Forwarded from Kube Careers
This week's 6 best Kubernetes vacancies that focus on security are:
DevSecOps Engineer with OpenAI
💰 $243K to $306K a year
🏠🏃🏻♂️🌎 Washington, DC, USA
→ https://kube.careers/t/edb60c03-c2c2-44ce-9e14-5783bb959a7e
Security Architect with Adobe Inc.
💰 $191.7K to $345.7K a year
🏠 From the office in Seattle, WA / San Francisco / San Jose, CA, USA
→ https://kube.careers/t/b6de3faf-adb8-462a-9dd9-260446149b27
Security Architect with Dexterity
💰 $200K to $300K a year
🏠 From the office in Redwood, CA, USA
→ https://kube.careers/t/b9a90583-a0e8-4f13-b776-839c8b1d6275
DevSecOps Engineer with Plaid
💰 $186.84K to $279.72K a year
🏠🏃🏻♂️🌎 US
→ https://kube.careers/t/65616251-5ba0-42af-af39-fb64a1c2d20d
DevSecOps Engineer with Glean
💰 $185K to $280K a year
🏠🏃🏻♂️🌎 Palo Alto, CA, USA
→ https://kube.careers/t/384dd05a-a906-4db7-933a-51b15110f87f
👉 Browse all 1097 Kubernetes jobs on Kube Careers https://kube.careers
DevSecOps Engineer with OpenAI
💰 $243K to $306K a year
🏠🏃🏻♂️🌎 Washington, DC, USA
→ https://kube.careers/t/edb60c03-c2c2-44ce-9e14-5783bb959a7e
Security Architect with Adobe Inc.
💰 $191.7K to $345.7K a year
🏠 From the office in Seattle, WA / San Francisco / San Jose, CA, USA
→ https://kube.careers/t/b6de3faf-adb8-462a-9dd9-260446149b27
Security Architect with Dexterity
💰 $200K to $300K a year
🏠 From the office in Redwood, CA, USA
→ https://kube.careers/t/b9a90583-a0e8-4f13-b776-839c8b1d6275
DevSecOps Engineer with Plaid
💰 $186.84K to $279.72K a year
🏠🏃🏻♂️🌎 US
→ https://kube.careers/t/65616251-5ba0-42af-af39-fb64a1c2d20d
DevSecOps Engineer with Glean
💰 $185K to $280K a year
🏠🏃🏻♂️🌎 Palo Alto, CA, USA
→ https://kube.careers/t/384dd05a-a906-4db7-933a-51b15110f87f
👉 Browse all 1097 Kubernetes jobs on Kube Careers https://kube.careers
OIDC-Guard is an API server which is used along with Ingress Controllers that support External Authentication and enables per Ingress customizable JWT validation with Cookie support for Web Applications.
More: https://github.com/IvanJosipovic/OIDC-Guard
More: https://github.com/IvanJosipovic/OIDC-Guard
Forwarded from Kube Architect
Sealed Secrets Web is a tool that provides a web interface for managing and encrypting sensitive data in Kubernetes using the Sealed Secrets service by Bitnami.
More: https://github.com/bakito/sealed-secrets-web
More: https://github.com/bakito/sealed-secrets-web
Ratify is a verification engine as a binary executable on Kubernetes that enables verification of artifact security metadata and admits for deployment only those that comply with your policies.
More: https://github.com/ratify-project/ratify
More: https://github.com/ratify-project/ratify
Forwarded from Daniele Polencic
<shameless plug>🚀 This March, we are running a free educational series on building multitenant Kubernetes platforms!
🤔 Over six sessions, we’ll explore the evolution of Kubernetes multitenancy, from comparing soft vs. hard approaches to evaluating namespace, virtual, and dedicated cluster strategies. I’ll also discuss emerging trends, the right tooling (think vCluster, Capsule, Kamaji, kcp, k3k, and more), and the trade-offs shaping the multitenancy market.
📅 I’m kicking off with “The State of Multi-Tenancy in Kubernetes” on Feb 27. Then, join Salman Iqbal (the legend) on March 13 for a session on standardizing development environments in large-scale clusters, and catch Chris Nesbitt-Smith on March 27 as we discuss balancing isolation and complexity.
If this sounds interesting, you can sign up here: https://ku.bz/multitenancy25
In this article, you'll learn how to simplify Kubernetes authentication using OpenID Connect (OIDC) and grant users or groups the correct permissions in your cluster, making it easier to manage access and maintain security.
More: https://kty.dev/blog/2024-09-19-auth-isnt-hard
More: https://kty.dev/blog/2024-09-19-auth-isnt-hard
In this article, you'll learn how the Miro team automates Kubernetes workflows with Kyverno's mutating webhooks and Dynamic Admission controllers.
