-cant-overlook/) ## Free Web Services (Public APIs) - [free-web-services.com](http://free-web-services.com/) @@ -250,6 +270,10 @@ [![top 10 api testing tools](images/summarising_top_10_api_testing_tools.png){: style="width:50%"}](https://blog.testproject.io/2020/06/25/top-10-api-testing-tools-to-watch-in-2020/) [![20 API Business Models](images/api_business_models.jpg)](https://www.infoq.com/presentations/API-Business-Models/) + + ![gRPC vs REST vs GraphQL comparison](images/grpc_vs_rest_vs_graphql.png) + + ![REST API Design](images/REST_API_Design.jfif) ## Tweets @@ -258,5 +282,7 @@
+ +
\ No newline at end of file diff --git a/docs/argocd.md b/docs/argo.md similarity index 64% rename from docs/argocd.md rename to docs/argo.md index b5babcd4..2fbac801 100644 --- a/docs/argocd.md +++ b/docs/argo.md @@ -1,12 +1,18 @@ -# Argo CD Declarative GitOps for Kubernetes +# Argo Declarative GitOps for Kubernetes - [Introduction](#introduction) +- [Argo CD](#argo-cd) - [Argo CD Vulnerabilities](#argo-cd-vulnerabilities) - [Argo CD Tools](#argo-cd-tools) +- [Argo Rollouts](#argo-rollouts) +- [Argo Workflows](#argo-workflows) - [Videos](#videos) ## Introduction +- [Cloud Native Computing Foundation Accepts Argo as an Incubator Project](https://www.intuit.com/blog/technology/loud-native-computing-foundation-accepts-argo-as-an-incubator-project/) +- [argoproj.github.io: Argo Events - The Event-driven Workflow Automation Framework](https://argoproj.github.io/argo-events/) Argo Events is an event-driven workflow automation framework for Kubernetes which helps you trigger K8s objects, Argo Workflows, Serverless workloads, etc. on events from a variety of sources like webhooks, S3, schedules, messaging queues, etc. + +## Argo CD - [argoproj.github.io: Argo CD - Declarative GitOps for Kubernetes](https://argoproj.github.io/argo-cd/) - [youtube: GitOps with Argo-CD & Kubernetes](https://www.youtube.com/watch?v=QrLwFEXvxbo&ab_channel=HoussemDellai) -- [Cloud Native Computing Foundation Accepts Argo as an Incubator Project](https://www.intuit.com/blog/technology/loud-native-computing-foundation-accepts-argo-as-an-incubator-project/) - [openshift.com: OpenShift Authentication Integration with ArgoCD](https://www.openshift.com/blog/openshift-authentication-integration-with-argocd) - [developers.redhat.com: OpenShift joins the Argo CD community (KubeCon Europe 2020)](https://developers.redhat.com/blog/2020/08/17/penshift-joins-the-argo-cd-community-kubecon-europe-2020/) - [thenewstack.io: Applied GitOps with ArgoCD](https://thenewstack.io/applied-gitops-with-argocd/) @@ -24,10 +30,70 @@ - [digitalocean.com: How to Deploy to Kubernetes using Argo CD and GitOps](https://www.digitalocean.com/community/tutorials/how-to-deploy-to-kubernetes-using-argo-cd-and-gitops) - [aws.amazon.com: Cloud Native CI/CD with Tekton and ArgoCD on AWS](https://aws.amazon.com/blogs/containers/cloud-native-ci-cd-with-tekton-and-argocd-on-aws/) - [blog.argoproj.io: New sync and diff strategies in ArgoCD](https://blog.argoproj.io/new-sync-and-diff-strategies-in-argocd-44195d3f8b8c) -- [blog.argoproj.io: What’s new in Argo Workflows v3.3](https://blog.argoproj.io/whats-new-in-argo-workflows-v3-3-dd051d2f1c7) - [igboie.medium.com: Kubernetes CI/CD with GitHub, GitHub Actions and Argo CD](https://igboie.medium.com/kubernetes-ci-cd-with-github-github-actions-and-argo-cd-36b88b6bda64) - [==faun.pub: Manage Prometheus alerting and recording rules using GitOps==](https://faun.pub/manage-prometheus-alerting-and-recording-rules-using-gitops-6c19bd1fd50) - [medium.com/containers-101: Using GitOps, Multiple Argo Instances, and Environments with Argo CD at Scale](https://medium.com/containers-101/using-gitops-multiple-argo-instances-and-environments-with-argo-cd-at-scale-e6b19c86be36) +- [blog.argoproj.io: Best Practices for Multi-tenancy in Argo CD](https://blog.argoproj.io/best-practices-for-multi-tenancy-in-argo-cd-273e25a047b0) +- [medium.com/@ScrumPokerPro: Cloud native architecture with Kubernetes and ArgoCD](https://medium.com/@ScrumPokerPro/cloud-native-architecture-with-kubernetes-and-argocd-ebecda7784b8) +- [faun.pub: Deploying Argo CD and Sealed Secrets with Helm](https://faun.pub/deploying-argo-cd-and-sealed-secrets-with-helm-8de12f53051b) In this tutorial, you will go over the declarative setup of Argo CD and Sealed Secrets on a Kubernetes cluster. For deploying Argo CD and Sealed Secrets you will be using Helm Charts +- [amralaayassen.medium.com: How to create ArgoCD Applications Automatically using ApplicationSet? “Automation of GitOps”](https://amralaayassen.medium.com/how-to-create-argocd-applications-automatically-using-applicationset-automation-of-the-gitops-59455eaf4f72) +- [blog.getambassador.io: GitOps in Kubernetes with ArgoCD](https://blog.getambassador.io/gitops-in-kubernetes-with-argocd-c6ea0e510741) +- [blog.akuity.io: Unveil the Secret Ingredients of Continuous Delivery at Enterprise Scale with Argo CD](https://blog.akuity.io/unveil-the-secret-ingredients-of-continuous-delivery-at-enterprise-scale-with-argo-cd-7c5b4057ee49) Do you know that Argo CD can support thousands of apps and hundreds of clusters? in this article you will deep dive into Argo CD, bring answers and best practices on operating it at an enterprise scale +- [dev.to: Towards a Modular DevOps Stack](https://dev.to/camptocamp-ops/towards-a-modular-devops-stack-257c) In this article, you will learn how to **modularize your infrastructure using Terraform and ArgoCD** +- [datree.io: ArgoCD Best Practices](https://datree.io/resources/argocd-best-practices-you-should-know) In this article, you'll explore some best practices for ArgoCD: + - Disallow providing an empty retryStrategy + - Ensure that Workflow pods are not configured to use the default service account + - Ensure retry on both Error and TransientError +- [==devops.com: The Argo Project: Making GitOps Practical==](https://devops.com/the-argo-project-making-gitops-practical/) +- [piotrminkowski.com: Manage Kubernetes Cluster with Terraform and Argo CD. Create Kakfa Cluster using GitOps 🌟](https://piotrminkowski.com/2022/06/28/manage-kubernetes-cluster-with-terraform-and-argo-cd/) In this article, you will learn how to create a Kubernetes cluster with Terraform and then manage it with Argo CD. Terraform is very useful for automating infrastructure. On the other hand, Argo CD helps us implement GitOps and continuous delivery for our applications. It seems that we can successfully combine both these tools. Let’s consider how they can help us to work with Kubernetes in the GitOps style. +- [prashant-48386.medium.com: Continuous Delivery for Kubernetes With Argo CD](https://prashant-48386.medium.com/continuous-delivery-for-kubernetes-with-argo-cd-9d5f3b69f1db) +- [medium.com/@outlier.developer: Getting Started with ArgoCD for GitOps Kubernetes Deployments](https://medium.com/@outlier.developer/getting-started-with-argocd-for-gitops-kubernetes-deployments-fafc2ad2af0) +- [medium.com/@hmquan08011996: Setup Microservices on Kubernetes — Automating Kubernetes with ArgoCD](https://medium.com/@hmquan08011996/setup-microservices-on-kubernetes-automating-kubernetes-with-argocd-cb94622dac5b) +- [datree.io: ArgoCD Best Practices You Should Know](https://www.datree.io/resources/argocd-best-practices-you-should-know) In this article, you'll explore some best practices for ArgoCD: + - Disallow providing an empty retryStrategy + - Ensure that Workflow pods are not configured to use the default service account + - Ensure retry on both Error and TransientError + +- [kamsjec.medium.com: ArgoCD Setup on Kubernetes/OpenShift Cluster](https://kamsjec.medium.com/argocd-setup-on-kubernetes-openshift-cluster-f7340344c017) ArgoCD is a declarative GitOps tool built to deploy applications to Kubernetes/OpenShift clusters. ArgoCD is a Kubernetes/OpenShift controller, responsible for continuously monitoring all running applications and comparing their live state to the desired state specified in the Git repository. +- [medium.com/@versentfastforward: GitOps on Kubernetes with ArgoCD](https://medium.com/@versentfastforward/gitops-and-argocd-to-automate-kubernetes-deployments-640f3a086865) This is the first post in our series about Managing Complex Kubernetes Clusters. We introduce how we used ArgoCD to enforce GitOps by preventing any alternate means of deployment to your cluster other than through a commit in your GitOps repo. + - [medium.com/@versentfastforward: One-click Bootstrap Deployment of ArgoCD](https://medium.com/@versentfastforward/one-click-bootstrap-deployment-of-argocd-e06f848aacc5) This is the second post in our series about Managing Complex Kubernetes Clusters. We describe how to create a bootstrap script that automates key prerequisites: deployment of ArgoCD and pointing it at the repo and cluster that it needs to use for deployments. + - [medium.com/@versentfastforward: Structuring Your Repo for ArgoCD, Part 1](https://medium.com/@versentfastforward/structuring-your-repo-for-argocd-part-1-582817713b0) This is the third post in our series about Managing Complex Kubernetes Clusters. We address the challenge of eliminating duplication of YAML files and reduce the amount effort required to deploy Kubernetes in multiple environments, as well as the continuous deployment (CD) of containerized workloads without developing complex imperative pipelines. +- [faun.pub: Continuous Deployments of Kubernetes Applications using Argo CD GitOps & Helm Charts](https://faun.pub/continuous-deployments-of-kubernetes-applications-using-argo-cd-gitops-helm-charts-9df917caa2e4) +- [jamalshahverdiev.medium.com: ArgoCD ApplicationSet with Applications, Image Updater and Notification controller with SSO](https://jamalshahverdiev.medium.com/argocd-applicationset-with-applications-image-updater-and-notification-controller-with-sso-bba3182dad8a) + +## Argo CD Vulnerabilities +- [threatpost.com: Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers](https://threatpost.com/argo-cd-security-bug-kubernetes-cloud-apps/178239/) +- [thehackernews.com: New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps](https://thehackernews.com/2022/02/new-argo-cd-bug-could-let-hackers-steal.html) +- [armosec.io: CVE 2022-24348 – Argo CD High Severity Vulnerability and its impact on Kubernetes](https://www.armosec.io/blog/cve-2022-24348-argo-kubernetes/) +- [securityaffairs.co: Argo CD flaw could allow stealing sensitive data from Kubernetes Apps](https://securityaffairs.co/wordpress/127708/hacking/kubernetes-argo-cd-flaw.html) Argo CD is used by hundreds of organizations, including Alibaba Group, BMW Group, Deloitte, IBM, Intuit, Red Hat, Skyscanner, and Swisscom. +- [infoworld.com: How to protect your Kubernetes infrastructure from the Argo CD vulnerability](https://www.infoworld.com/article/3650659/how-to-protect-your-kubernetes-infrastructure-from-the-argo-cd-vulnerability.html) A zero-day vulnerability in Argo CD could be putting sensitive information like passwords and API keys at risk. Are you protected? +- [dnastacio.medium.com: Six critical blindspots while securing Argo CD](https://dnastacio.medium.com/gitops-argocd-security-cbb6fb6378bb) This article shows the core strategies for securing an Argo CD deployment and keeping you ahead of potential exposures: + - Use a dedicated project for the control plane + - Argo resources are for Argo admins only + - ... + - Have a CVE response plan ready + +## Argo CD Tools +- [argoproj-labs/argocd-autopilot: Argo-CD Autopilot](https://github.com/argoproj-labs/argocd-autopilot) The Argo-CD Autopilot is a tool which offers an opinionated way of installing Argo-CD and managing GitOps epositories. New users to GitOps and Argo CD are not often sure how they should structure their repos, add applications, promote apps across environments, and manage the Argo CD installation itself using GitOps. Argo Autopilot is a project that solves that +- [argoproj-labs/applicationset: Argo CD ApplicationSet Controller](https://github.com/argoproj-labs/applicationset) The ApplicationSet controller is a Kubernetes controller that adds support for a new custom ApplicationSet CustomResourceDefinition (CRD). The ApplicationSet controller manages multiple Argo CD Applications as a single ApplicationSet unit, supporting deployments to large numbers of clusters, deployments of large monorepos, and enabling secure Application self-service. +- [IBM/argocd-vault-plugin](https://github.com/IBM/argocd-vault-plugin) An ArgoCD plugin to retrieve secrets from Hashicorp Vault and inject them into Kubernetes secrets. +- [==argoproj-labs/argocd-vault-plugin==](https://github.com/argoproj-labs/argocd-vault-plugin) ArgoCD-Vault-plugin is an Argo CD plugin to retrieve secrets from various Secret Management tools (HashiCorp Vault, IBM Cloud Secrets Manager, AWS Secrets Manager, etc.) and inject them into Kubernetes resources - https://argocd-vault-plugin.readthedocs.io + +## Argo Rollouts +- [argoproj.github.io/argo-rollouts/](https://argoproj.github.io/argo-rollouts/) +- [==argoproj.github.io: Argo Rollouts - Kubernetes Progressive Delivery Controller==](https://argoproj.github.io/argo-rollouts/) **Argo Rollouts is a Kubernetes controller and set of CRDs which provide advanced deployment capabilities such as blue-green, canary, canary analysis, experimentation, and progressive delivery features to Kubernetes** +- [jijujacob27.medium.com: Sharded applications on Kubernetes using Helm, ArgoCD, and Argo-Rollouts](https://jijujacob27.medium.com/sharded-saas-applications-on-kubernetes-using-helm-argocd-and-argo-rollouts-a683c66f8646) You will use Argo-Rollouts for deploying the app using the Blue/Green strategy. +- [medium.com/@ej.sta.ana: Easy Blue-Green Deployment on Openshift Container Platform using Argo Rollouts](https://medium.com/@ej.sta.ana/easy-blue-green-deployment-on-openshift-container-platform-using-argo-rollouts-4d514b3c5c0f) Argo Rollouts is part of the Argo project which includes the popular ArgoCD gitops tool. Argo Rollouts can help you do blue-green deployment easily on Kubernetes/OpenShift. +- [infracloud.io: Progressive Delivery with Argo Rollouts : Blue-Green Deployment](https://www.infracloud.io/blogs/progressive-delivery-argo-rollouts-blue-green-deployment/) In this post, you'll learn how to perform a blue-green deployment using the Argo Rollouts controller and CRD. + +## Argo Workflows +- [blog.argoproj.io: What’s new in Argo Workflows v3.3](https://blog.argoproj.io/whats-new-in-argo-workflows-v3-3-dd051d2f1c7) +- [dev.to: The three meanings of "template" in Argo Workflows](https://dev.to/crenshaw_dev/the-three-meanings-of-template-in-argo-workflows-2paf) +- [blog.argoproj.io: Practical Argo Workflows Hardening 🌟](https://blog.argoproj.io/practical-argo-workflows-hardening-dd8429acc1ce) In this post, you'll cover: + - High-level best practices you should know to secure your workflows + - The various components that make up Argo, and how to secure those components + - Dive into operating and using Argo securely + - [blog.argoproj.io: Architecting Workflows For Reliability](https://blog.argoproj.io/architecting-workflows-for-reliability-d33bd720c6cc) Kubernetes is designed for stateless scalable web applications, apps where if one process dies, then another process can be dropped in its place. Kubernetes makes one promise — it will kill your pods. Kubernetes expects applications built on it to be tolerant of both any disruption— so apps must be designed with that in mind. ``` @@ -49,32 +115,7 @@ Kubernetes xx ``` -- [blog.argoproj.io: Best Practices for Multi-tenancy in Argo CD](https://blog.argoproj.io/best-practices-for-multi-tenancy-in-argo-cd-273e25a047b0) -- [argoproj.github.io: Argo Events - The Event-driven Workflow Automation Framework](https://argoproj.github.io/argo-events/) Argo Events is an event-driven workflow automation framework for Kubernetes which helps you trigger K8s objects, Argo Workflows, Serverless workloads, etc. on events from a variety of sources like webhooks, S3, schedules, messaging queues, etc. -- [jijujacob27.medium.com: Sharded applications on Kubernetes using Helm, ArgoCD, and Argo-Rollouts](https://jijujacob27.medium.com/sharded-saas-applications-on-kubernetes-using-helm-argocd-and-argo-rollouts-a683c66f8646) You will use Argo-Rollouts for deploying the app using the Blue/Green strategy. -- [medium.com/@ScrumPokerPro: Cloud native architecture with Kubernetes and ArgoCD](https://medium.com/@ScrumPokerPro/cloud-native-architecture-with-kubernetes-and-argocd-ebecda7784b8) -- [faun.pub: Deploying Argo CD and Sealed Secrets with Helm](https://faun.pub/deploying-argo-cd-and-sealed-secrets-with-helm-8de12f53051b) In this tutorial, you will go over the declarative setup of Argo CD and Sealed Secrets on a Kubernetes cluster. For deploying Argo CD and Sealed Secrets you will be using Helm Charts -- [dev.to: The three meanings of "template" in Argo Workflows](https://dev.to/crenshaw_dev/the-three-meanings-of-template-in-argo-workflows-2paf) -- [amralaayassen.medium.com: How to create ArgoCD Applications Automatically using ApplicationSet? “Automation of GitOps”](https://amralaayassen.medium.com/how-to-create-argocd-applications-automatically-using-applicationset-automation-of-the-gitops-59455eaf4f72) -- [==argoproj.github.io: Argo Rollouts - Kubernetes Progressive Delivery Controller==](https://argoproj.github.io/argo-rollouts/) **Argo Rollouts is a Kubernetes controller and set of CRDs which provide advanced deployment capabilities such as blue-green, canary, canary analysis, experimentation, and progressive delivery features to Kubernetes** -- [blog.getambassador.io: GitOps in Kubernetes with ArgoCD](https://blog.getambassador.io/gitops-in-kubernetes-with-argocd-c6ea0e510741) -- [blog.akuity.io: Unveil the Secret Ingredients of Continuous Delivery at Enterprise Scale with Argo CD](https://blog.akuity.io/unveil-the-secret-ingredients-of-continuous-delivery-at-enterprise-scale-with-argo-cd-7c5b4057ee49) Do you know that Argo CD can support thousands of apps and hundreds of clusters? in this article you will deep dive into Argo CD, bring answers and best practices on operating it at an enterprise scale -- [dev.to: Towards a Modular DevOps Stack](https://dev.to/camptocamp-ops/towards-a-modular-devops-stack-257c) In this article, you will learn how to **modularize your infrastructure using Terraform and ArgoCD** -- [datree.io: ArgoCD Best Practices](https://datree.io/resources/argocd-best-practices-you-should-know) -- [==devops.com: The Argo Project: Making GitOps Practical==](https://devops.com/the-argo-project-making-gitops-practical/) - -## Argo CD Vulnerabilities -- [threatpost.com: Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers](https://threatpost.com/argo-cd-security-bug-kubernetes-cloud-apps/178239/) -- [thehackernews.com: New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps](https://thehackernews.com/2022/02/new-argo-cd-bug-could-let-hackers-steal.html) -- [armosec.io: CVE 2022-24348 – Argo CD High Severity Vulnerability and its impact on Kubernetes](https://www.armosec.io/blog/cve-2022-24348-argo-kubernetes/) -- [securityaffairs.co: Argo CD flaw could allow stealing sensitive data from Kubernetes Apps](https://securityaffairs.co/wordpress/127708/hacking/kubernetes-argo-cd-flaw.html) Argo CD is used by hundreds of organizations, including Alibaba Group, BMW Group, Deloitte, IBM, Intuit, Red Hat, Skyscanner, and Swisscom. -- [infoworld.com: How to protect your Kubernetes infrastructure from the Argo CD vulnerability](https://www.infoworld.com/article/3650659/how-to-protect-your-kubernetes-infrastructure-from-the-argo-cd-vulnerability.html) A zero-day vulnerability in Argo CD could be putting sensitive information like passwords and API keys at risk. Are you protected? - -## Argo CD Tools -- [argoproj-labs/argocd-autopilot: Argo-CD Autopilot](https://github.com/argoproj-labs/argocd-autopilot) The Argo-CD Autopilot is a tool which offers an opinionated way of installing Argo-CD and managing GitOps epositories. New users to GitOps and Argo CD are not often sure how they should structure their repos, add applications, promote apps across environments, and manage the Argo CD installation itself using GitOps. Argo Autopilot is a project that solves that -- [argoproj-labs/applicationset: Argo CD ApplicationSet Controller](https://github.com/argoproj-labs/applicationset) The ApplicationSet controller is a Kubernetes controller that adds support for a new custom ApplicationSet CustomResourceDefinition (CRD). The ApplicationSet controller manages multiple Argo CD Applications as a single ApplicationSet unit, supporting deployments to large numbers of clusters, deployments of large monorepos, and enabling secure Application self-service. -- [IBM/argocd-vault-plugin](https://github.com/IBM/argocd-vault-plugin) An ArgoCD plugin to retrieve secrets from Hashicorp Vault and inject them into Kubernetes secrets. -- [==argoproj-labs/argocd-vault-plugin==](https://github.com/argoproj-labs/argocd-vault-plugin) ArgoCD-Vault-plugin is an Argo CD plugin to retrieve secrets from various Secret Management tools (HashiCorp Vault, IBM Cloud Secrets Manager, AWS Secrets Manager, etc.) and inject them into Kubernetes resources - https://argocd-vault-plugin.readthedocs.io +- [medium.com/atlantbh: Implementing CI/CD pipeline using Argo Workflows and Argo Events 🌟](https://medium.com/atlantbh/implementing-ci-cd-pipeline-using-argo-workflows-and-argo-events-6417dd157566) ## Videos ??? note "Click to expand!" diff --git a/docs/aws-architecture.md b/docs/aws-architecture.md index 1b51ea2d..77cf7195 100644 --- a/docs/aws-architecture.md +++ b/docs/aws-architecture.md @@ -17,6 +17,7 @@ - [==Creating a Multi-Region Application with AWS Services – Part 1, Compute, Networking, and Security==](https://aws.amazon.com/blogs/architecture/creating-a-multi-region-application-with-aws-services-part-1-compute-and-security/) - [==Creating a Multi-Region Application with AWS Services – Part 2, Data and Replication==](https://aws.amazon.com/blogs/architecture/creating-a-multi-region-application-with-aws-services-part-2-data-and-replication/) - [==Let’s Architect! Architecting microservices with containers==](https://aws.amazon.com/blogs/architecture/lets-architect-architecting-microservices-with-containers/) Microservices structure an application as a set of independently deployable services. They speed up software development and allow architects to quickly update systems to adhere to changing business requirements. According to best practices, the different services should be loosely coupled, organized around business capabilities, independently deployable, and owned by a single team. If applied correctly, there are multiple advantages to using microservices. However, working with microservices can also bring challenges. In this edition of Let’s Architect!, we explore the advantages, mental models, and challenges deriving from microservices with containers. +- [Strategies for consolidating AWS environments](https://aws.amazon.com/de/blogs/mt/strategies-for-consolidating-aws-environments/) ## AWS Architecture Blog, Official Blog, AWS Labs, AWS Quick Start - [AWS Architecture Blog](https://www.awsarchitectureblog.com) @@ -41,4 +42,6 @@ - [The Truth About Downtime in the Cloud](http://cloud.netapp.com/blog/prepare-for-the-day-of-all-cloud) - [thenewstack.io: Avoid the 5 Most Common Amazon Web Services Misconfigurations in Build-Time](https://thenewstack.io/avoid-the-5-most-common-amazon-web-services-misconfigurations-in-build-time/) - [zarantech.com: Top 5 Pillars of AWS Well-Architected Structure](https://www.zarantech.com/blog/top-5-pillars-of-aws-well-architected-structure/) -- [foreseeti.com: How to become and stay AWS well architected in a smart way](https://foreseeti.com/how-to-become-and-stay-aws-well-architected-in-a-smart-way/) \ No newline at end of file +- [foreseeti.com: How to become and stay AWS well architected in a smart way](https://foreseeti.com/how-to-become-and-stay-aws-well-architected-in-a-smart-way/) +- [AWS Architecture Blog: Use templated answers to perform Well-Architected reviews at scale](https://aws.amazon.com/blogs/architecture/use-templated-answers-to-perform-well-architected-reviews-at-scale/) +- [medium.com/@buraktahtacioglu: AWS Well-Architected Framework — AWS Roadmap](https://medium.com/@buraktahtacioglu/aws-well-architected-framework-aws-roadmap-80aaa6ca7f53) \ No newline at end of file diff --git a/docs/aws-backup.md b/docs/aws-backup.md index 2855f4b4..3a2a22e8 100644 --- a/docs/aws-backup.md +++ b/docs/aws-backup.md @@ -12,13 +12,15 @@ - [Udemy - AWS: How to Architect with a Design for Failure Approach](https://www.udemy.com/how-to-architect-with-a-design-for-failure-approach/) - [How to Restore Your Instance Data from a Backup using Snapshots on AWS EC2/EBS](https://www.cloudinsidr.com/content/how-to-restore-your-instance-data-from-a-backup-using-snapshots-on-aws-ec2ebs/) - [Backup and archive to AWS Storage Gateway VTL with Veeam Backup & Replication v9](https://aws.amazon.com/es/about-aws/whats-new/2016/08/backup-and-archive-to-aws-storage-gateway-vtl-with-veeam-backup-and-replication-v9/) -- [Creating Disaster Recovery Mechanisms Using Amazon Route 53](https://aws.amazon.com/blogs/networking-and-content-delivery/creating-disaster-recovery-mechanisms-using-amazon-route-53/) +- [Creating Disaster Recovery Mechanisms Using Amazon Route 53 🌟](https://aws.amazon.com/blogs/networking-and-content-delivery/creating-disaster-recovery-mechanisms-using-amazon-route-53/) + - [Disaster recovery with AWS managed services, Part 2: Multi-Region/backup and restore 🌟](https://aws.amazon.com/blogs/architecture/disaster-recovery-with-aws-managed-services-part-ii-multi-region-backup-and-restore/) ## AWS Backup Service - [AWS Backup Service](https://aws.amazon.com/backup) - [medium: AWS Backup Service for Amazon RDS](https://medium.com/avmconsulting-blog/aws-backup-service-for-amazon-rds-3e6f5827aa66) - [Automate and centrally manage data protection for Amazon S3 with AWS Backup](https://aws.amazon.com/blogs/storage/automate-and-centrally-manage-data-protection-for-amazon-s3-with-aws-backup/) - [Preview – AWS Backup Adds Support for Amazon S3](https://aws.amazon.com/blogs/aws/preview-aws-backup-adds-support-for-amazon-s3/) +- [Disaster Recovery with AWS Managed Services, Part I: Single Region](https://aws.amazon.com/blogs/architecture/disaster-recovery-with-aws-managed-services-part-i-single-region/) ## AWS Migrations - [New AWS Competency – AWS Migration](https://aws.amazon.com/blogs/aws/new-aws-competency-aws-migration/) diff --git a/docs/aws-databases.md b/docs/aws-databases.md index 0c242990..935792a7 100644 --- a/docs/aws-databases.md +++ b/docs/aws-databases.md @@ -32,6 +32,7 @@ - [New Amazon RDS for MySQL & PostgreSQL Multi-AZ Deployment Option: Improved Write Performance & Faster Failover](https://aws.amazon.com/blogs/aws/amazon-rds-multi-az-db-cluster/) - [Amazon Aurora PostgreSQL blue/green deployment using fast database cloning](https://aws.amazon.com/blogs/database/amazon-aurora-postgresql-blue-green-deployment-using-fast-database-cloning/) - [Securely connect to an Amazon RDS or Amazon EC2 database instance remotely with your preferred GUI](https://aws.amazon.com/blogs/database/securely-connect-to-an-amazon-rds-or-amazon-ec2-database-instance-remotely-with-your-preferred-gui/) +- [Modernize database stored procedures to use Amazon Aurora PostgreSQL federated queries, pg_cron, and AWS Lambda](https://aws.amazon.com/blogs/database/modernize-database-stored-procedures-to-use-amazon-aurora-postgresql-federated-queries-pg_cron-and-aws-lambda/) ## AWS Database Migration Service DMS - [AWS Database Migration Service](https://aws.amazon.com/blogs/aws/aws-database-migration-service/) diff --git a/docs/aws-messaging.md b/docs/aws-messaging.md index 973b3ecc..0d13c812 100644 --- a/docs/aws-messaging.md +++ b/docs/aws-messaging.md @@ -1,6 +1,6 @@ # AWS Messaging Services - [AWS SNS and SQS. Amazon Simple Notification Service and Amazon Simple Queue Service](#aws-sns-and-sqs-amazon-simple-notification-service-and-amazon-simple-queue-service) - - [SNS vs SQS](#sns-vs-sqs) + - [SNS vs SQS](#sns-vs-sqs) - [AWS EventBridge](#aws-eventbridge) - [Tweets](#tweets) @@ -11,6 +11,7 @@ - The **Simple Notification Service**, or SNS for short, is one of the central services to build serverless architectures in the AWS cloud. SNS itself is a serverless messaging service that can distribute massive numbers of messages to different recipients. These include mobile end-user devices, like smartphones and tablets, but also other services inside the AWS ecosystem. - SNS’ ability to target AWS services makes it the perfect companion for AWS Lambda. If you need custom logic, go for Lambda; if you need to fan out messages to multiple other services in parallel, SNS is the place to be. - [dashbird.io: [Infographic] AWS SNS from a serverless perspective](https://dashbird.io/blog/aws-sns/) +- [enlear.academy: How To Build a Scalable Email Notification Service Using AWS](https://enlear.academy/how-to-build-a-scalable-email-service-using-aws-d404b347a7fb) Using AWS Lambda, DynamoDB, Amazon SQS, Amazon SES, and Amazon API Gateway to build a scalable email notification service. ### SNS vs SQS - [==dev.to: When to SNS or SQS==](https://dev.to/aws-builders/when-to-sns-or-sqs-2aji) @@ -26,4 +27,6 @@
+ +
\ No newline at end of file diff --git a/docs/aws-miscellaneous.md b/docs/aws-miscellaneous.md index f5128ae9..d8b8eb8f 100644 --- a/docs/aws-miscellaneous.md +++ b/docs/aws-miscellaneous.md @@ -20,6 +20,7 @@ - [AWS App Runner](#aws-app-runner) - [Development](#development) - [Cloud Development Kit CDK](#cloud-development-kit-cdk) +- [AWS Session Manager](#aws-session-manager) - [AWS Cloud Endure](#aws-cloud-endure) - [ECommerce](#ecommerce) - [AWS Clients](#aws-clients) @@ -100,8 +101,9 @@ - [dev.to: 10 New AWS Amplify Features to Check Out](https://dev.to/aws/10-new-aws-amplify-features-to-check-out-4291) ## AWS App Runner -- https://aws.amazon.com/apprunner/ +- [AWS App Runner 🌟](https://aws.amazon.com/apprunner/) AWS App Runner is one of the simplest ways to run your containerized web applications and APIs on AWS. App Runner abstracts away the cloud resources needed for running your web application or API, including load balancers, TLS certificates, auto-scaling, logs, metrics, tracing (such as observability), as well as the underlying compute resources. With App Runner, you can start with source code or a container image. - [dev.to: AWS App Runner : How to deploy containerized applications using App Runner](https://dev.to/aws-builders/aws-app-runner-how-to-deploy-containerized-applications-using-app-runner-1f7c) AWS App Runner is an AWS service that provides a fast, simple and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud. You don’t need to learn new technologies, decide which compute service to use, or know how to provision and configure AWS resources. +- [Architecting for resiliency on AWS App Runner](https://aws.amazon.com/blogs/containers/architecting-for-resiliency-on-aws-app-runner/) Using two regions in an active-active configuration ## Development - [thenewstack.io: Remote Debugging in AWS: The Missing Link in Your Debugging Toolset](https://thenewstack.io/remote-debugging-in-aws-the-missing-link-in-your-debugging-toolset/) @@ -113,6 +115,10 @@ - [==freecodecamp.org: AWS CDK v2 Tutorial – How to Create a Three-Tier Serverless Application==](https://www.freecodecamp.org/news/aws-cdk-v2-three-tier-serverless-application/) - [medium.com/contino-engineering: We’ve begun to move towards the AWS CDK and here’s why](https://medium.com/contino-engineering/weve-begun-to-move-towards-the-aws-cdk-and-here-s-why-69c8fad688b3) +## AWS Session Manager +- [aws.amazon.com: AWS Systems Manager announces support for port forwarding to remote hosts using Session Manager](https://aws.amazon.com/about-aws/whats-new/2022/05/aws-systems-manager-support-port-forwarding-remote-hosts-using-session-manager/) +- [faun.pub: Using AWS Session Manager For Port Forwarding To Remote Hosts](https://faun.pub/using-aws-session-manager-for-port-forwarding-to-remote-hosts-8168589ba579) + ## AWS Cloud Endure - [AWS Cloud Endure Migration](https://aws.amazon.com/cloudendure-migration/) diff --git a/docs/aws-networking.md b/docs/aws-networking.md index 8a0b4344..fed78a9c 100644 --- a/docs/aws-networking.md +++ b/docs/aws-networking.md @@ -22,6 +22,7 @@ - [Resolve DNS names of Network Load Balancer nodes to limit cross-Zone traffic](https://aws.amazon.com/blogs/networking-and-content-delivery/resolve-dns-names-of-network-load-balancer-nodes-to-limit-cross-zone-traffic) - [github.com/seligman/aws-ip-ranges: AWS's ip-ranges.json](https://github.com/seligman/aws-ip-ranges) AWS adds an extra 5.5M IPv4 addresses. Tracking the history and size of AWS's ip-ranges.json file. AWS provides a data file showing the current IP ranges their services use, called ip-ranges.json. This repository tracks changes to that file, and based off a trigger on the SNS topic automatically produces this chart showing how what percentage of the Internet's IPv4 address space AWS is in control of. - [medium: Building a Global Network with AWS Transit Gateway](https://medium.com/avmconsulting-blog/building-a-global-network-with-aws-transit-gateway-7ab0e5222f12) Connecting branch and corporate offices into the AWS cloud to build a global network is necessary to provide ubiquitous accessibility for users. This solution uses AWS Transit Gateway, AWS Direct Connect, and AWS Accelerated Site-to-Site VPN to build a modern, secure, scalable, and cost-efficient WAN on top of the AWS global network. +- [aws.amazon.com: Creating active/passive BGP connections over AWS Direct Connect](https://aws.amazon.com/blogs/networking-and-content-delivery/creating-active-passive-bgp-connections-over-aws-direct-connect/) ## AWS Route 53 - [How do I transfer a domain to AWS from another registrar?](https://aws.amazon.com/premiumsupport/knowledge-center/transfer-domain-to-aws/) @@ -45,6 +46,7 @@ - [medium: 10 reasons why you should think about using an AWS Application Load Balancer](https://medium.com/ankercloud-engineering/10-reasons-why-you-should-think-about-using-an-aws-application-loadbalancer-945f57816c34) - [Introducing the AWS Load Balancer Controller](https://aws.amazon.com/blogs/containers/introducing-aws-load-balancer-controller/) - [Fine-tuning blue/green deployments on application load balancer](https://aws.amazon.com/blogs/devops/blue-green-deployments-with-application-load-balancer/) +- [faun.pub: End To End SSL Encryption With AWS Application Load Balancer](https://faun.pub/end-to-end-ssl-encryption-with-aws-application-load-balancer-b43db918bd9e) ## Gateway Load Balancer (GWLB) - [Centralized Traffic Inspection with Gateway Load Balancer on AWS](https://aws.amazon.com/blogs/apn/centralized-traffic-inspection-with-gateway-load-balancer-on-aws/) @@ -70,6 +72,8 @@ - [ealtili.medium.com: Deepdive to VPCs and Connections to VPC](https://ealtili.medium.com/deepdive-to-vpcs-and-connections-to-vpc-2de3fb164d7c) - [Centralize access using VPC interface endpoints to access AWS services across multiple VPCs](https://aws.amazon.com/blogs/networking-and-content-delivery/centralize-access-using-vpc-interface-endpoints/) - [==betterprogramming.pub: AWS: Creating a VPC With an Auto-scaling Group Using T2.micro Instances==](https://betterprogramming.pub/aws-creating-a-vpc-with-an-auto-scaling-group-using-t2-micro-instances-4ac2c5c7795b) **Maintain a self-healing architecture** +- [alanblackmore.medium.com: What is AWS VPC Peering? 🌟](https://alanblackmore.medium.com/what-is-aws-vpc-peering-af85c1e29fb2) +- [awstip.com: Setting Up AWS VPC Endpoint Connection](https://awstip.com/setting-up-aws-vpc-endpoint-connection-d4294d0c2204) ### AWS Client VPN - [cloudonaut.io: AWS Client VPN: Connected with the Cloud](https://cloudonaut.io/aws-client-vpn-connected-with-the-cloud/) diff --git a/docs/aws-newfeatures.md b/docs/aws-newfeatures.md index e45c2248..7c269284 100644 --- a/docs/aws-newfeatures.md +++ b/docs/aws-newfeatures.md @@ -78,4 +78,7 @@ - [AWS Lambda Now Supports Up to 10 GB Ephemeral Storage](https://aws.amazon.com/blogs/aws/aws-lambda-now-supports-up-to-10-gb-ephemeral-storage/) - [Introducing Amazon CloudWatch Metrics Insights (General Availability)](https://aws.amazon.com/about-aws/whats-new/2022/04/amazon-cloudwatch-metrics-insights/) - [AWS Shield Advanced now supports Application Load Balancer for automatic application layer DDoS mitigation](https://aws.amazon.com/about-aws/whats-new/2022/04/aws-shield-application-balancer-automatic-ddos-mitigation/) -- [==AWS Single Sign-On launches configurable synchronization for Microsoft Active Directory==](https://aws.amazon.com/about-aws/whats-new/2022/04/aws-single-sign-on-configurable-synchronization-microsoft-active-directory/) \ No newline at end of file +- [==AWS Single Sign-On launches configurable synchronization for Microsoft Active Directory==](https://aws.amazon.com/about-aws/whats-new/2022/04/aws-single-sign-on-configurable-synchronization-microsoft-active-directory/) +- [Integration of AWS Well-Architected Tool with AWS Organizations](https://aws.amazon.com/about-aws/whats-new/2022/06/aws-well-architected-tool-organizations-integration/) +- [AWS Single Sign-On (AWS SSO) adds support for AWS Identity and Access Management (IAM) customer managed policies (CMPs)](https://aws.amazon.com/about-aws/whats-new/2022/07/aws-single-sign-on-aws-sso-aws-identity-access-management-iam-customer-managed-policies-cmps/) +- [Announcing new AWS IAM Identity Center APIs to manage users and groups at scale](https://aws.amazon.com/blogs/security/announcing-new-aws-iam-identity-center-apis-to-manage-users-and-groups-at-scale/) \ No newline at end of file diff --git a/docs/aws-security.md b/docs/aws-security.md index 1d7bdba1..50720480 100644 --- a/docs/aws-security.md +++ b/docs/aws-security.md @@ -1,14 +1,17 @@ # AWS Security - [Introduction](#introduction) +- [AWS Security Reference Architecture AWS SRA](#aws-security-reference-architecture-aws-sra) - [Policy as Code with AWS CDK and Open Policy Agent](#policy-as-code-with-aws-cdk-and-open-policy-agent) - [Payment Card Industry Data Security Standard compliance](#payment-card-industry-data-security-standard-compliance) - [AWS IAM](#aws-iam) + - [AWS IAM Anywhere](#aws-iam-anywhere) - [AWS Organizations](#aws-organizations) - [AWS Control Tower](#aws-control-tower) - [AWS Firewalls](#aws-firewalls) - [AWS WAF Web Application Firewall](#aws-waf-web-application-firewall) - [AWS Secrets Manager](#aws-secrets-manager) - [AWS Vault](#aws-vault) +- [Tweets](#tweets) ## Introduction - [AWS Security Blog](http://blogs.aws.amazon.com/security) @@ -37,6 +40,12 @@ - [==How to automate AWS account creation with SSO user assignment==](https://aws.amazon.com/blogs/security/how-to-automate-aws-account-creation-with-sso-user-assignment/) - [Security practices in AWS multi-tenant SaaS environments](https://aws.amazon.com/blogs/security/security-practices-in-aws-multi-tenant-saas-environments/) Many good tips, from identity management to tenant isolation. - [How to use AWS Security Hub and Amazon OpenSearch Service for SIEM](https://aws.amazon.com/blogs/security/how-to-use-aws-security-hub-and-amazon-opensearch-service-for-siem/) +- [faun.pub: Handling Exposed AWS Access Key](https://faun.pub/handling-exposed-aws-access-key-b053362abd73) +- [github.com/aws-samples: How to set up continuous replication from your third-party secrets manager to AWS Secrets Manager](https://github.com/aws-samples/aws-secrets-manager-hybrid-secret-replication-from-hashicorp-vault) + +## AWS Security Reference Architecture AWS SRA +- [==docs.aws.amazon.com: AWS Security Reference Architecture (AWS SRA)== 🌟](https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/welcome.html) +- [aws.amazon.com: Update of AWS Security Reference Architecture is now available](https://aws.amazon.com/blogs/security/update-of-aws-security-reference-architecture-is-now-available/) A set of guidelines for deploying the full complement of AWS security services in a multi-account environment. ## Policy as Code with AWS CDK and Open Policy Agent - [Realize Policy-as-Code with AWS Cloud Development Kit through Open Policy Agent 🌟](https://aws.amazon.com/blogs/opensource/realize-policy-as-code-with-aws-cloud-development-kit-through-open-policy-agent/) @@ -66,6 +75,14 @@ - You can constrain access to sensitive data - You'll promote innovation & agility - You can more easily manage costs +- [aws.amazon.com: When and where to use IAM permissions boundaries](https://aws.amazon.com/blogs/security/when-and-where-to-use-iam-permissions-boundaries/) A permissions boundary is an IAM feature that helps your centralized cloud IAM teams to safely empower your application developers to create new IAM roles and policies in Amazon Web Services (AWS). +- [Extend AWS IAM roles to workloads outside of AWS with IAM Roles Anywhere 🌟](https://aws.amazon.com/blogs/security/extend-aws-iam-roles-to-workloads-outside-of-aws-with-iam-roles-anywhere/) **A secure way for on-premises servers, containers, or apps to obtain temporary AWS credentials and remove the need for creating and managing long-term AWS credentials** +- [binx.io: Working with AWS Permission Policies 🌟](https://binx.io/2022/07/13/working-with-aws-permission-policies/) + +### AWS IAM Anywhere +- [==jimmydqv.com: AWS IAM Anywhere== 🌟](https://jimmydqv.com/iam-anywhere/) + - Most of us that have worked with cloud long enough has encountered hybrid cloud solutions in one way or another. I often see clients with some parts, or applications, running on-premises that need to call AWS services. I'm working with an client with an application running on-premises. The application gather data from different sources, and then upload the data files to an Amazon S3 Bucket. The data is imported and analyzed in the cloud. Up till now I needed to create an IAM User and generate long lived credentials that the on-premises part could use. That is until the recent release of IAM Anywhere. + - IAM Anywhere rely on Public key Infrastructure (PKI) and exchange x.509 certificates for temporary AWS IAM credentials. You establish a trust between you AWS account and a Certificate Authority (CA), a trust anchor. Certificates issued by that CA can then be used to get credentials. Fields, like the Common Name (CN), in the certificate can be used as conditions in policies to limit what IAM Roles that can be assumed. ## AWS Organizations - [Simplifying permissions management at scale using tags in AWS Organizations](https://aws.amazon.com/blogs/mt/simplifying-permissions-management-at-scale-using-tags-in-aws-organizations/) @@ -88,6 +105,7 @@ - [AWS WAF sample rules](https://github.com/awslabs/aws-waf-sample) - [medium: Blocking bots using AWS WAF](https://medium.com/cloud-techies/blocking-bots-using-aws-waf-d449e6d159ca) - [medium: Protecting your Web Application or APIs using AWS WAF](https://medium.com/avmconsulting-blog/protecting-your-web-application-or-apis-using-aws-waf-1829ff79275a) +- [faun.pub: Set up global rate limiting with AWS WAF in 5 minutes](https://faun.pub/set-up-global-rate-limiting-with-aws-waf-in-5-minutes-bd43a9309683) ## AWS Secrets Manager - [How to replicate secrets in AWS Secrets Manager to multiple Regions](https://aws.amazon.com/blogs/security/how-to-replicate-secrets-aws-secrets-manager-multiple-regions/) @@ -98,3 +116,12 @@ - [AWS Vault](https://github.com/99designs/aws-vault) is a tool to securely store and access AWS credentials in a development environment. - [AWS: Sourcing AWS CLI Credentials using a Custom AWS CLI Credential Provider and AWS Vault](https://thomas.geens.be/2020/05/24/aws-sourcing-aws-cli-credentials-using-a-custom-aws-cli-credential-provider-and-aws-vault/) +## Tweets +
+ Click to expand! + +
+ +
+
+ diff --git a/docs/aws-serverless.md b/docs/aws-serverless.md index ccb4a32f..93bcab4b 100644 --- a/docs/aws-serverless.md +++ b/docs/aws-serverless.md @@ -42,6 +42,9 @@ - [betterprogramming.pub: Exploring the Serverless Event-Driven Architecture](https://betterprogramming.pub/exploring-the-serverless-event-driven-architecture-8d6bda93e823) Meet your old friends Terraform, Lambda, SQS, and Python - [==betterprogramming.pub: Lambda vs. Step Functions: The Battle of Cost and Performance==](https://betterprogramming.pub/lambda-vs-step-functions-the-battle-of-cost-and-performance-5f008045e2ab) With the big push to use Step Functions over Lambda, you might be wondering “which is more cost-effective”? The answer might surprise you. - There are use cases for both, but the consensus for production development lives with a hybrid approach: performing a base set of actions synchronously, like validations and id creation **and kicking off the rest of the processing asynchronously**. You’d then [use a WebSocket](https://betterprogramming.pub/introduction-to-aws-websockets-8b336a92c379) to inform the user when the workflow is complete. +- [medium.com/awesome-cloud: AWS — Difference between Serverless (Lambda) and Containers (Kubernetes)](https://medium.com/awesome-cloud/aws-difference-between-serverless-lambda-and-containers-kubernetes-serverless-vs-containers-lambda-vs-k8s-a166931870a2) +- [aws.amazon.com: Scaling AWS Lambda permissions with Attribute-Based Access Control (ABAC)](https://aws.amazon.com/blogs/compute/scaling-aws-lambda-permissions-with-attribute-based-access-control-abac/) +- [aws.amazon.com: Understanding AWS Lambda scaling and throughput](https://aws.amazon.com/blogs/compute/understanding-aws-lambda-scaling-and-throughput/) ## AWS Fargate - [Amazon EFS with Amazon ECS and AWS Fargate – Part 1](https://aws.amazon.com/es/blogs/containers/developers-guide-to-using-amazon-efs-with-amazon-ecs-and-aws-fargate-part-1/) diff --git a/docs/aws-storage.md b/docs/aws-storage.md index 79a39c26..15c038d2 100644 --- a/docs/aws-storage.md +++ b/docs/aws-storage.md @@ -19,6 +19,7 @@ - [blog.min.io: Certificate-based Authentication for S3](https://blog.min.io/certificate-based-authentication-with-s3/) MinIO encrypts data when stored on disk and when transmitted over the network. - [==acloudguru.com: S3 Glacier Instant Retrieval deep dive: Which S3 Storage Class is right for me?==](https://acloudguru.com/blog/engineering/s3-glacier-instant-retrieval-deep-dive-which-s3-storage-class-is-right-for-me) - [Monitor Amazon S3 activity using S3 server access logs and Pandas in Python](https://aws.amazon.com/blogs/storage/monitor-amazon-s3-activity-using-s3-server-access-logs-and-pandas-in-python/) +- [Building an active-active, latency-based application across multiple Regions 🌟](https://aws.amazon.com/blogs/storage/building-an-active-active-latency-based-application-across-multiple-regions/) ## Amazon EFS Elastic File System - [EFS Elastic File System](https://aws.amazon.com/blogs/aws/amazon-elastic-file-system-production-ready-in-three-regions) diff --git a/docs/aws-tools-scripts.md b/docs/aws-tools-scripts.md index d0f2b12b..408bbedb 100644 --- a/docs/aws-tools-scripts.md +++ b/docs/aws-tools-scripts.md @@ -6,6 +6,7 @@ - [AWS Toolkits](#aws-toolkits) - [AWS Management Tools Blog](#aws-management-tools-blog) - [AWS CLI and AWS SDK](#aws-cli-and-aws-sdk) +- [Amazon CodeWhisperer](#amazon-codewhisperer) - [Third Party Tools](#third-party-tools) ## AWS Scripts @@ -63,6 +64,10 @@ aws ec2 describe-instances --query 'Reservations[].Instances[].[Placement.Availa - [medium: AWS CLI with jq and Bash](https://medium.com/circuitpeople/aws-cli-with-jq-and-bash-9d54e2eabaf1) The CLI is utilitarian, but a little jq sauce makes it beautiful - [aws.plainenglish.io: Lessons Learned From Switching to AWS SDK v3](https://aws.plainenglish.io/lessons-learned-from-switching-to-aws-sdk-v3-6babe1530a59) Dive into some lessons learned before you switch your Node.js lambda functions over to the latest and greatest +## Amazon CodeWhisperer +- [Amazon CodeWhisperer 🌟](https://aws.amazon.com/codewhisperer/) Amazon CodeWhisperer is a machine learning (ML)–powered service that helps improve developer productivity by generating code recommendations based on developers’ comments in natural language and their code in the integrated development environment (IDE). During preview, CodeWhisperer is available for Java, JavaScript, and Python programming languages. The service integrates with multiple IDEs, including JetBrains (IntelliJ, PyCharm, and WebStorm), Visual Studio Code, AWS Cloud9, and the AWS Lambda console. +- [genbeta.com: Amazon lanza CodeWhisperer, su propia alternativa a GitHub Copilot… que no insertará código ya licenciado sin avisar](https://www.genbeta.com/desarrollo/amazon-lanza-codewhisperer-su-propia-alternativa-a-github-copilot-que-no-insertara-codigo-licenciado-avisar) + ## Third Party Tools - [ec2-spot-converter](https://github.com/jcjorel/ec2-spot-converter) This tool converts existing EC2 instances back and forth from on-demand and 'persistent' Spot billing models while preserving instance attributes (Launch configuration, Tags..), network attributes (existing Private IP addresses, Elastic IP), storage (Volumes), Elastic Inference accelerators and Elastic GPUs. It also allows replacement of existing Spot instances with new "identical" ones to update the instance type and cpu options. - [techcrunch.com: Vantage makes managing AWS easier](https://techcrunch.com/2021/01/12/vantage-makes-managing-aws-easier/) diff --git a/docs/aws-training.md b/docs/aws-training.md index 409d9f23..a5eb917a 100644 --- a/docs/aws-training.md +++ b/docs/aws-training.md @@ -3,6 +3,7 @@ - [eBooks](#ebooks) - [AWS Certification](#aws-certification) - [Closed groups for AWS certified professionals](#closed-groups-for-aws-certified-professionals) +- [Tweets](#tweets) ## Introduction - [New digital course and lab: AWS Cloud Development Kit (CDK) Primer](https://aws.amazon.com/about-aws/whats-new/2021/01/new-digital-course-and-lab-aws-cloud-development-kit-cdk-primer/) - [acloudguru.com](https://acloudguru.com/) @@ -35,3 +36,12 @@ - [AWS Certified Solutions Architect Professional – Study Guide](https://blue-clouds.com/category/study-guide/) - [aws.amazon.com: First AWS Certification Study Guide Now Available](https://aws.amazon.com/es/about-aws/whats-new/2016/10/first-aws-certification-study-guide-now-available/) - [Tips on Passing AWS Certified Solutions Architect - Professional Level](https://www.linkedin.com/pulse/passed-aws-certified-solutions-architect-level-harshit-agarwal) + +## Tweets +
+ Click to expand! + +
+ +
+
\ No newline at end of file diff --git a/docs/aws.md b/docs/aws.md index 634e95e4..326f573f 100644 --- a/docs/aws.md +++ b/docs/aws.md @@ -79,6 +79,9 @@ - [==amazon.qwiklabs.com/catalog==](https://amazon.qwiklabs.com/catalog) **One of the best ways to learn AWS services is to use them. If you want to grow your skills this year check out these AWS quicklabs. Free and paid quests to get you started and gaining experience.** - [==freecodecamp.org/news/tag/aws==](https://www.freecodecamp.org/news/tag/aws/) Are you looking to get into cloud? Check out all the amazing free content available on freecodecamp under the AWS tag. - [==paigeshin1991.medium.com: Drop Nuclear Bomb on your AWS account. How to clear your entire AWS services in 3 seconds==](https://paigeshin1991.medium.com/drop-nuclear-bomb-on-your-aws-services-how-to-clear-your-entire-aws-account-in-3-seconds-53f28928e09c) +- [medium.com/gargee-bhatnagar: How to Create a Custom AMI with Image Pipeline and Automate its Creation Using EC2 Image Builder](https://medium.com/gargee-bhatnagar/how-to-create-a-custom-ami-with-image-pipeline-and-automate-its-creation-using-ec2-image-builder-7e194e39c8e9) +- [==docs.aws.amazon.com: Actions, resources, and condition keys for AWS services== 🌟🌟🌟](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) There's a Reference for all 𝗜𝗔𝗠 𝗔𝗰𝘁𝗶𝗼𝗻𝘀, 𝗿𝗲𝘀𝗼𝘂𝗿𝗰𝗲𝘀, 𝗮𝗻𝗱 𝗰𝗼𝗻𝗱𝗶𝘁𝗶𝗼𝗻 𝗸𝗲𝘆𝘀 𝗳𝗼𝗿 𝗮𝗹𝗹 𝗔𝗪𝗦 𝘀𝗲𝗿𝘃𝗶𝗰𝗲𝘀 🔐 Bookmark it! 🔖 +- [medium.com/@imaze.enabulele: Autoscaling EC2 Instances for High Availability and Stress Testing 🌟](https://medium.com/@imaze.enabulele/autoscaling-ec2-instances-for-high-availability-and-stress-testing-946b41f229e2) ## AWS Application Services - [k21academy.com: AWS Application Services: Lambda, SES, SNS, SQS, SWF](https://k21academy.com/amazon-web-services/aws-solutions-architect/aws-application-services/) @@ -230,5 +233,11 @@ You can filter by topic using the toolbar above.