More: https://medium.com/@rodrigofk/automating-kubernetes-workflows-with-kyvernos-mutating-webhooks-ae3f0a81d4d7
More: https://medium.com/@rodrigofk/automating-kubernetes-workflows-with-kyvernos-mutating-webhooks-ae3f0a81d4d7
Forwarded from LearnKube news
This week on Learn Kubernetes Weekly 118:
🐞 An empirical study on Kubernetes operator bugs
💰 Scaling artificial intelligence on a budget: running a neural network on 100 million images for just $100
🙉 Kubernetes CRD generation pitfalls
🤖 Automating Kubernetes workflows with Kyverno's mutating webhooks
Read it now: https://learnk8s.io/issues/118
⭐️ This newsletter is brought to you by Cast AI - cut your cloud costs and boost efficiency with Cast AI's real-time Kubernetes automation and optimization platform https://ku.bz/fTBv_KWn3
🐞 An empirical study on Kubernetes operator bugs
💰 Scaling artificial intelligence on a budget: running a neural network on 100 million images for just $100
🙉 Kubernetes CRD generation pitfalls
🤖 Automating Kubernetes workflows with Kyverno's mutating webhooks
Read it now: https://learnk8s.io/issues/118
⭐️ This newsletter is brought to you by Cast AI - cut your cloud costs and boost efficiency with Cast AI's real-time Kubernetes automation and optimization platform https://ku.bz/fTBv_KWn3
KubeLinter analyzes Kubernetes YAML files and Helm charts and checks them against various best practices, focusing on production readiness and security.
More: https://github.com/stackrox/kube-linter
More: https://github.com/stackrox/kube-linter
Forwarded from Kube Careers
This week's 6 best Kubernetes vacancies that focus on security are:
DevSecOps Engineer with OpenAI
💰 $243K to $306K a year
🏠🏃🏻♂️🌎 Washington, DC, USA
→ https://kube.careers/t/edb60c03-c2c2-44ce-9e14-5783bb959a7e
Security Architect with Adobe Inc.
💰 $191.7K to $345.7K a year
🏠 From the office in Seattle, WA / San Francisco / San Jose, CA, USA
→ https://kube.careers/t/b6de3faf-adb8-462a-9dd9-260446149b27
Security Architect with Dexterity
💰 $200K to $300K a year
🏠 From the office in Redwood, CA, USA
→ https://kube.careers/t/b9a90583-a0e8-4f13-b776-839c8b1d6275
DevSecOps Engineer with Plaid
💰 $186.84K to $279.72K a year
🏠🏃🏻♂️🌎 US
→ https://kube.careers/t/65616251-5ba0-42af-af39-fb64a1c2d20d
DevSecOps Engineer with Glean
💰 $185K to $280K a year
🏠🏃🏻♂️🌎 Palo Alto, CA, USA
→ https://kube.careers/t/384dd05a-a906-4db7-933a-51b15110f87f
👉 Browse all 991 Kubernetes jobs on Kube Careers https://kube.careers
DevSecOps Engineer with OpenAI
💰 $243K to $306K a year
🏠🏃🏻♂️🌎 Washington, DC, USA
→ https://kube.careers/t/edb60c03-c2c2-44ce-9e14-5783bb959a7e
Security Architect with Adobe Inc.
💰 $191.7K to $345.7K a year
🏠 From the office in Seattle, WA / San Francisco / San Jose, CA, USA
→ https://kube.careers/t/b6de3faf-adb8-462a-9dd9-260446149b27
Security Architect with Dexterity
💰 $200K to $300K a year
🏠 From the office in Redwood, CA, USA
→ https://kube.careers/t/b9a90583-a0e8-4f13-b776-839c8b1d6275
DevSecOps Engineer with Plaid
💰 $186.84K to $279.72K a year
🏠🏃🏻♂️🌎 US
→ https://kube.careers/t/65616251-5ba0-42af-af39-fb64a1c2d20d
DevSecOps Engineer with Glean
💰 $185K to $280K a year
🏠🏃🏻♂️🌎 Palo Alto, CA, USA
→ https://kube.careers/t/384dd05a-a906-4db7-933a-51b15110f87f
👉 Browse all 991 Kubernetes jobs on Kube Careers https://kube.careers
Forwarded from LearnKube news
Master Kubernetes with Learnk8s' Advanced Kubernetes workshop!
What should you expect?
- Learn how to architect and design clusters from the ground up (in the cloud or on-prem).
- Explore the Kubernetes internal component and how the system is designed with resiliency in mind.