Today we announced the completion of 16 #AWS Local Zones in the US and plans for 32 more to be built globally. Local Zones offer ultra-low latency at the edge of the cloud—awesome for gaming, streaming, ML, more!https://t.co/CFHmBI8zrK

— Adam Selipsky (@aselipsky) February 17, 2022

What's the fastest way to scale containers on AWS in 2022?

Is EKS faster than ECS? What's faster: serverless workers (Fargate) or to serverful workers (EC2)?
What about App Runner and Lambda?

Now we know: https://t.co/R82caY9nmn

— Vlad Ionescu (he/him) (@iamvlaaaaaaad) April 13, 2022
+ +

AWS DevOps Tools: (Thread)

- #AWS provides plenty of managed tools to meet the needs of #DevOps tools. pic.twitter.com/MxSIw9N6tZ

— Ankit Mehta 🇮🇳🇹🇭 (@ankyitm) June 19, 2022
+ +

Just stumbled upon my first cheat sheet for the Solutions Architect Associate 📚

It's more of a key-facts collection with a design that would need improvement 🌟

𝗗𝗶𝘀𝗰𝗹𝗮𝗶𝗺𝗲𝗿: was made for the 𝗦𝗔𝗔-𝗖𝟬𝟮 & I think there's an upcoming exam update next month! pic.twitter.com/m3dNE57cpZ

— Tobias Schmidt (@tpschmidt_) July 4, 2022
+ +

A list of small tools with a 𝗯𝗶𝗴 𝗶𝗺𝗽𝗮𝗰𝘁 𝗼𝗻 𝗽𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝘃𝗶𝘁𝘆 when working with AWS 🛠 📈 ↓

— Tobias Schmidt (@tpschmidt_) July 4, 2022
diff --git a/docs/azure.md b/docs/azure.md index abdfc9b9..0f64f670 100644 --- a/docs/azure.md +++ b/docs/azure.md @@ -3,6 +3,7 @@ - [New Features](#new-features) - [Blogs](#blogs) - [Azure Training](#azure-training) +- [Azure Naming Convention](#azure-naming-convention) - [Understand Azure Load Balancing](#understand-azure-load-balancing) - [Microsoft Linux Distribution CBL Mariner](#microsoft-linux-distribution-cbl-mariner) - [Azure Patterns](#azure-patterns) @@ -14,6 +15,7 @@ - [Register applications in Azure AD. Authenticate apps and services](#register-applications-in-azure-ad-authenticate-apps-and-services) - [Azure Arc. Azure’s Hybrid And Multi-Cloud Platform. GitOps with Azure Arc](#azure-arc-azures-hybrid-and-multi-cloud-platform-gitops-with-azure-arc) - [Secure DevOps Kit for Azure](#secure-devops-kit-for-azure) +- [Azure Application Gateway](#azure-application-gateway) - [Mobile Apps](#mobile-apps) - [Powershell](#powershell) - [Microsoft Graph PowerShell SDK](#microsoft-graph-powershell-sdk) @@ -24,9 +26,11 @@ - [Azure Run Command](#azure-run-command) - [IaC with PowerShell DSC Desired State Configuration](#iac-with-powershell-dsc-desired-state-configuration) - [Azure Bicep](#azure-bicep) +- [Azure Cross region Load Balancer](#azure-cross-region-load-balancer) - [Azure Traffic Manager](#azure-traffic-manager) - [Azure OpenVPN](#azure-openvpn) - [Azure Security](#azure-security) +- [Azure Data Factory](#azure-data-factory) - [WinGet Windows Package Manager CLI](#winget-windows-package-manager-cli) - [Windows 11](#windows-11) - [Azure API Management](#azure-api-management) @@ -69,6 +73,8 @@ - [==nubesgen.com==](https://nubesgen.com) - [microsoft/NubesGen](https://github.com/microsoft/NubesGen) Going to production on Azure is only one `git push` away. **Kickstart your project on Azure in minutes! Easily generate Terraform and Bicep templates for your project. Automate your infrastructure using GitOps best practices with GitHub Actions. NubesGen is an Open Source project and we are always looking for feedbacks and contributions.** - [infoq.com: NubesGen Brings Git Push to Azure Infrastructure](https://www.infoq.com/news/2022/03/nubesgen-azure-infrastructure/) - [charbelnemnom.com: Move Files Between Azure File Share Tiers and optimize storage costs](https://charbelnemnom.com/move-files-between-azure-file-share-tiers/) +- [==techrepublic.com: What can you do with Azure Files?==](https://www.techrepublic.com/article/what-can-you-do-azure-files/) +- [==satyenkumar.medium.com: Demystifying The Cloud: An Overview of the Microsoft Azure== 🌟🌟🌟](https://satyenkumar.medium.com/demystifying-the-cloud-computing-an-overview-of-the-microsoft-azure-6a5c1fb1799d) Learn how to make the most of the Azure cloud platform in this comprehensive story (Cloud Demystified Series) ## New Features - [==azure.microsoft.com: General availability: Azure Bastion native client support==](https://azure.microsoft.com/en-gb/updates/general-availability-azure-bastion-native-client-support/) @@ -86,6 +92,12 @@ - [==azurecharts.com/learning: Azure Learning Explorer==](https://azurecharts.com/learning) Discover published Azure learning modules, paths, videos, certifications, exams for services of your interest. - [thomasmaurer.ch: How To Learn Microsoft Azure in 2022](https://www.thomasmaurer.ch/2022/01/how-to-learn-microsoft-azure-in-2022/) +## Azure Naming Convention +- [docs.microsoft.com: Define your naming convention](https://docs.microsoft.com/en-gb/azure/cloud-adoption-framework/ready/azure-best-practices/resource-naming) +- [github.com/microsoft/CloudAdoptionFramework: Azure Naming Tool ](https://github.com/microsoft/CloudAdoptionFramework/tree/master/ready/AzNamingTool) + - [seifbassem.com: Azure Naming Tool](https://www.seifbassem.com/blogs/posts/azure-naming-tool/) +- [justinoconnor.codes: Azure Periodic Table of Resource Naming Convention Shorthands](https://justinoconnor.codes/2022/08/19/azure-periodic-table-of-resource-naming-convention-shorthands/) + ## Understand Azure Load Balancing - [docs.microsoft.com: Understand Azure Load Balancing. Decision tree for load balancing in Azure](https://docs.microsoft.com/en-us/azure/architecture/guide/technology-choices/load-balancing-overview) - [mvark.blogspot.com: Comparison of Azure Front Door, Traffic Manager, Application Gateway & Load Balancer](http://mvark.blogspot.com/2019/12/comparison-of-azure-front-door-traffic.html) @@ -96,7 +108,7 @@ ## Azure Patterns - [==mattfeltonma/azure-networking-patterns==](https://github.com/mattfeltonma/azure-networking-patterns) -- [docs.microsoft.com: Cloud Design Patterns](https://docs.microsoft.com/en-us/azure/architecture/patterns/) +- [==docs.microsoft.com: Cloud Design Patterns== 🌟](https://docs.microsoft.com/en-us/azure/architecture/patterns/) ## ARM Templates - [==azure.microsoft.com: Azure Quickstart Templates==](https://azure.microsoft.com/en-us/resources/templates/) Deploy Azure resources through the Azure Resource Manager with community contributed templates to get more done. Deploy, learn, fork and contribute back. @@ -142,7 +154,8 @@ ## Azure AD and RBAC. Service Principal SPN - [itnext.io: Secure Azure Cosmos DB access by using Azure Managed Identities](https://itnext.io/secure-azure-cosmos-db-access-by-using-azure-managed-identities-55f9fdf48fda) Getting rid of passwords (or connection strings) while accessing Azure services and instead making use of Managed Identities is a way to increase the security of your workloads. Learn how to use Managed Identities in this article. - [youtube.com: Azure Service Principal - SPN | Houssem Dellai](https://www.youtube.com/watch?v=-F9yzj4Kjeo&ab_channel=HoussemDellai) -- [youtube.com: How to create Service Principals in Azure Portal | Raaviblog](https://www.youtube.com/watch?v=Hg-YsUITnck&ab_channel=Raaviblog) +- [youtube.com: How to create Service Principals in Azure Portal | Raaviblog](https://www.youtube.com/watch?v=Hg-YsUITnck) +- [==techcommunity.microsoft.com: Dynamic user membership rules, Azure Active Directory Administrative Units and password reset!== 🌟](https://techcommunity.microsoft.com/t5/azure/dynamic-user-membership-rules-azure-active-directory/m-p/3281164) ### Register applications in Azure AD. Authenticate apps and services - [==agrenpoint.com: Azure AD & Microsoft Graph permission scopes, with Azure CLI==](https://www.agrenpoint.com/azcli-adscope/) In this small post, we will look at a scenario where we want to register an Azure AD Application using specific scopes. When adding scopes for service principals using the Azure CLI we need to use the internal Ids. And one way would be to manually create one registration, get that app and then print out the scopes and then copy and paste. @@ -153,6 +166,8 @@ - [microsoftgraph/msgraph-sdk-powershell/samples: 9-Applications.ps1](https://github.com/microsoftgraph/msgraph-sdk-powershell/blob/dev/samples/9-Applications.ps1) - [vcloud-lab.com: Get started and configure certificate-based authentication in Azure](http://vcloud-lab.com/entries/microsoft-azure/get-started-and-configure-with-certificate-based-authentication-in-azure) - [vcloud-lab.com: Create an Azure App registrations in Azure Active Directory using PowerShell & AzureCLI](http://vcloud-lab.com/entries/microsoft-azure/create-an-azure-app-registrations-in-azure-active-directory-using-powershell-azurecli) +- [==nathannellans.com: App Registrations, Enterprise Apps, and Service Principals== 🌟](https://www.nathannellans.com/post/app-registrations-enterprise-apps-and-service-principals) + - [==nathannellans.com: Application Registrations and Enterprise Apps - Part 2== 🌟](https://www.nathannellans.com/post/app-registration-enterprise-apps-part-2) ## Azure Arc. Azure’s Hybrid And Multi-Cloud Platform. GitOps with Azure Arc - [Azure Arc overview](https://docs.microsoft.com/en-us/azure/azure-arc/overview) Alternative to Google Anthos or RHACM @@ -162,12 +177,16 @@ - [youtube: How to run an App Service Web App on Azure Arc-enabled Kubernetes - Part 2 | Azure Tips and Tricks](https://www.youtube.com/watch?v=53-Y_aI0KpE&ab_channel=MicrosoftAzure) - [docs.microsoft.com: CI/CD workflow using GitOps (Flux v2) - Azure Arc enabled Kubernetes](https://docs.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-gitops-flux2-ci-cd) - [thomasmaurer.ch: Run cloud-native apps on Azure PaaS anywhere](https://www.thomasmaurer.ch/2021/06/run-cloud-native-apps-on-azure-paas-anywhere/) +- [seifbassem.com: SSH into your Azure Arc-enabled servers from anywhere](https://www.seifbassem.com/blogs/posts/azure-arc-ssh/) ## Secure DevOps Kit for Azure - [Secure DevOps Kit for Azure](https://github.com/azsk/DevOpsKit) - [DevOpsKit-docs](https://github.com/azsk/DevOpsKit-docs) - [ismiletechnologies.com: Secure DevOps Kit For Azure(AzSK)](https://www.ismiletechnologies.com/devsecops/secure-devops-kit-azureazsk/) +## Azure Application Gateway +- [==nathannellans.com: Azure Application Gateway - Part 1== 🌟](https://www.nathannellans.com/post/azure-application-gateway-part-1) + ## Mobile Apps - [Visual Studio App Center VS Azure Pipelines](https://docs.microsoft.com/en-us/appcenter/build/choose-between-services) - [itnext.io: How to setup CI CD pipelines for Android with Azure DevOps](https://itnext.io/how-to-setup-ci-cd-pipelines-for-android-with-azure-devops-2a4ded0de0e7) At Royale Cheese initially we had setup CI/CD for Android via Microsoft’s Visual Studio App Center (an upgrade of Hockey App), but last year they declared the retirement of MBaas which got us worried about the overall future of VS App Center. That was one of the reasons we wanted to switch away from it. Secondly, the free tier provided around 400 minutes of build time per month per account which would had been sufficient for other technologies, but Android takes around 15 minutes to create a single build and deploy. We all know what gradle is capable of 😉. So having multiple apps (both iOS and Android) in the same account didn’t fare well. @@ -205,6 +224,9 @@ - [softzone.es: Por qué me interesa más usar PowerShell en lugar de CMD](https://www.softzone.es/noticias/windows/por-que-interesa-usar-powershell-lugar-cmd/) - [==mssqltips.com: PowerShell for the DBA - If Else and Switch statements==](https://www.mssqltips.com/sqlservertip/7188/powershell-if-if-else-switch-examples/) - [4sysops.com: Use PsExec and PowerShell together](https://4sysops.com/archives/use-psexec-and-powershell-together/) **How to run PowerShell commands remotely with PsExec** +- [dotnet-helpers.com: Passing Local Variables to Remote PowerShell session](https://dotnet-helpers.com/powershell/passing-local-variables-to-remote-powershell-session/) +- [techcommunity.microsoft.com: Use PowerShell to search for accounts in Active Directory that have gone stale!](https://techcommunity.microsoft.com/t5/windows-server-for-it-pro/use-powershell-to-search-for-accounts-in-active-directory-that/m-p/3585934) +- [techcommunity.microsoft.com: Azure Storage Blob Count & Capacity usage Calculator](https://techcommunity.microsoft.com/t5/azure-paas-blog/azure-storage-blob-count-amp-capacity-usage-calculator/ba-p/3516855) This PowerShell script allow you to count and calculate Azure Storage blob usage for Soft Deleted / non-Soft Deleted objects, by Container, by Tier, with Prefix, and considering Last Modified Date. Azure Storage blob objects is defined as Base Blobs, Blob Snapshots or Blob Versions. ### Microsoft Graph PowerShell SDK - [==microsoftgraph/msgraph-sdk-powershell==](https://github.com/microsoftgraph/msgraph-sdk-powershell) The Microsoft Graph PowerShell SDK is a collection of PowerShell modules that contain commands for calling Microsoft Graph service. @@ -240,6 +262,7 @@ ## Azure CLI. AZ CLI - [argonsys.com: How to query Azure resources using the Azure CLI](https://argonsys.com/microsoft-cloud/library/how-to-query-azure-resources-using-the-azure-cli/) +- [docs.microsoft.com: Expand virtual hard disks on a Linux VM with the Azure CLI](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/expand-disks#resize-without-downtime-preview) ## Azure Run Command - [mandiant.com: Azure Run Command for Dummies](https://www.mandiant.com/resources/azure-run-command-dummies) @@ -254,6 +277,9 @@ ## Azure Bicep - [Bicep](https://github.com/Azure/bicep) Bicep is a Domain Specific Language (DSL) for deploying Azure resources declaratively. +## Azure Cross region Load Balancer +- [==azure.microsoft.com: How Microsoft Azure Cross-region Load Balancer helps create region redundancy and low latency== 🌟](https://azure.microsoft.com/en-in/blog/how-microsoft-azure-crossregion-load-balancer-helps-create-region-redundancy-and-low-latency/) + ## Azure Traffic Manager - [Azure Traffic Manager](https://docs.microsoft.com/azure/traffic-manager/) @@ -265,6 +291,9 @@ - [==github.com/Cloud-Architekt: Azure AD - Attack and Defense Playbook==](https://github.com/Cloud-Architekt/AzureAD-Attack-Defense) **This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.** - [==devops.com: DevSecOps in Azure==](https://devops.com/devsecops-in-azure/) +## Azure Data Factory +- [mssqltips.com: Choosing Between SQL Server Integration Services and Azure Data Factory](https://www.mssqltips.com/sqlservertip/7094/azure-data-factory-vs-ssis-similarities-differences/) + ## WinGet Windows Package Manager CLI - [WinGet: Welcome to the Windows Package Manager Client (aka winget.exe) repository](https://github.com/microsoft/winget-cli/) Windows Package Manager CLI (aka winget) - [muycomputer.com: WinGet 1.0, ya está aquí el administrador de paquetes para Windows](https://www.muycomputer.com/2021/06/03/winget-1-0-paquetes-windows-10/) @@ -327,4 +356,6 @@

Cloud Networking concepts you need to know before getting into being a good architect

⏬Here are the useful link 🧰

Thread🧵👇

— Satyen Kumar (@SatyenKumar) March 11, 2022
+ +

PowerShell cheatsheet#devops #devsecops #kubernetes #cicd #k8s #linux #docker #sysadmin #automation #technology #cloudcomputing #serverless #windows #powershell pic.twitter.com/zljv4ikFp3

— Valdemar (@heyValdemar) June 27, 2022
diff --git a/docs/caching.md b/docs/caching.md index 2482002e..858a739a 100644 --- a/docs/caching.md +++ b/docs/caching.md @@ -23,6 +23,7 @@ - [medium: Microservices Distributed Caching](https://medium.com/design-microservices-architecture-with-patterns/microservices-distributed-caching-76828817e41b) In this article, we are going to talk about Microservices Distributed Caching for Microservices Architectures. As you know that we learned practices and patterns and add them into our design toolbox. And we will use these pattern and practices when designing e-commerce microservice architecture. - [kothiyal-anuj.medium.com: Serverless Diary: The Ultimate Guide to Caching in the Cloud | Anuj Kothiyal](https://kothiyal-anuj.medium.com/serverless-diary-the-ultimate-guide-to-caching-in-the-cloud-249f6a06915f) - [medium.com/rtkal: Distributed Cache Design](https://medium.com/rtkal/distributed-cache-design-348cbe334df1) +- [learncsdesign.medium.com: An Overview of Distributed Caching 🌟](https://learncsdesign.medium.com/an-overview-of-distributed-caching-e426781d1ff0) ## Java Caching - [DZone refcard: Java Caching](https://dzone.com/refcardz/java-caching) Strategies and the JCache API. Explores the building blocks of JCache and other caching APIs, as well as multiple strategies for implementing temporary data storage in your application. @@ -65,6 +66,8 @@ - [Hitch - scalable TLS proxy. Hitch is a libev-based high performance SSL/TLS proxy by Varnish Software](https://hitch-tls.org/) - [slideshare: Varnish - Tips & Tricks - 4Developers 2015](http://www.slideshare.net/piotrpasich/varnish-47199139) - [digitalocean.com: How To Speed Up Static Web Pages with Varnish Cache Server on Ubuntu 20.04](https://www.digitalocean.com/community/tutorials/how-to-speed-up-static-web-pages-with-varnish-cache-server-on-ubuntu-20-04) +- [github.com/IBM/varnish-operator](https://github.com/IBM/varnish-operator) Run and manage Varnish clusters on Kubernetes. Varnish operator manages Varnish clusters using a CustomResourceDefinition that defines a new Kind called VarnishCluster. The operator manages the whole lifecycle of the cluster: creating, deleting and keeping the cluster configuration up to date +- [github.com/mittwald/kube-httpcache](https://github.com/mittwald/kube-httpcache) Varnish Reverse Proxy on Kubernetes ## Memcached - [memcached.org](http://memcached.org) @@ -75,6 +78,7 @@ - [redis.io](http://redis.io) - [Slideshare: Introduction to Redis](http://www.slideshare.net/dvirsky/introduction-to-redis) - [medium: Scaling Millions of Geospatial Queries per minute using Redis](https://medium.com/groupon-eng/scaling-millions-of-geospatial-queries-per-minute-using-redis-7c05bcf6b4db) +- [==architecturenotes.co: Redis Explained== 🌟🌟](https://architecturenotes.co/redis/) A deep technical dive into all things Redis. Covering various Redis topologies, data persistence and process forking. ## Nginx High-performance caching - [Nginxconf 2014. When Dynamic Becomes Static:The Next Step in Web Caching Techniques: Wim Godden](https://www.youtube.com/watch?v=OssIuHbgzJY) diff --git a/docs/chaos-engineering.md b/docs/chaos-engineering.md index dbf89b33..e42199af 100644 --- a/docs/chaos-engineering.md +++ b/docs/chaos-engineering.md @@ -10,10 +10,11 @@ - [==dzone: How to Pinpoint and Fix Distributed Problems Across Microservices==](https://dzone.com/articles/how-to-pinpoint-and-fix-distributed-problems-acros) While logical separation of APIs fosters parallel development of independent functions, complexity and interdependency becomes harder to manage. - [thenewstack.io: Why Chaos Engineering Isn’t Just for Operations](https://thenewstack.io/why-chaos-engineering-isnt-just-for-operations/) - [medium.com/adidoescode: Chaos Engineering: How simulating adversity can help build eCommerce Resilience](https://medium.com/adidoescode/chaos-engineering-how-simulating-adversity-can-help-build-ecommerce-resilience-4a799c8912dc) +- [opsmx.com: What is Chaos Engineering?](https://www.opsmx.com/blog/what-is-chaos-engineering/) ## Chaos Engineering for kubernetes/Openshift * [reddit: Help with Kube Monkey setup](https://www.reddit.com/r/openshift/comments/e1j5qzrbac_for_container_access_to_destroy_other/) -* [GitHub: kube-monkey](https://github.com/asobti/kube-monkey) +* [GitHub: kube-monkey](https://github.com/asobti/kube-monkey) An implementation of Netflix's Chaos Monkey for Kubernetes clusters * [GitHub: monkey-ops, Openshift compliant, no cluster-admin required](https://github.comjoshmsmith/monkey-ops) * [chaoskube periodically kills random pods in your Kubernetes cluster](https://github.com/linkichaoskube) * [Chaos Mesh](https://github.com/pingcap/chaos-mesh) @@ -45,6 +46,7 @@ * [medium.com/better-practices: Learn how your Kubernetes clusters respond to failure using Gremlin and Grafana](https://medium.com/better-practices/chaos-d3ef238ec328) Building resilient APIs with chaos engineering * [Chaos engineering on Amazon EKS using AWS Fault Injection Simulator](https://aws.amazon.com/blogs/devops/chaos-engineering-on-amazon-eks-using-aws-fault-injection-simulator/) * [aws.amazon.com: Chaos Engineering with LitmusChaos on Amazon EKS](https://aws.amazon.com/blogs/containers/chaos-engineering-with-litmuschaos-on-amazon-eks/) In this tutorial, you will create an Amazon EKS cluster, install LitmusChaos and deploy a demo application. Then, you will define chaos experiments to be run on it and observe the behaviour +* [blog.container-solutions.com: Comparing Chaos Engineering Tools for Kubernetes Workloads](https://blog.container-solutions.com/comparing-chaos-engineering-tools) How do Chaos Toolkit, Pumba, Litmus, and Chaos Mesh stack up against each other as chaos engineering tools for Kubernetes workloads? In this article, you will compare strengths and weaknesses. ## Chaos Engineering for serverless computing * [thenewstack.io: Breaking Serverless on Purpose with Chaos Engineering](https://thenewstack.io/breaking-serverless-on-purpose-with-chaos-engineering/) diff --git a/docs/cheatsheets.md b/docs/cheatsheets.md index 056ad1d8..99ae3618 100644 --- a/docs/cheatsheets.md +++ b/docs/cheatsheets.md @@ -1,5 +1,6 @@ # Cheat Sheets - [Cheat Sheets](#cheat-sheets) +- [Networking](#networking) - [Google Search](#google-search) - [Bash Shell](#bash-shell) - [AWS Cheat Sheets](#aws-cheat-sheets) @@ -58,9 +59,9 @@ - [Selenium](#selenium) - [RPA](#rpa) - [Data Science](#data-science) -- [CIDR subnets](#cidr-subnets) - [Scrum Cheat Sheet](#scrum-cheat-sheet) - [Images](#images) +- [Tweets](#tweets) ## Cheat Sheets * [wizardzines.com 🌟](https://wizardzines.com/) programming zines by Julia Evans @@ -82,6 +83,10 @@ - [bash.cyberciti.biz: Man command](https://bash.cyberciti.biz/guide/Man_command) - [opensource.com: Linux logrotate cheat sheet](https://opensource.com/downloads/logrotate-cheat-sheet) - [manz.dev/cheatsheets](https://manz.dev/cheatsheets) +- [crontab.guru 🌟](https://crontab.guru) The quick and simple editor for cron schedule + +## Networking +- [Networking Cheat Sheet](networking.md) ## Google Search - [wikipedia: Google Search](https://en.wikipedia.org/wiki/Google_Search) @@ -98,6 +103,7 @@ - [intellipaat.com: AWS Cheat Sheet 🌟](https://intellipaat.com/blog/tutorial/amazon-web-services-aws-tutorial/aws-cheat-sheet/) - [tutorialsdojo.com: AWS Cheat Sheets 🌟](https://tutorialsdojo.com/links-to-all-aws-cheat-sheets/) - [igoroseledko.com: AWS CLI Cheat Sheet](https://www.igoroseledko.com/aws-cli-cheat-sheet/) +- [==docs.aws.amazon.com: Actions, resources, and condition keys for AWS services== 🌟🌟🌟](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) There's a Reference for all 𝗜𝗔𝗠 𝗔𝗰𝘁𝗶𝗼𝗻𝘀, 𝗿𝗲𝘀𝗼𝘂𝗿𝗰𝗲𝘀, 𝗮𝗻𝗱 𝗰𝗼𝗻𝗱𝗶𝘁𝗶𝗼𝗻 𝗸𝗲𝘆𝘀 𝗳𝗼𝗿 𝗮𝗹𝗹 𝗔𝗪𝗦 𝘀𝗲𝗿𝘃𝗶𝗰𝗲𝘀 🔐 Bookmark it! 🔖 ## Google Cloud Cheat Sheets - [The Google Cloud Developer's Cheat Sheet 🌟](https://github.com/priyankavergadia/google-cloud-4-words) @@ -176,6 +182,10 @@ * `kubectl delete` * `kubectl --help` * [betterprogramming.pub: Kubectl Commands All Beginners Must Know](https://betterprogramming.pub/kubectl-commands-all-beginners-must-know-e504349fcec9) Control Kubernetes Cluster like a Pro +* [medium.com/@devopsfolks8546: Kubectl Commands Cheat Sheet. List Of Kubernetes Most Useful Commands](https://medium.com/@devopsfolks8546/1-pods-c3d1a9349ba0) +* [faun.pub: Kubernetes Commands for Deployment and Management](https://faun.pub/kubernetes-commands-for-deployment-and-management-e10a74c95015) +* [learncloudnative.com: Kubernetes CLI (kubectl) tips you didn't know about](https://learncloudnative.com/blog/2022-05-10-kubectl-tips) +* [cloudtechtwitter.com: kubernetes common commands](https://www.cloudtechtwitter.com/2022/05/kubernetes-common-commands.html) ## Kubernetes Kustomize Cheat Sheet - [itnext.io: Kubernetes Kustomize Cheat Sheet](https://itnext.io/kubernetes-kustomize-cheat-sheet-8e2d31b74d8f) @@ -234,7 +244,7 @@ * [rogerdudler.github.io: git cheat sheet pdf](https://rogerdudler.github.io/git-guide/files/git_cheat_sheet.pdf) * [towardsdatascience.com: 18 Git Commands I Learned During My First Year as a Software Developer](https://towardsdatascience.com/git-commands-cheat-sheet-software-developer-54f6aedc1c46) * [dzone: Top 35 Git Commands With Examples 🌟](https://dzone.com/articles/top-35-git-commands-with-examples-and-bonus) Git commands are essential, and they help to manage your source code effectively. In this guide, you will learn Git commands from Beginners to Advanced level. -* [gitexplorer.com: Git Command Explorer 🌟](https://gitexplorer.com/) Find the right commands you need without digging through the web. +* [==gitexplorer.com: Git Command Explorer== 🌟🌟](https://gitexplorer.com/) Find the right commands you need without digging through the web. * [justingarrison.com: GitHub URL Hacks 🌟](https://www.justingarrison.com/blog/2021-07-11-github-url-hacks/) GitHub’s UI has improved a lot over the years but sometimes you just need quick access without clicking. Here are a few GitHub URL tips to get you data you want faster. One cool thing is all of these tips give raw text output so they work great with curl and other CLI tools. * [dev.to: Git it Right🔥🔥🚀(Git CheatSheet) 🌟](https://dev.to/star_trooper/git-it-right-git-cheatsheet-4o0h) * [jan-krueger.net: Git cheat sheet, extended edition](https://jan-krueger.net/git-cheat-sheet-extended-edition) @@ -248,6 +258,8 @@ * [enlear.academy: 20 Git Commands Every Developer Should Know](https://enlear.academy/26-git-command-i-use-all-the-time-cheatsheet-6c5682ded2af) 20 Git Command I Use All The Time — Git CheatSheet * [freecodecamp.org: Git Cheat Sheet – 50 Git Commands You Should Know](https://www.freecodecamp.org/news/git-cheat-sheet/) * [==opensource.com: 10 Git tips we can't live without==](https://opensource.com/article/22/4/git-tips) Opensource.com community members share their favorite Git tips for saving time or preventing mistakes. +* Terminal tip: Always use `less -R` to display colored terminal output properly: `git diff --color=always | less -R` +* [betterprogramming.pub: 8 Advanced Git Commands Universities Won’t Teach You](https://betterprogramming.pub/8-advanced-git-commands-university-wont-teach-you-fe63b483d34b) Advanced tips and tricks that will save you time and headaches. ### Git Flow Cheat Sheets * [Git-flow cheatsheet](https://danielkummer.github.io/git-flow-cheatsheet/index.html) @@ -460,20 +472,6 @@ ## Data Science - [kdnuggets.com: The Complete Collection of Data Science Cheat Sheets – Part 1](https://www.kdnuggets.com/2022/02/complete-collection-data-science-cheat-sheets-part-1.html) A collection of cheat sheets that will help you prepare for a technical interview, assessment tests, class presentation, and help you revise core data science concepts. - [kdnuggets.com: The Complete Collection of Data Science Cheat Sheets – Part 2](https://www.kdnuggets.com/2022/02/complete-collection-data-science-cheat-sheets-part-2.html) A collection of cheat sheets that will help you prepare for a technical interview on Data Structures & Algorithms, Machine learning, Deep Learning, Natural Language Processing, Data Engineering, Web Frameworks. -## CIDR subnets -- [==cidr.xyz== 🌟](https://cidr.xyz) An interactive IP address and CIDR range visualizer -- https://en.wikipedia.org/wiki/Classful_network -- [gist.github.com: chadmcrowell/cidr.sh 🌟](https://gist.github.com/chadmcrowell/f3fc3be2ca1fcb887034162c14d77e74) -- [pbxbook.com: CIDR Cheat Sheet](https://pbxbook.com/other/cidrcheat.html) -- [aelius.com: subnet sheet](https://www.aelius.com/njh/subnet_sheet.html) -- [networkproguide.com: CIDR Subnet Mask Cheat Sheet](https://networkproguide.com/cidr-subnet-mask-ipv4-cheat-sheet/) -- [wisc.edu: CIDR Conversion Table](https://kb.wisc.edu/ns/page.php?id=3493) -- [dzone: What Is CIDR (Classless Inter-Domain Routing) ](https://dzone.com/articles/what-is-cidr-classless-inter-domain-routing-in-mul) -- [==opensource.com: A Linux networking guide to CIDR notation and configuration - sipcalc== 🌟](https://opensource.com/article/16/12/cidr-network-notation-configuration-linux) -- [cyberciti.biz: Linux: IP Subnet (CIDR) Calculator That Will Help You With Network Settings](https://www.cyberciti.biz/faq/linux-subnet-calculator-cidr/) -- [cyberciti.biz: Linux Calculating Subnets with ipcalc and sipcalc Utilities](https://www.cyberciti.biz/tips/perform-simple-manipulation-of-ip-addresse.html) -- [tecmint.com: How to Calculate IP Subnet Address with ipcalc Tool](https://www.tecmint.com/calculate-ip-subnet-address-with-ipcalc-tool/) -- [awesomeopensource.com: The Top 110 Cidr Open Source Projects on Github 🌟](https://awesomeopensource.com/projects/cidr) ## Scrum Cheat Sheet - [dzone: Scrum refcard](https://dzone.com/refcardz/scrum) @@ -488,3 +486,13 @@ [![url cheatsheet](images/url_cheatsheet.jfif)](https://twitter.com/_georgemoller) +## Tweets +??? note "Click to expand!" + +

Best of HTTP Cheat Sheet#infosec #cybersecurity #pentesting #oscp #informationsecurity #hacking #cissp #redteam #technology #DataSecurity #CyberSec #Hackers #tools #bugbountytips #Linux #websecurity #Network #NetworkSecurity #cybersecurityawareness pic.twitter.com/KoxbnH06JB

— Shubham Sharma (@Shubham_pen) June 18, 2022
+ +

PowerShell cheatsheet#devops #devsecops #kubernetes #cicd #k8s #linux #docker #sysadmin #automation #technology #cloudcomputing #serverless #windows #powershell pic.twitter.com/zljv4ikFp3

— Valdemar (@heyValdemar) June 27, 2022
+ +

Cron cheatsheet#devops #devsecops #kubernetes #cicd #k8s #linux #docker #sysadmin #automation #technology #cloudcomputing #serverless #cron #crontab pic.twitter.com/ECiUvYU938

— Valdemar (@heyValdemar) July 9, 2022
+ +

#Python Cheat Sheet #MachineLearning #DataScience #SQL #Cybersecurity #BigData #Analytics #AI #IIoT #RStats #TensorFlow #JavaScript #ReactJS #CloudComputing #Serverless #DataScientist #Linux #Programming #Coding #100DaysofCode #NodeJS #golang #NLP #GitHub #IoT #MLOps #blockchain pic.twitter.com/XKjrAnWL2Y

— Sushant Singh (@Nostalgicbrain0) July 16, 2022
\ No newline at end of file diff --git a/docs/cloud-arch-diagrams.md b/docs/cloud-arch-diagrams.md index 54ffb8d8..6ca1eed7 100644 --- a/docs/cloud-arch-diagrams.md +++ b/docs/cloud-arch-diagrams.md @@ -8,6 +8,7 @@ ## Introduction - [betterprogramming.pub: Solutions Architect Tips — The 5 Types of Architecture Diagrams](https://betterprogramming.pub/solutions-architect-tips-the-5-types-of-architecture-diagrams-eb0c11996f9e) The flow, service, persona, infrastructure, and developer diagram - [alibabacloud.com: How to Create an Effective Technical Architectural Diagram?](https://www.alibabacloud.com/blog/how-to-create-an-effective-technical-architectural-diagram_596100) +- [learningdaily.dev: Software architecture diagramming and patterns](https://learningdaily.dev/software-architecture-diagramming-and-patterns-7d38999e7a12) ## MultiCloud - [CloudSkew](https://www.cloudskew.com/) Free AWS, Azure, GCP, Kubernetes Architecture Diagram Tool - [diagrams.net](https://www.diagrams.net/) Diagram with anyone, anywhere. Open source, online, desktop and container deployable diagramming software. @@ -22,11 +23,15 @@ - [autodraw.com](https://www.autodraw.com/) Fast drawing for everyone. AutoDraw pairs machine learning with drawings from talented artists to help you draw stuff fast. - [redhat.com: Try these 5 diagramming tools for network architecture](https://www.redhat.com/architect/diagramming-tools-network-architecture) - [redhat.com: Design professional enterprise architecture diagrams with this open source tool (diagrams.net)](https://www.redhat.com/architect/design-enterprise-architecture-diagrams) Walk step-by-step through creating enterprise architecture diagrams like an expert in this DevConf workshop. +- [kubernetes.io: Diagram Guide - Mermaid JavaScript library 🌟](https://kubernetes.io/docs/contribute/style/diagram-guide/) +- [mingrammer/diagrams](https://github.com/mingrammer/diagrams) 🎨 Diagram as Code for prototyping cloud system architectures + - [navveenbalani.dev: Code To Custom Cloud Architecture Diagrams](https://navveenbalani.dev/index.php/articles/code-to-custom-cloud-architecture-diagrams/) ## Architecture Icons - [AWS Architecture Icons](https://aws.amazon.com/architecture/icons/) - [Azure Architecture Icons](https://docs.microsoft.com/en-us/azure/architecture/icons/) - [thomasmaurer.ch: Download New Azure Architecture Icons now!](https://www.thomasmaurer.ch/2020/07/download-new-azure-architecture-icons-now/) - [Google Cloud Architecture Icons](https://cloud.google.com/icons) +- [aquasecurity/cloudsec-icons](https://github.com/aquasecurity/cloudsec-icons) A collection of cloud security icons ☁️🔒 ## AWS - [AWS Architecture Icons](https://aws.amazon.com/architecture/icons/) The official AWS icon set for building architecture diagrams diff --git a/docs/container-managers.md b/docs/container-managers.md index 5a7d5155..cde373df 100644 --- a/docs/container-managers.md +++ b/docs/container-managers.md @@ -101,12 +101,14 @@ - Here's how I stop all containers before: 🐳 `docker stop $(docker ps -aq)` - Here's how I stop/remove all containers with podman: `podman stop -a; podman rm -a` - [medium.com/@raghavendraguttur: Podman Containers — Beginner’s Guide](https://medium.com/@raghavendraguttur/podman-containers-beginners-guide-830b931e66f4) In this article, you will learn about Podman — an open-source tool for managing containers, images, volumes, and pods (group of containers). You will also compare it to buildah and skopeo. +- [nilesh93.medium.com: Replacing Docker Desktop with Podman and Kind in MacOS](https://nilesh93.medium.com/replacing-docker-desktop-with-podman-and-kind-in-macos-c750581a3fda) #### Containers In High Security Environments with Podman - [Build trusted pipelines/Guards with Podman containers](https://www.redhat.com/en/blog/using-container-technology-make-trusted-pipeline) Container technology makes develoment easier/cheaper & much more secure. SELinux,SECCOMP,Namespaces,Dropped Capabilities. ## Container Images - [sherifabdlnaby/kubephp](https://github.com/sherifabdlnaby/kubephp) 🐳 Production Grade, Rootless, and Optimized PHP Container Image Template for Cloud-Native Deployments and Kubernetes. +- [iximiuz.com: In Pursuit of Better Container Images: Alpine, Distroless, Apko, Chisel, DockerSlim, oh my!](https://iximiuz.com/en/posts/containers-making-images-better/) ### Red Hat Universal Base Image - [Introducing the Red Hat Universal Base Image 🌟](https://www.redhat.com/en/blog/introducing-red-hat-universal-base-image) - [What is Red Hat Universal Base Image?](https://developers.redhat.com/blog/2019/10/09/what-is-red-hat-universal-base-image/) @@ -119,6 +121,7 @@ - [Say “Hello” to Buildah, Podman, and Skopeo. New Generation of Container Management Tools](https://servicesblog.redhat.com/2019/10/09/say-hello-to-buildah-podman-and-skopeo/) - [How to use the --privileged flag with container engines](https://www.redhat.com/sysadmin/privileged-flag-container-engines) Let's take a deep dive into what the --privileged flag does for container engines such as Podman, Docker, and Buildah. - [itnext.io: Docker, Kaniko, Buildah](https://itnext.io/docker-kaniko-buildah-209abdde5f94) Different ways to build container images +- [blog.kubesimplify.com: Getting started with ko: A fast container image builder for your Go applications](https://blog.kubesimplify.com/getting-started-with-ko-a-fast-container-image-builder-for-your-go-applications) ### Buildah - [Buildah.io](https://buildah.io/) A tool that facilitates building [Open Container Initiative (OCI)](https://www.opencontainers.org/) container images diff --git a/docs/crossplane.md b/docs/crossplane.md index 46ee74de..da11c1ca 100644 --- a/docs/crossplane.md +++ b/docs/crossplane.md @@ -14,6 +14,7 @@ - [itnext.io: Why do developers find Kubernetes so hard?](https://itnext.io/why-do-developers-find-kubernetes-hard-6532e8d6ce7f) And how can Crossplane Kubernetes Provider help - [faun.pub: Defining Infrastructure Declaratively with Crossplane](https://faun.pub/defining-infrastructure-declaratively-with-crossplane-eb9e0a98ae38) - [itnext.io: GitOpsify Cloud Infrastructure with Crossplane and Flux](https://itnext.io/gitopsify-cloud-infrastructure-with-crossplane-and-flux-d605d3043452) In this article, we are going to learn how to automate the provisioning of cloud resources via Crossplane and combine it with GitOps practices. +- [symphony.is: Crossplane - The New Kid in Town](https://symphony.is/blog/crossplane---the-new-kid-in-town-) ## Demo. YAML Your Cloud. Managing Cloud-Hosted Resources from Kubernetes - Very cool talk from @askmeegs and @shabirmean with an insightful look into the tools for managing cloud resources from Kubernetes. Great demonstration of @crossplane_io spanning your control plane across multiple clouds. diff --git a/docs/customer.md b/docs/customer.md index 72c8ff38..2cbdc4c4 100644 --- a/docs/customer.md +++ b/docs/customer.md @@ -1,12 +1,15 @@ # Customer Success Stories. Cloud Native Projects - [BMW IT-Zentrum (Munich)](#bmw-it-zentrum-munich) - - [BMW ConnectedDrive and OpenShift](#bmw-connecteddrive-and-openshift) - - [BMW InnovationLab](#bmw-innovationlab) + - [BMW ConnectedDrive and OpenShift](#bmw-connecteddrive-and-openshift) + - [BMW InnovationLab](#bmw-innovationlab) - [Audi](#audi) - [Volkswagen](#volkswagen) +- [Mercedes Benz](#mercedes-benz) - [Carrefour Spain](#carrefour-spain) - [Decathlon](#decathlon) - [Deutsche Telekom](#deutsche-telekom) +- [AstraZeneca](#astrazeneca) +- [AI for Medical Imaging](#ai-for-medical-imaging) - [Videos](#videos) ## BMW IT-Zentrum (Munich) @@ -45,6 +48,12 @@ ## Volkswagen - [redhat.com: The Volkswagen Group builds automated testing environment](https://www.redhat.com/en/success-stories/the-volkswagen-group) +## Mercedes Benz +- [infoworld.com: Why Mercedes-Benz runs on 900 Kubernetes clusters](https://www.infoworld.com/article/3664052/why-mercedes-benz-runs-on-900-kubernetes-clusters.html) The German automaker runs a massive fleet of Kubernetes clusters to support a wide range of project teams around the world. ‘For us, managing Kubernetes is not that hard.’ +- [github.com/mercedes-benz](https://github.com/mercedes-benz) +- [genbeta.com: El software de los coches de Mercedes contiene código abierto y en vez de distribuirlo en GitHub usan un CD](https://www.genbeta.com/desarrollo/software-coches-mercedes-contiene-codigo-abierto-vez-distribuirlo-github-usan-cd) +- [youtube: Keynote: 7 Years of Running Kubernetes for Mercedes-Benz - Jens Erat, Peter Mueller, Sabine Wolz](https://www.youtube.com/watch?v=UmbjwSK9b3I) + ## Carrefour Spain - [Efficient Java in the cloud with Quarkus. Carrefour Spain’s test: Quarkus vs. Spring Boot](https://horizons.carrefour.com/efficient-java-in-the-cloud-with-quarkus) "This move will help our applications to become scalable, real time, resilient and, all in all, provide a better experience to our customers" @@ -54,6 +63,12 @@ ## Deutsche Telekom - [thenewstack.io: How Deutsche Telekom Manages Edge Infrastructure with GitOps](https://thenewstack.io/how-deutsche-telekom-manages-edge-infrastructure-with-gitops/) +## AstraZeneca +- [aws.amazon.com: AstraZeneca’s Drug Design Program Built using AWS wins Innovation Award](https://aws.amazon.com/blogs/industries/astrazenecas-drug-design-program-built-using-aws-wins-innovation-award/) + +## AI for Medical Imaging +- [healthitanalytics.com: AI for Medical Imaging Boosts Cancer Screenings with Provider Aid](https://healthitanalytics.com/news/ai-for-medical-imaging-boosts-cancer-screenings-with-provider-aid) + ## Videos
Click to expand! @@ -70,6 +85,8 @@ + +
\ No newline at end of file diff --git a/docs/databases.md b/docs/databases.md index 2ccff01b..33e74a42 100644 --- a/docs/databases.md +++ b/docs/databases.md @@ -75,6 +75,9 @@ * [==betterprogramming.pub: Multi-Tenancy Support With Spring Boot, Liquibase, and PostgreSQL==](https://betterprogramming.pub/multi-tenancy-support-with-spring-boot-liquibase-and-postgresql-d41942dc0639) A step-by-step guide on how to implement multi-tenancy. * [==thenewstack.io: How Kubernetes and Database Operators Drive the Data Revolution==](https://thenewstack.io/how-kubernetes-and-database-operators-drive-the-data-revolution/) * [thenewstack.io: How Radical API Design Changed the Way We Access Databases](https://thenewstack.io/how-radical-api-design-changed-the-way-we-access-databases/) +* [==architecturenotes.co: Things You Should Know About Databases==](https://architecturenotes.co/things-you-should-know-about-databases/) This is the first post in a series called Things You Should Know. Think of it as a primer to level set from base principles on various topics. Today we are discussing databases! +* [vladmihalcea.com: A beginner’s guide to database multitenancy](https://vladmihalcea.com/database-multitenancy/) +* [itnext.io: How to Run Databases in Kubernetes](https://itnext.io/stateful-workloads-in-kubernetes-e49b56a5959) 90% of the customers believe it is ready for stateful workloads, and a large majority (70%) are running them in production with databases topping the list. Companies report significant benefits to standardization, consistency, and management as key drivers. ## How to choose the right database for your service * [medium.com: How to choose the right database for your service 🌟](https://medium.com/wix-engineering/how-to-choose-the-right-database-for-your-service-97b1670c5632) @@ -226,6 +229,9 @@ - [dev.to: REST Data Service on YugabyteDB / PostgreSQL](https://dev.to/yugabyte/rest-data-service-on-yugabytedb-postgresql-5f2h) - [==orgrim/pg_back: Simple backup tool for PostgreSQL==](https://github.com/orgrim/pg_back) pg_back dumps databases from PostgreSQL - [sqlrevisited.blogspot.com: MySQL vs PostgreSQL? Pros and Cons](https://sqlrevisited.blogspot.com/2022/03/mysql-vs-postgresql-pros-and-cons.html) +- [==adamtheautomator.com: How to Deploy Postgres to Kubernetes== 🌟](https://adamtheautomator.com/postgres-to-kubernetes/) In this step-by-step tutorial, you will learn how to securely deploy Postgres to Kubernetes using two methods: + - Helm charts + - YAML configurations ## Percona MySQL - [Percona.com: Percona Kubernetes Operator for Percona XtraDB Cluster](https://www.percona.com/doc/kubernetes-operator-for-pxc/index.html) @@ -262,6 +268,8 @@ ## Tools - [SHMIG](https://github.com/mbucc/shmig) A database migration tool written in BASH consisting of just one file - shmig. - [DATA-DOG/go-sqlmock](https://github.com/DATA-DOG/go-sqlmock) Sql mock driver for golang to test database interactions +- [datafold/data-diff](https://github.com/datafold/data-diff/) Efficiently diff rows across two different databases. +- [medium.com/@nomulex: How to create an ssh tunnel to a remote database in Kubernetes 🌟](https://medium.com/@nomulex/how-to-create-an-ssh-tunnel-to-a-remote-database-in-kubernetes-8e702e927328) ## Time-Series Database - [thenewstack.io: You Don’t Need a Blockchain, You Need a Time-Series Database](https://thenewstack.io/you-dont-need-a-blockchain-you-need-a-time-series-database/) diff --git a/docs/demos.md b/docs/demos.md index 039f3f0b..74b58b3f 100644 --- a/docs/demos.md +++ b/docs/demos.md @@ -115,7 +115,7 @@ * [towardsdatascience.com: Developing and Deploying a COMPLETE Project Using FastAPI, Jinja2, SQLAlchemy, Docker, and AWS](https://towardsdatascience.com/developing-and-deploying-a-complete-project-using-fastapi-jinja2-sqlalchemy-docker-and-aws-1b504a1a2be4) * [dzone: Docker Image Tutorial](https://dzone.com/articles/docker-image-tutorial) In this tutorial, see how to build and run a Docker image using Python code examples. * [linuxtechlab.com: How to create a Dockerfile with some dockerfile examples](https://linuxtechlab.com/learn-create-dockerfile-example/) -* [bregman-arie/devops-exercises 🌟](https://github.com/bregman-arie/devops-exercises) This repo contains questions and exercises on various technical topics, sometimes related to DevOps and SRE. Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions +* [bregman-arie/devops-exercises 🌟](https://github.com/bregman-arie/devops-exercises) This repo contains questions and exercises on various technical topics related to DevOps and SRE. Linux, Jenkins, AWS, Cloud, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, OpenShift, Big Data, Databases, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization, DevOps Interview Questions. * [jose-r-lopez/SSI_Materials](https://github.com/jose-r-lopez/SSI_Materials) A bunch of infrastructure automation scripts we use in our course, in case you find them useful! * [dzone: DIY DevOps, CI, and CD with GitHub, Docker and a VPS](https://dzone.com/articles/diy-devops-ci-and-cd-with-github-docker-and-a-vps) Azure and AWS is insanely cool until you look at your invoice and realise that what you're paying for can easily be replicated for 2% of your current cloud costs. @@ -402,6 +402,7 @@ - [blog.argoproj.io: Introducing the AppSource Controller for ArgoCD](https://blog.argoproj.io/introducing-the-appsource-controller-for-argocd-52f21d28d643) - [==piotrminkowski.com: Continuous Delivery on Kubernetes with Database using ArgoCD and Liquibase==](https://piotrminkowski.com/2021/12/13/continuous-delivery-on-kubernetes-with-database-using-argocd-and-liquibase/) - [medium.com/adaltas: GitOps in practice, deploy Kubernetes applications with ArgoCD](https://medium.com/adaltas/gitops-in-practice-deploy-kubernetes-applications-with-argocd-ca170ce8aba3) +- [gokuldevops.medium.com: Argo CD-Sample app deployment](https://gokuldevops.medium.com/argo-cdsample-app-deployment-56b36601f279) Argo CD one of the most popular continues deployment tools used in Kubernetes. It is very simple to use and quite powerful. Personally, it is the first tool in my mind when I think of Kubernetes GitOps. ### GitLab Pipelines on OpenShift - [openshift.com: Building GitLab Pipelines on OpenShift](https://www.openshift.com/blog/building-openshift-pipelines-with-gitlab) @@ -675,6 +676,9 @@ Grab them from here: [awesome-kubernetes/scripts](https://github.com/nubenetes/a - [dzone.com: From Spring Boot Microservices to Lambda Functions 🌟🌟](https://dzone.com/articles/from-java-microservices-to-lambda-functions-a-jour) Get your microservices where they need to be. - [==AdminTurnedDevOps/DevOps-The-Hard-Way-AWS==](https://github.com/AdminTurnedDevOps/DevOps-The-Hard-Way-AWS) **This repository contains free labs for setting up an entire workflow and DevOps environment from a real-world perspective in AWS** - [==medium.com/@adrianarba: CI/CD defined through terraform using AWS CodePipeline, AWS CodeCommit, and AWS CodeBuild==](https://medium.com/@adrianarba/ci-cd-defined-through-terraform-using-aws-codepipeline-aws-codecommit-and-aws-codebuild-12ade4d9cfa3) +- [faun.pub: Using AWS Session Manager With Ansible To Execute Playbook On EC2](https://faun.pub/using-aws-session-manager-with-ansible-to-execute-playbook-on-ec2-ac97fa17b187) In this post, we’ll see how we can use AWS Session Manager instead of SSH to connect to an EC2 instance and execute a playboook. +- [betterprogramming.pub: Build a Cloud-Native Multiprocessing Framework](https://betterprogramming.pub/build-a-cloud-native-multiprocessing-framework-b33cfc2c02b9) How to convert a local multiprocessing framework to the cloud +- [github.com/aws-samples: Guide to Resource Tagging Automation](https://github.com/aws-samples/resource-tagging-automation) A Lambda function for Resource Tagging Automation ## Azure Samples - [github.com/Azure-Samples 🌟](https://github.com/Azure-Samples) Microsoft Azure code samples and examples in .NET, Java, Python, Node.js, PHP and Ruby @@ -762,6 +766,8 @@ Grab them from here: [awesome-kubernetes/scripts](https://github.com/nubenetes/a - [betterprogramming.pub: Automate and Configure Your RDS Database With Terraform 🌟](https://betterprogramming.pub/automate-and-configure-your-rds-database-with-terraform-898fd4b8990d) Execute post-deployment scripts based on your needs - [middlewareinventory.com: Terraform Create Multiple EC2 with different Configs – for_each and count together](https://www.middlewareinventory.com/blog/terraform-create-multiple-ec2-different-config/) - [the-tech-guy.in: Automating LAMP deployment using Terraform and Ansible](https://the-tech-guy.in/2022/03/08/automating-lamp-config-using-terraform-and-ansible/) +- [betterprogramming.pub: All Hail the Monolith — Celebrating the Verbosity of the Unified Architecture in Terraform](https://betterprogramming.pub/all-hail-the-monolith-celebrating-the-verbosity-of-the-unified-architecture-in-terraform-81b53e3a03ae) +- [faun.pub: AWS ECS Blue/Green Deployment Setup Using Terraform](https://faun.pub/aws-ecs-blue-green-deployment-setup-using-terraform-b56bb4f656ea) ## Prometheus and Grafana - [docker-compose-tpg: Telegraf + Prometheus + Grafana Local Testing Environments](https://github.com/xiaopeng163/docker-compose-tpg) Setup learning environment for Telegraf, Prometheus and Grafana with docker-compose. (include SNMP simulators). diff --git a/docs/devel-sites.md b/docs/devel-sites.md index a546ee8c..9f849123 100644 --- a/docs/devel-sites.md +++ b/docs/devel-sites.md @@ -7,6 +7,7 @@ - [Supabase Studio. An alternative to Firebase](#supabase-studio-an-alternative-to-firebase) - [Ballerina](#ballerina) - [Red Hat Software Collections and Red Hat Developer Toolset](#red-hat-software-collections-and-red-hat-developer-toolset) + - [Dhall Configuration Language](#dhall-configuration-language) - [AI Programming](#ai-programming) - [No code tools](#no-code-tools) - [Images](#images) @@ -73,9 +74,14 @@ - [developers.redhat.com: ==Red Hat Developer Toolset==](https://developers.redhat.com/products/developertoolset/overview) - [developers.redhat.com: Red Hat Software Collections 3.8 and Red Hat Developer Toolset 11 now generally available](https://developers.redhat.com/articles/2021/11/15/red-hat-software-collections-38-and-red-hat-developer-toolset-11-now-generally) +### Dhall Configuration Language +- [dhall-lang.org: Dhall Configuration Language](https://dhall-lang.org/) - Dhall is a programmable configuration language that you can think of as: JSON + functions + types + imports +- https://github.com/dhall-lang/dhall-kubernetes Typecheck, template and modularize your Kubernetes definitions with Dhall + ## AI Programming - [GitHub Copilot](https://copilot.github.com/) - [Amazon CodeGuru Reviewer](https://aws.amazon.com/codeguru/) +- [Amazon CodeWhisperer](https://aws.amazon.com/codewhisperer/) Amazon CodeWhisperer is a machine learning (ML)–powered service that helps improve developer productivity by generating code recommendations based on developers’ comments in natural language and their code in the integrated development environment (IDE). During preview, CodeWhisperer is available for Java, JavaScript, and Python programming languages. The service integrates with multiple IDEs, including JetBrains (IntelliJ, PyCharm, and WebStorm), Visual Studio Code, AWS Cloud9, and the AWS Lambda console. ## No code tools - [makerpad.co: The top 15 no-code tools and apps (2021)](https://www.makerpad.co/blog/the-top-15-no-code-tools-and-apps-2021) @@ -111,5 +117,7 @@

You are never too senior to write code. I only laugh at people who believe they are too good to write any code as a software engineer.

— Jaana Dogan ヤナ ドガン (@rakyll) March 24, 2022

🧵 The Ultimate TypeScript Thread 🧵

Here's everything I've learned from leading TS dev teams and working on XState's core team.

My goal is to turn you into a TypeScript wizard.

And yes, this thread is EVERGREEN - I'll add at least 3 more tips a week 🚀

Let's get started.

— Matt Pocock (@mpocock1) April 1, 2022
+ +

100+ data structure algorithms problems
1. Array - https://t.co/tXqrvpJO3S
2. String - https://t.co/tXqrvpJO3S
3. Binary tree - https://t.co/fsi40ENQRL
4. Linked List - https://t.co/iuItMZrvTA
5. Dynamic Programming - https://t.co/qYKjmZseXr
6. Recursion - https://t.co/4R3eODO4iL pic.twitter.com/G8QLbYF2Y0

— javinpaul (@javinpaul) August 7, 2022
diff --git a/docs/developerportals.md b/docs/developerportals.md index b649c905..468c549e 100644 --- a/docs/developerportals.md +++ b/docs/developerportals.md @@ -36,6 +36,7 @@ - [ajay-yadav109458.medium.com: Concepts of API Gateway](https://ajay-yadav109458.medium.com/concepts-of-api-gateway-ac4993a0af44) - [blog.oliverjumpertz.dev: The 10 Most Valuable Lessons I Learned As A Developer](https://blog.oliverjumpertz.dev/the-10-most-valuable-lessons-i-learned-as-a-developer) - [genbeta.com: 32.000 desarrolladores responden sobre plataformas y lenguajes de programación: JavaScript, AWS, GitHub y Windows, los más usados](https://www.genbeta.com/desarrollo/32-000-desarrolladores-responden-plataformas-lenguajes-programacion-javascript-aws-github-windows-usados) +- [github.com/readme/guides: Functional Programming 101](https://github.com/readme/guides/functional-programming-basics) ## HTTPs for Developers - [howhttps.works](https://howhttps.works) diff --git a/docs/devops-tools.md b/docs/devops-tools.md index 7c90c047..71acbff0 100644 --- a/docs/devops-tools.md +++ b/docs/devops-tools.md @@ -2,7 +2,7 @@ - [Introduction](#introduction) - [Keptn](#keptn) - [Relay](#relay) -- [Devtron Labs](#devtron-labs) +- [Devtron. Tool integration platform for kubernetes](#devtron-tool-integration-platform-for-kubernetes) ## Introduction - These tools help you manage servers and deploy happier and more often with more confidence. @@ -33,6 +33,7 @@ - [clarusway.com: Top 21 DevOps Tools Of 2021 (Comprehensive Guide)](https://clarusway.com/top-21-devops-tools/) - [zigiwave.medium.com: Top 10 Tools your DevOps Teams Should Use in 2022](https://zigiwave.medium.com/top-10-tools-your-devops-teams-should-use-in-2022-569700f40426) - [faun.pub: Top 10 uncommon DevOps tools you should know](https://faun.pub/top-10-uncommon-devops-tools-you-should-know-f4f4464ec7f3) +- [medium.com/leapp-cloud: Top 10 uncommon DevOps tools you should know](https://medium.com/leapp-cloud/top-10-uncommon-devops-tools-you-should-know-91dadde9777e) ## Keptn - [Keptn](keptn.md) @@ -42,7 +43,8 @@ - Automation tools can learn a lot from the CI/CD and Serverless ecosystems. Relay by **PuppetLabs** leverages **Tekton** and **Knative** in an attempt to do just that. - [zdnet.com: Puppet introduces beta of cloud-native, event-driven DevOps program: Relay](https://www.zdnet.com/article/puppet-introduces-beta-of-cloud-native-event-driven-devops-program-relay/#ftag=RSSbaffb68) The open-source wants to expand DevOps to cover cloud and containers with its newest program. -## Devtron Labs +## Devtron. Tool integration platform for kubernetes - [Devtron](https://github.com/devtron-labs/devtron) is an Open Source End-to-End Software Delivery workflow for Kubernetes. - It leverages popular DevOps tools to provide a No-Code, ***Unified Heroku-like*** Experience for Kubernetes. - Integrations happen with existing Open-source systems like argocd, Argo workflow, Clair, hibernator, grafana, Prometheus, envoy, and many others and add capabilities on top of them to enable self serve for developers and DevOps. +- [blog.searce.com: Devtron: One-stop shop for all Kubernetes deployments](https://blog.searce.com/devtron-one-stop-shop-for-all-kubernetes-deployments-6f1c111a7ba1) diff --git a/docs/devops.md b/docs/devops.md index 63cfc145..115943ea 100644 --- a/docs/devops.md +++ b/docs/devops.md @@ -49,6 +49,9 @@ - [thenewstack.io: Automation Is No Silver Bullet: 3 Keys for Scaling Success](https://thenewstack.io/automation-is-no-silver-bullet-3-keys-for-scaling-success/) - [yourdevopsmentor.com: How to become a DevOps engineer – 5 easy steps](https://yourdevopsmentor.com/blog/how-to-become-a-devops-engineer/) - [devops.com: Why MTTR is a Vital Metric for DevOps Teams](https://devops.com/why-mttr-is-a-vital-metric-for-devops-teams/) +- [umbrellainfocare.com: Cloud and DevOps are Made for Each Other](https://www.umbrellainfocare.com/blogs/cloud-and-devops-are-made-for-each-other) +- [guru99.com: DevOps Lifecycle: Different Phases Explained with Examples 🌟](https://www.guru99.com/devops-lifecycle.html) +- [linkedin.com/pulse: Is DevOps just system administration repackaged?](https://www.linkedin.com/pulse/devops-just-system-administration-repackaged-gianluca-mascolo/) ## Automation Glossary - [Red Hat automation glossary 🌟](https://www.redhat.com/en/blog/red-hat-automation-glossary) @@ -108,6 +111,7 @@ ### Drift Detection Tools - [env0.com: Automated Drift Detection 🌟](https://www.env0.com/blog/automated-drift-detection-with-env0) env0 is enabling the ability to automatically detect drift and make sure your real-world resources in the cloud provider are aligned with your Infrastructure as Code files. env0 will alert you once a drift has been detected and gives you the ability to view and fix the drift, which can help mitigate one of the main challenges when using Infrastructure as Code! +- [thenewstack.io: How Drift Detection and IaC Help Maintain a Secure Infrastructure ](https://thenewstack.io/how-drift-detection-and-iac-help-maintain-a-secure-infrastructure) ## DevOps Docs {== @@ -254,6 +258,8 @@ * [calcalistech.com: “DevOps is a culture, it's not a job description”](https://www.calcalistech.com/ctechnews/article/s1mlpunf9) * [reviewnprep.com: DevOps Basics](https://reviewnprep.com/blog/devops-basics/) * [==dev.to: How I learn new technologies as a DevOps Engineer (without being overwhelmed 👏) | TechWorld with Nana==](https://dev.to/techworld_with_nana/how-i-learn-new-technologies-as-a-devops-engineer-without-being-overwhelmed--495e) +* [medium.com/@hunkarbozkurt: What is DevOps? How Was DevOps Derived?](https://medium.com/@hunkarbozkurt/what-is-devops-how-was-devops-derived-660ef47d42d6) +* [blog.devops.dev: Devops Best Practices for Continuous Delivery 🌟](https://blog.devops.dev/devops-best-practices-for-continuous-delivery-2f0ebbae65c6)
diff --git a/docs/devsecops.md b/docs/devsecops.md index 6c66c8ce..ca2dd5ea 100644 --- a/docs/devsecops.md +++ b/docs/devsecops.md @@ -3,6 +3,7 @@ - [Kubernetes Security Compliance Frameworks](#kubernetes-security-compliance-frameworks) - [Zero Trust Security](#zero-trust-security) - [Authentication and Authorization](#authentication-and-authorization) + - [OpenID Connect and OAuth 2.0](#openid-connect-and-oauth-20) - [Quality Gates](#quality-gates) - [16 Gates](#16-gates) - [Kubernetes Threat Modelling](#kubernetes-threat-modelling) @@ -173,6 +174,18 @@ - Clusters - Containers - Code +- [sysdig.com: Triaging a Malicious Docker Container](https://sysdig.com/blog/triaging-malicious-docker-container/) Malicious Docker containers are a relatively new form of attack, taking advantage of an exposed Docker API or vulnerable host to do their evil plotting.​​ +- [blog.sonatype.com: Python Packages Upload Your AWS Keys, env vars, Secrets to the Web](https://blog.sonatype.com/python-packages-upload-your-aws-keys-env-vars-secrets-to-web) Last week, Sonatype discovered multiple Python packages that not only exfiltrate your secrets—AWS credentials and environment variables but rather upload these to a publicly exposed endpoint. These packages were discovered by Sonatype's automated malware detection system, offered as a part of Nexus platform products, including Nexus Firewall. +- [medium.com/@anshuman2121: DevSecOps: Implement security on CICD Pipeline](https://medium.com/@anshuman2121/devsecops-implement-security-on-cicd-pipeline-19eb7aa22626) +- [medium.com/@jonathan_37674: What have we learned from scanning over 10K Kubernetes Clusters? 🌟](https://medium.com/@jonathan_37674/what-have-we-learned-from-scanning-over-10k-kubernetes-clusters-b0ac6b250427) Plan ahead and fight for fight misconfiguration and vulnerabilities across the SDLC with **KubeScape**, OS security platform providing a multi-cloud K8s single pane of glass. +- [bleepingcomputer.com: Over 900,000 Kubernetes instances found exposed online](https://www.bleepingcomputer.com/news/security/over-900-000-kubernetes-instances-found-exposed-online/) + - Over 900,000 misconfigured Kubernetes clusters were found exposed on the internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. + - Kubernetes is a highly versatile open-source container orchestration system for hosting online services and managing containerized workloads via a uniform API interface. + - It enjoys massive adoption and growth rates thanks to its scalability, flexibility in multi-cloud environments, portability, cost, app development, and system deployment time reductions. + - If Kubernetes isn’t configured properly, remote actors might be able to access internal resources and private assets that weren’t meant to be made public. + - Additionally, depending on the configuration, intruders could sometimes escalate their privileges from containers to break isolation and pivot to host processes, granting them intial access to internal corporate networks for futher attacks. +- [sysdig.com: How to apply security at the source using GitOps | Eduardo Mínguez 🌟](https://sysdig.com/blog/gitops-iac-security-source/) +- [==medium.com/technology-hits: Incomplete Guide for Securing Containerized Environment== 🌟](https://medium.com/technology-hits/incomplete-guide-for-securing-containerized-environment-78b57fc3238) And Understanding How Containers Present Unique Security Challenges. This article contains a collection of best practices and tips regarding securing containerized environments. ## Kubernetes Security Compliance Frameworks - [==armosec.io: Kubernetes Security Compliance Frameworks== 🌟](https://www.armosec.io/blog/kubernetes-security-frameworks-and-guidance/) @@ -192,12 +205,18 @@ - Secrets management and protection ## Zero Trust Security -- [dzone.com: What Is Zero Trust Security?](https://dzone.com/articles/what-is-zero-trust-security) Zero Trust security is an IT security framework that treats everyone and everything to be hostile (in a good way!). +- [dzone.com: What Is Zero Trust Security? 🌟](https://dzone.com/articles/what-is-zero-trust-security) Zero Trust security is an IT security framework that treats everyone and everything to be hostile (in a good way!). +- [thenewstack.io: Secured Access to Kubernetes from Anywhere with Zero Trust | Tenry Fu 🌟](https://thenewstack.io/secured-access-to-kubernetes-from-anywhere-with-zero-trust/) +- [rafay.co: Securing Access to Kubernetes Environments with Zero Trust | Kyle Hunter 🌟](https://rafay.co/the-kubernetes-current/securing-access-to-kubernetes-environments-with-zero-trust/) ## Authentication and Authorization - [thenewstack.io: How Do Authentication and Authorization Differ?](https://thenewstack.io/how-do-authentication-and-authorization-differ/) - [==osohq.com: Patterns for Authorization in Microservices==](https://www.osohq.com/post/microservices-authorization-patterns) +### OpenID Connect and OAuth 2.0 +- [medium.com/getindata-blog: OAuth2-based authentication on Istio-powered Kubernetes clusters 🌟](https://medium.com/getindata-blog/oauth2-based-authentication-on-istio-powered-kubernetes-clusters-2bd0999b7332) Starting with Envoy 1.17, authentication and authorization to Istio clusters don't require setting up external services if you decide to use OAuth2 Learn how it works in this hands-on tutorial. +- [==oauth2-proxy/oauth2-proxy: OAuth2 Proxy== 🌟](https://github.com/oauth2-proxy/oauth2-proxy) A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers. + ## Quality Gates - [dzone: DevOps Pipeline Quality Gates: A Double-Edged Sword](https://dzone.com/articles/devops-pipeline-quality-gates-a-double-edged-sword) In theory, quality gates seem like a no-brainer, but it does come with a catch. ## 16 Gates @@ -246,6 +265,7 @@ ## The Falco Project - [Falco.org](https://falco.org) Cloud-Native runtime security - [==sysdig.com: Getting started with runtime security and Falco==](https://sysdig.com/blog/intro-runtime-security-falco/) +- [betterprogramming.pub: Kubernetes Security With Falco](https://betterprogramming.pub/kubernetes-security-with-falco-2eb060d3ae7d) Comprehensive runtime security for your containers with a hands-on demo. ## Security Patterns for Microservice Architectures - [Security Patterns for Microservice Architectures](https://developer.okta.com/blog/2020/03/23/microservice-security-patterns) @@ -280,6 +300,7 @@ 10. Insufficient Logging and Monitoring - [cequence.ai: The OWASP API Security Top 10 From a Real-World Perspective](https://www.cequence.ai/blog/owasp-api-security-top-10-from-a-real-world-perspective/) +- [securityonline.info: VAmPI: Vulnerable REST API with OWASP top 10 vulnerabilities](https://securityonline.info/vampi-vulnerable-rest-api-with-owasp-top-10-vulnerabilities/) ## Source Code Audit - [==securecoding.com: Code Audit: How to Ensure Compliance for an Application==](https://www.securecoding.com/blog/code-audit-how-to-ensure-compliance-for-an-application/) A source code audit is a process of analyzing the source code of an application with the objective of discovering security vulnerabilities, security design problems, and places of potential improvement in programming practices. After the analysis, a report is generated that is used to implement a range of measures that guarantee the security and reliability of the code. Code audits can be carried out in parallel with penetration tests. They can test the exploitability of code vulnerabilities to better estimate the risk they pose. Ideally, code audits are performed throughout the application lifecycle. The faster a vulnerability is discovered, the easier it is to fix! @@ -296,6 +317,7 @@ - [iximiuz.com: The need for slimmer containers. Scanning official Python images with Snyk](https://iximiuz.com/en/posts/thick-container-vulnerabilities/) - [gkovan.medium.com: A Zero Trust Approach for Securing the Supply Chain of Microservices Packaged as Container Images (sigstore, kyverno, openshift tekton, quarkus) 🌟](https://gkovan.medium.com/a-zero-trust-approach-for-securing-the-supply-chain-of-microservices-packaged-as-container-images-89d2f5b7293b) - [thenewstack.io: Find Vulnerabilities in Container Images with Docker Scan](https://thenewstack.io/find-vulnerabilities-in-container-images-with-docker-scan/) +- [medium.com/@nanditasahu031: DevSecOps — Implementing Secure CI/CD Pipelines 🌟](https://medium.com/@nanditasahu031/devsecops-implementing-secure-ci-cd-pipelines-9653726b4916) ### Securing Kubernetes With Anchore - [Securing Kubernetes With Anchore](https://anchore.com/kubernetes/) @@ -311,6 +333,7 @@ - [==github.blog: Safeguard your containers with new container signing capability in GitHub Actions (cosign)==](https://github.blog/2021-12-06-safeguard-container-signing-capability-actions/) - [chrisns/cosign-keyless-demo: Cosign Keyless GitHub Action Demo](https://github.com/chrisns/cosign-keyless-demo) Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action. - [blog.chainguard.dev: How To Verify Cosigned Container Images In Amazon ECS](https://blog.chainguard.dev/cosign-verify-ecs/) +- [justinpolidori.it: Secure Your Docker Images With Cosign (and OPA Gatekeeper)](https://www.justinpolidori.it/posts/20220116_sign_images_with_cosign_and_verify_with_gatekeeper/) Learn how combining Gatekeeper + Cosign for image signature validation with the new external_data feature lets you stop untrusted docker images from being deployed on your Kubernetes cluster. ## GitHub security - [GitHub security: what does it take to protect your company from credentials leaking on GitHub? 🌟](https://blog.gitguardian.com/github-security/) @@ -369,6 +392,7 @@ - [developers.redhat.com: Protect secrets in Git with the clean/smudge filter](https://developers.redhat.com/articles/2022/02/02/protect-secrets-git-cleansmudge-filter) - [kubeopsskills/cloud-secret-resolvers: Cloud Secret Resolvers (CSR)](https://github.com/kubeopsskills/cloud-secret-resolvers) Cloud Secret Resolvers is a set of tools to help your applications (on Kubernetes) to retrieve any credentials from cloud managed vaults without the needed to write additional boilerplate code in your applications!. +- [thenewstack.io: Managing Secrets in Your DevOps Pipeline ](https://thenewstack.io/managing-secrets-in-your-devops-pipeline/) ### Anti Patterns. Wrong Secrets - [==commjoen/wrongsecrets: OWASP WrongSecrets==](https://github.com/commjoen/wrongsecrets) Examples with how to not use secrets. Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management is ok. The challenge is to find all the different secrets by means of various tools and techniques. @@ -432,12 +456,21 @@ - [hashicorp.com: Kubernetes Vault Integration via Sidecar Agent Injector vs. CSI Provider](https://www.hashicorp.com/blog/kubernetes-vault-integration-via-sidecar-agent-injector-vs-csi-provider) In this post, you will explore the different methods of integrating HashiCorp Vault with Kubernetes and learn how to choose the best solution for your use case. - [hashicorp.com: Manage Kubernetes Secrets for Flux with HashiCorp Vault](https://www.hashicorp.com/blog/manage-kubernetes-secrets-for-flux-with-hashicorp-vault) Configure the Secrets Store CSI driver with HashiCorp Vault to securely inject secrets into **Flux** or other GitOps tools on Kubernetes. - [==hashicorp.com: How to Integrate Your Application with Vault: Static Secrets==](https://www.hashicorp.com/blog/how-to-integrate-your-application-with-vault-static-secrets) Learn how to retrieve static secrets from HashiCorp Vault in a real-world setting using a new sample application. +- [blog.devops.dev: Using Vault in Kubernetes Production for Security Engineers](https://blog.devops.dev/using-vault-in-kubernetes-production-for-security-engineers-54d2f0aca4d1) +- [hashicorp.com: HashiCorp Vault 1.11 Adds Kubernetes Secrets Engine, PKI Updates, and More 🌟](https://www.hashicorp.com/blog/vault-1-11) + - Favorite OSS feature is the K8S secrets engine that can generate K8S service accounts as dynamic secrets. + - Favorite Ent feature is that Autopilot can now perform safe, automated upgrades. + - Plus a dozen other improvements... + +- [medium.com/@nikhil.purva: Securing Kubernetes Secrets with HashiCorp Vault](https://medium.com/@nikhil.purva/securing-kubernetes-secrets-with-hashicorp-vault-a9555728e095) #### HashiCorp Vault Agent - [Vault Agent 🌟](https://www.vaultproject.io/docs/agent) - [harness.io: Tutorial: How to Use the New Vault Agent Integration Method With Harness](https://harness.io/blog/devops/vault-agent-secrets-management) - [harness.io: Tutorial: Vault Agent Advanced Use Case With Kubernetes Delegates and Shared Volumes 🌟](https://harness.io/blog/devops/vault-agent-kubernetes-delegates) - [hashicorp.com: Why Use the Vault Agent for Secrets Management?](https://www.hashicorp.com/blog/why-use-the-vault-agent-for-secrets-management) +- [medium.com/nerd-for-tech: PKI Certs Injection to K8s Pods with Vault Agent Injector](https://medium.com/nerd-for-tech/pki-certs-injection-to-k8s-pods-with-vault-agent-injector-d97482b48f3d) In this article, you'll learn how to use the Vault Agent Injector to dynamically generate and Inject PKI Certs to Pods by rendering secrets to a shared volume, containers within the pod will consume Vault secrets without being Vault aware. +- [hashicorp.com: Refresh Secrets for Kubernetes Applications with Vault Agent](https://www.hashicorp.com/blog/refresh-secrets-for-kubernetes-applications-with-vault-agent) Learn the system signal and live reload methods for updating Kubernetes applications when secrets change. See an example via a Spring Boot application. ### Azure Key Vault - [docs.microsoft.com: Azure Key Vault](https://docs.microsoft.com/en-us/azure/key-vault/general/overview) @@ -602,6 +635,7 @@ - [curiefense/curiefense](https://github.com/curiefense/curiefense) Curiefense extends Envoy proxy to defend against a variety of threats, including SQL and command injection, cross site scripting (XSS), account takeovers (ATOs) and more - [==socket.dev: Introducing Socket==](https://socket.dev/blog/introducing-socket) Socket's mission is to make open source safer. A platform that protects your most critical apps from software supply chain attacks. - [itbusinessedge.com: Okta vs. Azure AD: IAM Tool Comparison](https://www.itbusinessedge.com/security/okta-vs-azure-ad/) +- [deepfence/ThreatMapper 🌟](https://github.com/deepfence/ThreatMapper/) 🔥 🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥 🔥 ThreatMapper hunts for vulnerabilities in your production platforms and ranks these vulnerabilities based on their risk of exploitation. You can then prioritize the issues that present the greatest risk to the security of your applications. ## Videos ??? note "Click to expand!" diff --git a/docs/docker.md b/docs/docker.md index 80fe61d4..78bc6ad9 100644 --- a/docs/docker.md +++ b/docs/docker.md @@ -123,7 +123,7 @@ * [==clavinjune.dev: Working With Remote Docker Using Docker Context==](https://clavinjune.dev/en/blogs/working-with-remote-docker-using-docker-context/) This is a cheatsheet for working with docker context to connect remote docker locally. Might help you to work with remote docker without manually SSH to the remote server. * [cloudsavvyit.com: How to Add a Volume to an Existing Docker Container](https://www.cloudsavvyit.com/14973/how-to-add-a-volume-to-an-existing-docker-container/) * [cloudsavvyit.com: How to Manage Docker Engine Plugins](https://www.cloudsavvyit.com/15066/how-to-manage-docker-engine-plugins) -* [iximiuz.com: Learning Containers From The Bottom Up](https://iximiuz.com/en/posts/container-learning-path/) Efficient Learning Path to Grasp Containers Fundamentals +* [==iximiuz.com: Learning Containers From The Bottom Up== | Ivan Velichko 🌟](https://iximiuz.com/en/posts/container-learning-path/) Efficient Learning Path to Grasp Containers Fundamentals * [thenewstack.io: The Time to Decide on Docker Desktop Has Arrived](https://thenewstack.io/the-time-to-decide-on-docker-desktop-has-arrived/) * [codeproject.com: How to Create an Image in Docker using Python](https://www.codeproject.com/Tips/5323808/How-To-Create-An-Image-In-Docker-Using-Python) * [dev.to: Top 5 Docker Best Practices](https://dev.to/karanpratapsingh/top-5-docker-best-practices-57oh) @@ -137,6 +137,13 @@ * [==stevelasker.blog: Docker Tagging: Best practices for tagging and versioning docker images==](https://stevelasker.blog/2018/03/01/docker-tagging-best-practices-for-tagging-and-versioning-docker-images/) * [freecodecamp.org: Docker Cache – How to Do a Clean Image Rebuild and Clear Docker's Cache](https://www.freecodecamp.org/news/docker-cache-tutorial/) * [==dev.to: Docker 101: Introduction to Docker==](https://dev.to/signoz/docker-101-introduction-to-docker-1kbm) +* [betterprogramming.pub: 5 Simple Tips For Debugging Docker Containers 🌟](https://betterprogramming.pub/5-simple-tips-for-debugging-docker-containers-271cb3dee77a) Smoke out annoying container problems with minimal insanity +* [blog.devgenius.io: K8s — Advanced Container Knowledge](https://blog.devgenius.io/k8s-advanced-container-knowledge-fcc45a2f6db8) +* [medium.com/@joelbelton: Optimising Docker Performance — The Key 4 Techniques You Need](https://medium.com/@joelbelton/optimising-docker-performance-the-key-4-techniques-you-need-6440cfebb650) +* [kubesimplify.com: The secret gems behind building container images, Enter: BuildKit & Docker Buildx](https://kubesimplify.com/the-secret-gems-behind-building-container-images-enter-buildkit-and-docker-buildx) +* [medium.com/geekculture: Docker — Limit Container CPU Usage 🌟](https://medium.com/geekculture/docker-limit-container-cpu-usage-11eb8ee0de5a) +* [devtron.ai: Understand CMD and ENTRYPOINT Differences in Docker](https://devtron.ai/blog/cmd-and-entrypoint-differences/) +* [fatehmuhammad.medium.com: Introduction to Docker | part 1](https://fatehmuhammad.medium.com/introduction-to-docker-part-1-3cff7559e372) ## Docker CLI * [docs.docker.com: docker buildx imagetools](https://docs.docker.com/engine/reference/commandline/buildx_imagetools/) Commands to work on images in registry @@ -179,7 +186,10 @@ * [sequoia.makes.software: Reducing Docker Image Size (Particularly for Kubernetes Environments) 🌟](https://sequoia.makes.software/reducing-docker-image-size-particularly-for-kubernetes-environments/) * [itnext.io: Building Docker Images The Proper Way 🌟](https://itnext.io/building-docker-images-the-proper-way-3c9807524582) Let’s optimize Docker builds to create much smaller and more secure Docker images in a fraction of the usual build time… * [returngis.net: Reduce el tamaño de tus imágenes con Dockerfiles multi-stage](https://www.returngis.net/2021/08/reduce-el-tamano-de-tus-imagenes-con-dockerfiles-multi-stage/) -* [slim.ai: Automatically reduce Docker container size using DockerSlim](https://www.slim.ai/blog/automatically-reduce-docker-container-size-using-dockerslim.html) +* [==slim.ai==](https://www.slim.ai/) Build secure containers, faster. Secure your software supply chain. + * [slim.ai: Automatically reduce Docker container size using DockerSlim](https://www.slim.ai/blog/automatically-reduce-docker-container-size-using-dockerslim.html) + * [youtube: The need for Slim Docker Container Images with @DockerSlim & Slim.AI ](https://www.youtube.com/watch?v=1o14tIEhZL0) + * [==slim.ai: Slim Docker Extension== 🌟](https://www.slim.ai/docs/docker-desktop-extension.html) * [learnk8s.io: 3 simple tricks for smaller Docker images 🌟](https://learnk8s.io/blog/smaller-docker-images) When it comes to building Docker containers, you should always strive for smaller images. **Images that share layers and are smaller in size are quicker to transfer and deploy.** * [contains.dev: Optimizing Docker image size and why it matters](https://contains.dev/blog/optimizing-docker-image-size) * [==jpetazzo.github.io: Anti-Patterns When Building Container Images==](http://jpetazzo.github.io/2021/11/30/docker-build-container-images-antipatterns/) @@ -213,6 +223,7 @@ PHP Docker Image for Cloud Native Deployments (and Kubernetes) - [grosser/preoomkiller](https://github.com/grosser/preoomkiller) Softly kills your process with SIGTERM before it runs out of memory. Made for processes that run inside docker. - [==ory/dockertest==](https://github.com/ory/dockertest) Write better integration tests! Dockertest helps you boot up ephermal docker images for your Go tests with minimal work. Use Docker to run your Golang integration tests against third party services on Microsoft Windows, Mac OSX and Linux! - [==hadolint/hadolint: Haskell Dockerfile Linter==](https://github.com/hadolint/hadolint) Dockerfile linter, validate inline bash, written in Haskell +- [==ttl.sh: Anonymous & ephemeral Docker image registry 🌟==](https://ttl.sh/) Free to use. No need to sign-up. Open source. ## Docker and WSL2 - [Creating the best Linux Development experience on Windows & WSL 2](https://www.docker.com/blog/creating-the-best-linux-development-experience-on-windows-wsl-2/) @@ -232,6 +243,7 @@ PHP Docker Image for Cloud Native Deployments (and Kubernetes) * [docker.com: Docker Compose for Amazon ECS Now Available](https://www.docker.com/blog/docker-compose-for-amazon-ecs-now-available/) * [==geshan.com.np: Postgres with Docker and Docker compose a step-by-step guide for beginners==](https://geshan.com.np/blog/2021/12/docker-postgres/) * [==codesolid.com: How To Use Docker and Docker Compose With Python==](https://codesolid.com/how-to-use-docker-with-python/) +* [releasehub.com: 6 Docker Compose Best Practices for Dev and Prod](https://releasehub.com/blog/6-docker-compose-best-practices-for-dev-and-prod) ## Moving Linux Services Into Containers * [crunchtools.com: A Hacker’s Guide to Moving Linux Services into Containers. Epic 15 page blog post showing people how to move Wordpress (php), Mediawiki (php), and Request Tracker (perl) into containers](http://crunchtools.com/moving-linux-services-to-containers/) @@ -310,5 +322,9 @@ PHP Docker Image for Cloud Native Deployments (and Kubernetes)

Okay @awscloud Lambda folks: when should I use Docker containers as the packaging format for functions vs. using native runtimes? Looking for general guidance here.

— Corey Quinn (@QuinnyPig) March 28, 2022

Mostly bc of the package size limit.
Standard code zip: max 250 MB
Docker image: max 10 GB

If you do anything in Python with ML libs, you will need Docker...

Why use native runtimes otherwise? Cold start.
Docker: 750-1000 ms
Node/Python: 250-300 ms

— Maciej Radzikowski (@radzikowski_m) March 28, 2022
+ +

Docker Compose + DockerSlim = ❤️@DockerSlim can make your images much smaller (hence, faster and securer), but it requires launching containers for runtime analysis.

Real apps, though, rarely run in isolation... Docker knew that and built Compose.

Now, behold the synergy! 🔽 pic.twitter.com/n6NlJokC95

— Ivan Velichko (@iximiuz) July 13, 2022
+ +

Debunking Container Myths 🧵

A (never-ending) series of articles that I started writing a couple of years ago to fix my own misconceptions about containers 🔽 pic.twitter.com/bD7Iw48ere

— Ivan Velichko (@iximiuz) August 28, 2022
\ No newline at end of file diff --git a/docs/dotnet.md b/docs/dotnet.md index e04b6d14..4fb19c84 100644 --- a/docs/dotnet.md +++ b/docs/dotnet.md @@ -2,6 +2,7 @@ - [Introduction](#introduction) - [ASP.NET Core](#aspnet-core) - [NuGet Packages and nuspec file](#nuget-packages-and-nuspec-file) +- [.NET MAUI](#net-maui) - [Polly .NET resilience and transient-fault-handling library](#polly-net-resilience-and-transient-fault-handling-library) - [Paradigm framework](#paradigm-framework) - [More dotnet frameworks and tools](#more-dotnet-frameworks-and-tools) @@ -19,6 +20,7 @@ - [telerik.com: Your First Microservice in .NET 6](https://www.telerik.com/blogs/your-first-microservice-dotnet-6) - [docs.microsoft.com: .NET Microservices: Architecture for Containerized .NET Applications](https://docs.microsoft.com/en-us/dotnet/architecture/microservices/) - [stackify.com: Who will Dominate in the future: .Net or Java?](https://stackify.com/who-will-dominate-in-the-future-net-or-java/) +- [devblogs.microsoft.com: Announcing Rate Limiting for .NET](https://devblogs.microsoft.com/dotnet/announcing-rate-limiting-for-dotnet/) ## ASP.NET Core - [blog.jetbrains.com: Getting Started with ASP.NET Core and gRPC](https://blog.jetbrains.com/dotnet/2021/07/19/getting-started-with-asp-net-core-and-grpc/) @@ -34,6 +36,9 @@ - [syncfusion.com: 10 Best C# NuGet Packages to Improve Your Productivity in 2022](https://www.syncfusion.com/blogs/post/10-best-c-nuget-packages-to-improve-your-productivity-in-2022.aspx) - [devblogs.microsoft.com: Introducing Compatible Packages on NuGet.org](https://devblogs.microsoft.com/nuget/introducing-compatible-frameworks-on-nuget-org/) +## .NET MAUI +- [devblogs.microsoft.com: Getting Started with DevOps and .NET MAUI](https://devblogs.microsoft.com/dotnet/devops-for-dotnet-maui/) .NET Multi-platform App UI (.NET MAUI) unifies Android, iOS, macOS, and Windows UI frameworks into a single framework so you can write one app that runs natively on many platforms. In this post, we will look at how easy it is to implement basic DevOps pipelines for .NET MAUI apps using GitHub Actions and Azure DevOps. + ## Polly .NET resilience and transient-fault-handling library - [App-vNext/Polly](https://github.com/App-vNext/Polly) Polly is a .NET resilience and transient-fault-handling library that allows developers to express policies such as Retry, Circuit Breaker, Timeout, Bulkhead Isolation, and Fallback in a fluent and thread-safe manner. - [medium: Microservices Resilience and Fault Tolerance with applying Retry and Circuit-Breaker patterns using Polly](https://medium.com/aspnetrun/microservices-resilience-and-fault-tolerance-with-applying-retry-and-circuit-breaker-patterns-c32e518db990) diff --git a/docs/edge-computing.md b/docs/edge-computing.md index c6c2998b..5d8e0f90 100644 --- a/docs/edge-computing.md +++ b/docs/edge-computing.md @@ -8,4 +8,5 @@ - [thenewstack.io: Cloudian CTO: Kubernetes, Standardization Key to Edge](https://thenewstack.io/cloudian-cto-kubernetes-standardization-key-to-edge/) - [cncf.io: Hosted Edge vs Cloud: the battle for latency and security 🌟](https://www.cncf.io/blog/2021/12/08/hosted-edge-vs-cloud-the-battle-for-latency-and-security) - [==developers.redhat.com: Bring your Kubernetes workloads to the edge==](https://developers.redhat.com/articles/2021/11/22/bring-your-kubernetes-workloads-edge) -- [thenewstack.io: A New Kubernetes Edge Architecture](https://thenewstack.io/a-new-kubernetes-edge-architecture/) \ No newline at end of file +- [thenewstack.io: A New Kubernetes Edge Architecture](https://thenewstack.io/a-new-kubernetes-edge-architecture/) +- [betterprogramming.pub: I Worked at Microsoft Cloud and Google Mobile for 3 Years — Here Are the Differences in Ecosystems](https://betterprogramming.pub/why-working-on-cloud-vs-mobile-edge-is-so-different-e32930f1c801) Why working on cloud vs. mobile (Edge) is so different? \ No newline at end of file diff --git a/docs/finops.md b/docs/finops.md index 3a0d9b84..d938f3de 100644 --- a/docs/finops.md +++ b/docs/finops.md @@ -1,5 +1,8 @@ # Cloud FinOps. Collaborative, Real-Time Cloud Financial Management - [Introduction](#introduction) +- [Compute Cost Calculator](#compute-cost-calculator) +- [AWS Cost Optimizations](#aws-cost-optimizations) +- [Kubernetes Cost Optimization](#kubernetes-cost-optimization) - [Licence Managers](#licence-managers) - [EKS](#eks) - [Books](#books) @@ -26,6 +29,25 @@ - [thenewstack.io: Cloud Cost Management for DevOps](https://thenewstack.io/cloud-cost-management-for-devops) - [zdnet.com: As cloud costs spiral upward, enterprises turn to a thing called FinOps](https://www.zdnet.com/article/as-cloud-costs-spiral-upward-enterprises-turn-to-a-thing-called-finops/) Organizations waste 32% of cloud spend, up from 30% a year ago. 'More and more users are swimming in the FinOps side of the pool, even if they may not know it - or call it FinOps yet.' - [thenewstack.io: Tricks for Cloud Cost Optimization | Pavan Belagatti](https://thenewstack.io/tricks-for-cloud-cost-optimization) +- [venturebeat.com: Cloud costs are unmanageable: It’s time we standardize billing](https://venturebeat.com/datadecisionmakers/cloud-costs-are-unmanageable-its-time-we-standardize-billing/) +- [medium.com/@pratzy99: Adoption of FinOps for Kubernetes Cost Optimization 🌟](https://medium.com/@pratzy99/adoption-of-finops-for-kubernetes-cost-optimization-6263bc7b3f57) +- AWS Tip 💛 Avoid billing surprises: + - Avoid billing surprises 💸 + - 𝗿𝗲𝘃𝗶𝗲𝘄 𝗰𝗼𝘀𝘁𝘀 (bi-)weekly + - get familiar with 𝗔𝗪𝗦 𝗖𝗼𝘀𝘁 𝗲𝘅𝗽𝗹𝗼𝗿𝗲𝗿 + - set up 𝗯𝗶𝗹𝗹𝗶𝗻𝗴 𝗮𝗹𝗲𝗿𝘁𝘀 + - understand your cost 𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲: which services contribute significantly to your costs? + +## Compute Cost Calculator +- https://compute-cost.com 🌟 +- This tool finds the lowest price of compute resources from different services (currently just in AWS). To balance simplicity and utility, only the most common features are available as filters. +- "As an AWS user, I often want to know the cheapest options for compute resources given some project-specific criteria. So, I made a tool to show me that data in a way that is useful to me. Maybe it will be useful to you" @ericwastl + +## AWS Cost Optimizations +- [medium.com/@tarunbehal02: AWS Cost Optimizations : My Learnings](https://medium.com/@tarunbehal02/aws-cost-optimizations-my-learnings-fcdc14da1f58) + +## Kubernetes Cost Optimization +- [medium.com/armory: Continuous Cost Optimization for Kubernetes](https://medium.com/armory/continuous-cost-optimization-for-kubernetes-4361045f0215) ## Licence Managers - [marketplace.atlassian.com: License Manager - Easily track your software licenses](https://marketplace.atlassian.com/apps/1227641/license-manager-easily-track-your-software-licenses) Unified view of software usage, SaaS, cloud resources, domains, SSL certificates info across the enterprise from one place in Jira. @@ -43,10 +65,15 @@ ## Cost Optimization Tools - [CAST AI](https://cast.ai/) cuts your cloud bill automatically so engineers can focus on building a better product +- [cremich/cdk-bill-bot: Welcome to Bill - the cost optimization bot](https://github.com/cremich/cdk-bill-bot) The serverless cost optimization bot. Bill enables AWS customers to proactively monitor their infrastructure costs and identify unforeseen expenses in a timely manner. Bill wants to prevent AWS customers from receiving bad surprises in their monthly bill. Therefore he addresses two primary problem areas: + - Cost history is not monitored on a regular basis + - Basic cost optimization best practices are not setup ## Tweets ??? note "Click to expand!"

Q: What is FinOps Architect job in Cloud?
This has got very popular on Public cloud to manage companies - Cloud Financial Management.

Here's how you can be a Cloud FinOps Consultant
🧵1/?
1. Learn architecture well

— Satyen Kumar (@SatyenKumar) March 1, 2022
+ +

🏗 AWS Tip 💛

Avoid billing surprises 💸

• 𝗿𝗲𝘃𝗶𝗲𝘄 𝗰𝗼𝘀𝘁𝘀 (bi-)weekly
• get familiar with 𝗔𝗪𝗦 𝗖𝗼𝘀𝘁 𝗲𝘅𝗽𝗹𝗼𝗿𝗲𝗿
• set up 𝗯𝗶𝗹𝗹𝗶𝗻𝗴 𝗮𝗹𝗲𝗿𝘁𝘀
• understand your cost 𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲: which services contribute significantly to your costs?

— Tobias Schmidt (@tpschmidt_) July 26, 2022
\ No newline at end of file diff --git a/docs/flux.md b/docs/flux.md index 30ca7d89..0a7a38a0 100644 --- a/docs/flux.md +++ b/docs/flux.md @@ -30,5 +30,7 @@ - [solo.io: The 3 best ways to use Flux and Flagger for GitOps with your Envoy Proxy API gateways](https://www.solo.io/blog/the-3-best-ways-to-use-flux-and-flagger-for-gitops-with-your-envoy-proxy-api-gateways) - [fluxcd/flux2-multi-tenancy](https://github.com/fluxcd/flux2-multi-tenancy) Manage multi-tenant clusters with Flux - [==flux-subsystem-argo.github.io: GitOps Terraform Resources with Argo CD and Flux Subsystem for Argo==](https://flux-subsystem-argo.github.io/website/tutorials/terraform/) This is a tutorial to show how could we use Flux Subsystem for Argo (FSA) to bring the Terraform management feature from the Flux world to your Argo CD UI. In order to do so, we need Weave GitOps Terraform Controller to help us reconcile our Terraform resources. +- [blog.ediri.io: Flux With Buckets: Is This Still GitOps?](https://blog.ediri.io/flux-with-buckets-is-this-still-gitops) How to use the Flux Bucket component with AWS S3 with Civo and Pulumi. Flux Bucket is a simple way to deploy your kubernetes manifests to a S3 bucket and then use Flux to deploy them + - [dirien/pulumi-civo-flux-bucket](https://github.com/dirien/pulumi-civo-flux-bucket) diff --git a/docs/git.md b/docs/git.md index 7d5fa60c..5f890fec 100644 --- a/docs/git.md +++ b/docs/git.md @@ -161,6 +161,9 @@ * [opensource.com: My guide to using the Git push command safely](https://opensource.com/article/22/4/git-push) Understand the usage and impact of this popular Git command on your project, learn new safer alternatives, and grasp the skills of restoring a broken branch. * [opensource.com: Make your own Git subcommands](https://opensource.com/article/22/4/customize-git-subcommands) Creating your own Git subcommand makes your custom scripts feel like natural components of Git. * [betterprogramming.pub: 2 Use Cases of Python Pre-commit Hooks to Tidy Up Your Git Repositories](https://betterprogramming.pub/2-use-cases-of-python-pre-commit-hooks-to-tidy-up-your-git-repositories-8d86c9c4f06b) Strategies to have a better-organized codebase +* [==betterprogramming.pub: Recovering From Common Git Errors==](https://betterprogramming.pub/recovering-from-common-git-errors-eccda7ec6180) +* [github.blog: Improve Git monorepo performance with a file system monitor 🌟](https://github.blog/2022-06-29-improve-git-monorepo-performance-with-a-file-system-monitor/) **Monorepo performance can suffer due to the sheer number of files in your working directory. Git’s new builtin file system monitor makes it easy to speed up monorepo performance.** +* [java67.com: Top 10 Free Git Courses and Tutorials for Beginners in 2022 - Best of Lot](https://www.java67.com/2022/07/10-best-free-git-courses-and-tutorials.html) ## Git Branches * [learngitbranching.js.org: Learn Git Branching 🌟](https://learngitbranching.js.org/) An interactive Git visualization tool to educate and challenge! @@ -364,6 +367,7 @@ git push origin -f * [Deploy and Manage Gitlab Runners on Amazon EC2](https://aws.amazon.com/blogs/devops/deploy-and-manage-gitlab-runners-on-amazon-ec2/) * [freecodecamp.org: DevOps with GitLab CI Course 🌟](https://www.freecodecamp.org/news/devops-with-gitlab-ci-course/) * [testmo.com: GitLab CI/CD Test Automation Pipeline & Reporting](https://www.testmo.com/guides/gitlab-ci-test-automation) +* [community.ops.io: CI CD 101 with GitLab](https://community.ops.io/jatin/ci-cd-101-with-gitlab-4pol) ### GitLab Collective - [GitLab Collective 🌟](https://stackoverflow.com/collectives/gitlab) Discover and share knowledge about version control, CI/CD, DevSecOps, and all-remote workflows @@ -401,7 +405,6 @@ git push origin -f * [blog.gruntwork.io: Introducing git-xargs: an open source tool to update multiple GitHub repos](https://blog.gruntwork.io/introducing-git-xargs-an-open-source-tool-to-update-multiple-github-repos-753f9f3675ec) * [github.blog: Security keys are now supported for SSH Git operations 🌟](https://github.blog/2021-05-10-security-keys-supported-ssh-git-operations/) * [education.github.com](https://education.github.com/) Real-world tools, engaged students. GitHub Education helps students, teachers, and schools access the tools and events they need to shape the next generation of software development. -* [GitHub Copilot 🌟](https://copilot.github.com/) Your AI pair programmer With GitHub Copilot, get suggestions for whole lines or entire functions right inside your editor. * [github.blog: GitHub brings supply chain security features to the Go community](https://github.blog/2021-07-22-github-supply-chain-security-features-go-community/) * [dev.to: How to never type passwords when using Git](https://dev.to/github/how-to-never-type-passwords-when-using-git-18bb) We're deprecating password support for Git operations to keep you more secure. You can authenticate Git actions using: * SSH keys @@ -440,6 +443,9 @@ git push origin -f * [github.blog: Getting started with project planning on GitHub](https://github.blog/2022-02-11-getting-started-with-project-planning-on-github/) Stop context switching. Keep your team’s project planning next to your code. * [freecodecamp.org: How to Fork a GitHub Repository – A Complete Workflow](https://www.freecodecamp.org/news/how-to-fork-a-github-repository/) * [==levelup.gitconnected.com: GitHub may replace DockerHub==](https://levelup.gitconnected.com/github-may-replace-dockerhub-a5da5e547f01) +* [==github.com/Lightning-AI/engineering-class: Lightning Bits: Engineering for Researchers== 🌟](https://github.com/Lightning-AI/engineering-class) **This repository contains additional materials and show notes for the Lightning Bits: Engineering for Researchers video series.** + * [github.com/Lightning-AI/engineering-class: Episode 8: Creating a Pull Request on GitHub](https://github.com/Lightning-AI/engineering-class/blob/main/ep08-github-pr/Ep08-ShowNotes.md) + * [github.com/Lightning-AI/engineering-class: Episode 9: Collaborating with Pull Requests using GitHub](https://github.com/Lightning-AI/engineering-class/blob/main/ep09-github-collab/Ep09-ShowNotes.md#syncing-forks-with-upstream) ### GitHub Lab - [==lab.github.com== 🌟](https://lab.github.com) With GitHub Learning Lab, grow your skills by completing fun, realistic projects. Get advice and helpful feedback from our friendly Learning Lab bot. @@ -508,6 +514,9 @@ git push origin -f - [towardsdatascience.com: Generating Python Scripts with OpenAi’s Github Copilot](https://towardsdatascience.com/generating-python-scripts-with-openais-github-copilot-da0b3fdd989) Using AI to generate Python scripts for simple neural networks, data visualization and more - [dev.to: GitHub Copilot blew my mind on a code-along exercise](https://dev.to/colocodes/github-copilot-blew-my-mind-on-a-code-along-exercise-186n) - [medium.com/@eriky: Copilot Is Genuinely Scary And Fascinating At The Same Time](https://medium.com/@eriky/copilot-is-genuinely-scary-and-fascinating-at-the-same-time-63ebcbf80899) It knows more than just programming languages +- [GitHub Copilot is generally available to all developers](https://github.blog/2022-06-21-github-copilot-is-generally-available-to-all-developers/) **We’re making GitHub Copilot, an AI pair programmer that suggests code in your editor, generally available to all developers for $10 USD/month or $100 USD/year. It will also be free to use for verified students and maintainers of popular open source projects.** +- [xataka.com: GitHub Copilot, el asistente para programar basado en IA, ya está disponible para todos: cuánto cuesta y quienes lo pueden usar gratis](https://www.xataka.com/aplicaciones/github-copilot-asistente-para-escribir-codigo-basado-ia-esta-disponible-para-todos-esto-que-costara) +- [genbeta.com: Ya hay organizaciones pro-software libre abandonando GitHub por su uso comercial de proyectos open source en Copilot](https://www.genbeta.com/desarrollo/hay-organizaciones-pro-software-libre-abandonando-github-su-uso-comercial-proyectos-open-source-copilot) #### GitHub CoPilot VS GPT-3 - [python.plainenglish.io: Who Writes Better Code: GitHub CoPilot or GPT-3?](https://python.plainenglish.io/who-writes-better-code-github-copilot-or-gpt-3-9e7441650c9b) @@ -633,8 +642,6 @@ Automate them. * [Bors-ng: A merge bot for GitHub Pull Requests](https://github.com/bors-ng/bors-ng) * [Example: CockroachDB's Bors Merge Bot](https://wiki.crdb.io/wiki/spaces/CRDB/pages/73204099/Bors+Merge+Bot) ---- - ## Videos ??? note "Click to expand!" @@ -662,5 +669,11 @@ Automate them.

Here are _some_ of the most essential git operations you will need when working as a developer.

🧵🔽 pic.twitter.com/ZTUUObuj70

— Oliver Jumpertz (@oliverjumpertz) March 23, 2021

Git is by far the most used source control management tool out there.

It is basially an essential to know. And this justifies knowing a few of the most important git commands you need in your daily work.

Here are 19 that any developer should know.

A thread. ↓ pic.twitter.com/nLglrUWp6o

— Oliver Jumpertz (@oliverjumpertz) August 11, 2021
+ +

Really cool and cute way to explain git commands.

By @girlie_mac

If you like this kind of tech doodles, check out her Github repo: https://t.co/2J3vEt6Eb9 pic.twitter.com/wkBqlg9584

— Alex Xu (@alexxubyte) June 17, 2022
+ +

Best Free Git Courses for beginners
1. Git Started With GitHub -https://t.co/ajJlJUz34i
2. Introduction to Git - https://t.co/T0mIUkIBbB
2. GIT 5-day Challenge - https://t.co/bj687fKJ8Y
4. Command Line Essentials: - https://t.co/us18hMcw9P
5. Git expert - https://t.co/AmRMZznQzu pic.twitter.com/FM6Oh2KGMD

— javinpaul (@javinpaul) July 9, 2022
+ +

If you're a programmer, these 10 git commands will save you hours of research🧵👇

— Ujjwal Chadha (@ujjwalscript) August 18, 2022
\ No newline at end of file diff --git a/docs/gitops.md b/docs/gitops.md index 763bb67f..e3869daf 100644 --- a/docs/gitops.md +++ b/docs/gitops.md @@ -28,6 +28,7 @@ ## Introduction - [gitops.tech 🌟](https://www.gitops.tech/) +- [OpenGitOps 🌟](https://opengitops.dev) OpenGitOps is a set of open-source standards, best practices, and community-focused education to help organizations adopt a structured, standardized approach to implementing GitOps. - [weave.works: Guide to GitOps](https://www.weave.works/technologies/gitops/) - [weave.works: What Is GitOps?](https://www.weave.works/blog/what-is-gitops-really) - [atlassian.com: Is GitOps the next big thing in DevOps?](https://www.atlassian.com/git/tutorials/gitops) @@ -142,6 +143,17 @@ - [linkedin pulse: GitOps vs. DevOps! | Pavan Belagatti](https://www.linkedin.com/pulse/gitops-vs-devops-pavan-belagatti/) - [==containerjournal.com: GitOps Workflows and Principles for Kubernetes==](https://containerjournal.com/features/gitops-workflows-and-principles-for-kubernetes/) - [harness.io: 6 Actionable GitOps Best Practices To Help You Get Started](https://harness.io/blog/devops/6-gitops-best-practices/) +- [==codefresh.io: How to Model Your Gitops Environments and Promote Releases between Them== 🌟](https://codefresh.io/blog/how-to-model-your-gitops-environments-and-promote-releases-between-them/) In this article, you'll learn how to use different folders on the same Git branch. Two questions after adopting GitOps are: + - How should I represent different environments on Git? + - How should I handle promoting releases between them? +- [==piotrminkowski.com: Continuous Development on Kubernetes with GitOps Approach== 🌟](https://piotrminkowski.com/2022/06/06/continuous-development-on-kubernetes-with-gitops-approach/) +- [==harness.io: Managing the 'Git' in 'GitOps': 4 Ways to Structure Code in Your GitOps Repos== 🌟](https://harness.io/blog/gitops-repo-structure) Declarative, immutable, and continuously reconciled infrastructure brings many benefits when managed through GitOps best practices. Here are four approaches to managing code used in those pipelines. + - Application and Infrastructure Code in One Repository + - Separate Infrastructure Repository, Multiple Branches + - Separate Infrastructure Repository, Directory-Based + - Multiple Infrastructure Repositories, One per Environment + +- [medium.com/codex: Points to Consider for Structuring Infrastructure as Code Repositories](https://medium.com/codex/points-to-consider-for-structuring-infrastructure-as-code-repositories-886ff58404b8)
[![gitops in a nutshell](images/GitOps-in-a-nutshell.png)](https://www.unifiedguru.com/gitops-and-the-cloud-operating-model-vmware-cloud-community/) @@ -163,6 +175,11 @@ ## Git Repositories Structures - [==dzone: GitOps: How to Ops Your Git the Right Way== 🌟](https://dzone.com/articles/gitops-how-to-ops-your-git-the-right-way) In this article we’ll look into the specifics of creating Git repositories structures  —  the very core of the GitOps approach. - [==codefresh.io: Stop Using Branches for Deploying to Different GitOps Environments==](https://codefresh.io/about-gitops/branches-gitops-environments/) How do I promote a release to the next environment? **You should NOT use Git branches for modeling different environments. If the Git repository holding your configuration (manifests/templates in the case of Kubernetes) has branches named “staging”, “QA”, “Production” and so on, then you have fallen into a trap.** Using branches for different environments should only be applied to legacy applications. +- [==developers.redhat.com: Git best practices: Workflows for GitOps deployments== 🌟](https://developers.redhat.com/articles/2022/07/20/git-workflows-best-practices-gitops-deployments) + - Separate your repositories + - Separate development in directories, not branches + - Trunk-based development + - Pay attention to policies and security ## GitOps Tools - [FluxCD, ArgoCD or Jenkins X: Which Is the Right GitOps Tool for You?](https://blog.container-solutions.com/fluxcd-argocd-or-jenkins-x-which-is-the-right-gitops-tool-for-you) @@ -193,8 +210,15 @@ - [Flux. The GitOps operator for Kubernetes](flux.md) ### Kustomize. Kubernetes native configuration management -- [kustomize.io 🌟](https://kustomize.io/) Kustomize introduces a template-free way to customize application configuration that simplifies the use of off-the-shelf applications. Now, built into kubectl as apply -k. +- [kustomize.io 🌟](https://kustomize.io/) + - Kustomize introduces a template-free way to customize application configuration that simplifies the use of off-the-shelf applications. Now, built into kubectl as apply -k. + - Kustomize traverses a Kubernetes manifest to add, remove or update configuration options without forking. + - **It is available both as a standalone binary and as a native feature of kubectl.** - [nakamasato.medium.com: Comparison between Helm and Kustomize for Kubernetes yaml management](https://nakamasato.medium.com/comparison-between-helm-and-kustomize-for-kubernetes-yaml-management-aed32cef2627) +- [pauldally.medium.com: Kustomize Best Practices (Part 1)](https://pauldally.medium.com/kustomize-best-practices-part-1-86f9f22d2f20) Kubectl includes a very useful command called kustomize that allows a template-free way to customize Kubernetes application configuration. + - [pauldally.medium.com: Kustomize Best Practices (Part 2)](https://pauldally.medium.com/kustomize-best-practices-part-2-c560f1fa1409) +- [notmattlucas.com: Kubernetes Configuration with Kustomize](https://notmattlucas.com/kubernetes-configuration-with-kustomize-f4dbba250f3) +- [medium.com/@nanditasahu031: How to Start with Kustomize — it’s Features](https://medium.com/@nanditasahu031/how-to-start-with-kustomize-its-features-dd541c3d2fa8) ### Flagger - [Flagger](https://flagger.app/) Progressive Delivery Operator for Kubernetes. Release new versions of your application/services to Kubernetes like a pro with Weaveworks's Flagger. diff --git a/docs/golang.md b/docs/golang.md index ac6b5960..b38be604 100644 --- a/docs/golang.md +++ b/docs/golang.md @@ -84,6 +84,8 @@ - [gnet](https://github.com/panjf2000/gnet) 🚀 gnet is a high-performance, lightweight, non-blocking, event-driven networking framework written in pure Go./ gnet - [dsa0x/sicher](https://github.com/dsa0x/sicher) Sicher is a go module that allows secure storage of encrypted credentials in a version control system. - [ggicci/httpin: HTTP Input for Go](https://github.com/ggicci/httpin) Decode an HTTP request into a custom struct +- [kubernetes-sigs/e2e-framework](https://github.com/kubernetes-sigs/e2e-framework) A Go framework for end-to-end testing of components running in Kubernetes clusters. +- [forbearing/k8s](https://github.com/forbearing/k8s) This Go library implements various handlers to more easily manipulate kubernetes resources such as pods, deployments, etc, inside or outside a Kubernetes cluster ## Go packages - [cap](https://github.com/hashicorp/cap) A collection of authentication Go packages related to OIDC, JWKs and Distributed Claims. @@ -94,6 +96,7 @@ - [mholt/json-to-go](https://github.com/mholt/json-to-go) Translates JSON into a Go type in your browser instantly (original) - [curl-to-go](https://mholt.github.io/curl-to-go/) Instantly convert curl commands to Go code - [kkdai/youtube](https://github.com/kkdai/youtube) Download Youtube Video in Golang +- [==github.com/iawia002/lux== 🌟](https://github.com/iawia002/lux) 👾 **Fast and simple video download library and CLI tool written in Go** ## Go Books - https://github.com/dariubs/GoBooks @@ -104,7 +107,7 @@ - [==GoogleCloudPlatform/golang-samples: Sample apps and code written for Google Cloud in the Go programming language.==](https://github.com/GoogleCloudPlatform/golang-samples) - [rehacktive/caffeine](https://github.com/rehacktive/caffeine) A very basic REST service for JSON data - enough for prototyping and MVPs! - [ebosas/microservices](https://github.com/ebosas/microservices) A microservices example in Go -- [iximiuz/client-go-examples](https://github.com/iximiuz/client-go-examples) Collection of mini-programs demonstrating Kubernetes client-go usage. +- [iximiuz/client-go-examples](https://github.com/iximiuz/client-go-examples) Collection of mini-programs demonstrating Kubernetes client-go usage. If you're writing controllers or any other form of automation on top of Kubernetes, this repository with Go examples might come in handy. - [Mathieu-Desrochers/Learning-Go](https://github.com/Mathieu-Desrochers/Learning-Go) Minimal working examples of Go's unique features. ## Dockerfile for go diff --git a/docs/grafana.md b/docs/grafana.md index 1b8026ba..215ec5a9 100644 --- a/docs/grafana.md +++ b/docs/grafana.md @@ -51,6 +51,8 @@ * [percona.com: Tips for Designing Grafana Dashboards](https://www.percona.com/blog/2019/11/22/designing-grafana-dashboards/) * [devblogs.microsoft.com:Monitoring Azure by using Grafana dashboards 🌟](https://devblogs.microsoft.com/devops/monitoring-azure-by-using-grafana-dashboards/) * [github.com/kubevirt/monitoring](https://github.com/kubevirt/monitoring) KubeVirt monitoring dashboards. This repository collects Grafana dashboards for KubeVirt and Prometheus runbooks for alerts shipped with the KubeVirt stack. +* [medium.com/@dotdc: A set of modern Grafana dashboards for Kubernetes 🌟](https://medium.com/@dotdc/a-set-of-modern-grafana-dashboards-for-kubernetes-4b989c72a4b2) In this article, I will present a set of modern Grafana dashboards I made for Kubernetes, explain why I decided to create them and how they work. +* [grafana.com: Grafana dashboards: A complete guide to all the different types you can build](https://grafana.com/blog/2022/06/06/grafana-dashboards-a-complete-guide-to-all-the-different-types-you-can-build/) Monitored Component|Collector|Dashboard Number|URL :------------------|:-------|:---------------|------------ diff --git a/docs/helm.md b/docs/helm.md index 260ffced..c1486f94 100644 --- a/docs/helm.md +++ b/docs/helm.md @@ -95,6 +95,14 @@ * Common vs multiple Helm charts * Values YAML hierarchy * Git repository management +* [medium.com/avmconsulting-blog: How to Deploy Applications using Helm in Kubernetes |AWS|](https://medium.com/avmconsulting-blog/deploying-applications-using-helm-in-kubernetes-b5c8b609e4b5) +* [medium.com/tech-chronicles: Helm tests](https://medium.com/tech-chronicles/helm-test-tested-my-patience-732eeab0e935) Helm tests are helpful to test your charts in your CI/CD pipeline, but when they fail due to network issues (e.g. pod takes time to serve the response) they are difficult to debug. +* [xbery.medium.com: Deploy helm charts using Terraform module 🌟](https://xbery.medium.com/deploy-helm-charts-using-terraform-module-63684efbd221) +* [community.ops.io: [K8s] Fix Helm release failing with an upgrade still in progress](https://community.ops.io/the_cozma/k8s-fix-helm-release-failing-with-an-upgrade-still-in-progress-4660) This article applies to: Helm v3.8.0. If you use Helm to manage your releases, you might end up in a case where the release is stuck in a pending state and all subsequent releases keep failing. This article explains how to fix it with two options: + * Helm rollback + * Deleting the state +* [dev.to: HULL Tutorial 01: Introducing HULL, the Helm Universal Layer Library](https://dev.to/gre9ory/hull-tutorial-01-introducing-hull-the-helm-universal-layer-library-4njb) +* [medium.com/@lasithih927: Helm on Kubernetes - Zero to Hero in 5 Minutes 🌟](https://medium.com/@lasithih927/helm-zero-to-hero-4cab17fac38e) A Helm cheat sheet for getting your desired application installed on a Kubernetes cluster with the config you need in no time. Even if you haven’t heard of Helm before! This will take you from zero to hero. ## Helm Plugins * [Helm Diff Plugin 🌟](https://github.com/databus23/helm-diff) A helm plugin that shows a diff explaining what a helm upgrade would change @@ -153,7 +161,11 @@ Kubernetes packages * [shalm: Scriptable helm charts](https://github.com/wonderix/shalm) This project brings the starlark scripting language to helm charts. ## Helmfile -- [helmfile](https://github.com/linuxadvise/helmfile) +- https://helmfile.readthedocs.io Helmfile is a declarative spec for deploying Helm charts. It lets you: + - Keep a directory of chart value files and maintain changes in version control + - Apply CI/CD to configuration changes + - Periodically sync to avoid skew in environments +- [github.com/helmfile/helmfile](https://github.com/helmfile/helmfile) Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases in one shot - [linuxadvise.com: Helmfile - Next Level to manage your helm Charts](https://www.linuxadvise.com/amp/helmfile-next-level-to-manage-your-helm-charts) - [kubesandclouds.com: Helmfile: turbocharging Helm](https://kubesandclouds.com/index.php/2020/12/16/helmfile/) @@ -167,6 +179,7 @@ Kubernetes packages - [helm-diff: Helm Diff Plugin](https://github.com/databus23/helm-diff) - [Helmsman: Helm Charts as Code](https://github.com/Praqma/helmsman) Helmsman is a Helm Charts (k8s applications) as Code tool which allows you to automate the deployment/management of your Helm charts from version controlled code. - [medium: Gitops using Helmsman to apply Helm Charts to k8s](https://medium.com/@marco.franssen/gitops-using-helmsman-to-apply-helm-charts-to-k8s-1a7217ced411) +- [tellerops/helm-teller](https://github.com/tellerops/helm-teller) Helm Teller allows you to inject configuration and secrets from multiple providers into your chart while masking the secrets at the deployment ## Helm Books - [Learn Helm](https://www.packtpub.com/cloud-networking/learn-helm) diff --git a/docs/index.md b/docs/index.md index da4f416f..8d502e33 100644 --- a/docs/index.md +++ b/docs/index.md @@ -31,7 +31,9 @@ A curated list of awesome references collected since 2018. Microservices archite - [openpracticelibrary.com](https://openpracticelibrary.com/) - [Top 10 most visited pages](https://www.redhat.com/en/blog/top-10-most-used-open-practice-library-concepts) - [roadmap.sh](https://roadmap.sh/) - [DevOps Roadmap](https://roadmap.sh/devops) - [API Landscape](https://apilandscape.apiscene.io/) -- [Stack Overflow Annual Developer Survey](https://insights.stackoverflow.com/survey) - [2021 🌟](https://insights.stackoverflow.com/survey/2021#technology-most-loved-dreaded-and-wanted) +- [Stack Overflow Annual Developer Survey](https://insights.stackoverflow.com/survey) + - [2021](https://insights.stackoverflow.com/survey/2021#technology-most-loved-dreaded-and-wanted) + - [2022 🌟](https://survey.stackoverflow.co/2022/) - [betterprogramming.pub]((https://betterprogramming.pub/stack-overflow-2022-developer-survey-where-is-the-industry-heading-3cd4a0cd41f3)) - [Stack Overflow Collectives](https://stackoverflow.com/collectives) Communities for your favorite technologies - [Go Collective](https://stackoverflow.com/collectives/go) - [GitLab Collective](https://stackoverflow.com/collectives/gitlab) @@ -60,12 +62,22 @@ A curated list of awesome references collected since 2018. Microservices archite - [dzone.com/trendreports](https://dzone.com/trendreports) - [kube.events](https://kube.events) A curated list of Kubernetes-related events such as meetups, conferences, training & webinars that you will find interesting to attend - [The future of Kubernetes – and why developers should look beyond Kubernetes in 2022](https://www.eficode.com/blog/the-future-of-kubernetes-and-why-developers-should-look-beyond-kubernetes-in-2022) +- [cloudtechtwitter.com: Introduction to Kubernetes 🌟](https://www.cloudtechtwitter.com/2022/05/dont-miss-next-article-be-first-to-be.html) +- [GitHub Guides](https://github.com/readme/guides/) +- [learnk8s.io/news](https://learnk8s.io/news) How do you keep up with Kubernetes? If you are looking for curated Kubernetes news, we have you covered on: + - Core Kubernetes + - Security + - Architecture & development + - Job opportunities + - K3s + - Events ## Introduction - [Microservice Architecture. From Java EE To Cloud Native. Openshift VS Kubernetes](introduction.md) - [Microservices FAQ & Kubernetes Native](faq.md) ## SRE Site Reliability Engineering - [Site Reliability Engineering (SRE)](sre.md) +- [Networking](networking.md) - [FinOps - Cloud Financial Management](finops.md) - [Chaos Engineering](chaos-engineering.md) ## DevOps @@ -118,7 +130,7 @@ A curated list of awesome references collected since 2018. Microservices archite ### DevOps Tools aka Toolchain. Jenkins Alternatives. Cloud Native CI/CD Tools - [DevOps Tools](devops-tools.md) - [Jenkins Alternatives for Continuous Integration & Deployment 🌟](jenkins-alternatives.md) -- [Argo CD - Declarative GitOps for Kubernetes 🌟](argocd.md) +- [Argo - Declarative GitOps for Kubernetes 🌟](argo.md) - [Flux CD - The GitOps Operator for Kubernetes 🌟](flux.md) - [Tekton - Cloud Native CI/CD](tekton.md) - [Keptn](keptn.md) @@ -271,6 +283,7 @@ A curated list of awesome references collected since 2018. Microservices archite
+