- Deep-dive into the networking components and observe the packets flowing into the cluster.
- Hands-on labs to test the theory with real-world scenarios!
- And more.
The next online courses start next month: https://ku.bz/DX6TPV4P_
We also run in-person courses and corporate training: https://learnk8s.io/corporate-training
What should you expect?
- Learn how to architect and design clusters from the ground up (in the cloud or on-prem).
- Explore the Kubernetes internal component and how the system is designed with resiliency in mind.
- Deep-dive into the networking components and observe the packets flowing into the cluster.
- Hands-on labs to test the theory with real-world scenarios!
- And more.
The next online courses start next month: https://ku.bz/DX6TPV4P_
We also run in-person courses and corporate training: https://learnk8s.io/corporate-training
Kubeconform is a Kubernetes manifests validation tool.
Similar to Kubeval, but with the following improvements:
1. High performance.
2. Remote or local schema locations
3. Up-to-date schemas for all recent versions of Kubernetes.
More: https://github.com/yannh/kubeconform
Similar to Kubeval, but with the following improvements:
1. High performance.
2. Remote or local schema locations
3. Up-to-date schemas for all recent versions of Kubernetes.
More: https://github.com/yannh/kubeconform
Damn Vulnerable Kubernetes Application (DVKA) is a tool that provides a series of vulnerable applications on Kubernetes for practice and learning purposes.
More: https://github.com/alevsk/dvka
More: https://github.com/alevsk/dvka
Forwarded from Kube Careers
📊 The State of the Kubernetes Job Market 2024 report from Kube Careers is now available!
Based on 25,121 job listings with 4,850 filtered denoscriptions, here are key takeaways:
💰 The average worldwide Kubernetes salary for 2024 was $158,822, with North America leading in job offers at 62%.
🏠 65% of jobs offer some form of remote work. Hybrid arrangements have increased significantly, from 20% in 2023 to 30.58% in 2024.
🛠️ In CI/CD, Jenkins (35%) and GitLab (28%) are the most mentioned specific tools, with GitHub Actions (11%) gaining ground.
For a deeper dive into salaries, skills, and trends shaping the Kubernetes job market, check out the full report: https://ku.bz/626CBl6b8
Based on 25,121 job listings with 4,850 filtered denoscriptions, here are key takeaways:
💰 The average worldwide Kubernetes salary for 2024 was $158,822, with North America leading in job offers at 62%.
🏠 65% of jobs offer some form of remote work. Hybrid arrangements have increased significantly, from 20% in 2023 to 30.58% in 2024.
🛠️ In CI/CD, Jenkins (35%) and GitLab (28%) are the most mentioned specific tools, with GitHub Actions (11%) gaining ground.
For a deeper dive into salaries, skills, and trends shaping the Kubernetes job market, check out the full report: https://ku.bz/626CBl6b8
imagewebhookscaner scans images for vulnerabilities before allowing them to be deployed on a Kubernetes cluster.
More: https://github.com/Hubert2718/ImageWebhookScaner
More: https://github.com/Hubert2718/ImageWebhookScaner
Forwarded from KubeFM
Media is too big
VIEW IN TELEGRAM
Calin discusses how a unified Helm chart approach can help platform teams support multiple development teams efficiently while maintaining consistent standards across services.
You will learn:
- Why inconsistent Helm chart configurations across teams create maintenance challenges and slow down deployments
- How to implement a unified Helm chart that balances standardization with flexibility through override functions
- How to maintain quality through automated documentation and testing with tools like Helm Docs and Helm unittest
Watch (or listen to) it here: https://ku.bz/mcPtH5395
🌟 This episode is brought to you by Learnk8s — Become an expert in Kubernetes! Join the next Advanced Kubernetes workshop: https://learnk8s.io/training
With @Birthmarkb "Bella Ciao" Farrell
You will learn:
- Why inconsistent Helm chart configurations across teams create maintenance challenges and slow down deployments
- How to implement a unified Helm chart that balances standardization with flexibility through override functions
- How to maintain quality through automated documentation and testing with tools like Helm Docs and Helm unittest
Watch (or listen to) it here: https://ku.bz/mcPtH5395
🌟 This episode is brought to you by Learnk8s — Become an expert in Kubernetes! Join the next Advanced Kubernetes workshop: https://learnk8s.io/training
With @Birthmarkb "Bella Ciao" Farrell
kubectl-view-secret is a tool that allows for easy decoding and viewing of Kubernetes secrets, providing a convenient alternative to manual decoding with base64.
More: https://github.com/elsesiy/kubectl-view-secret
More: https://github.com/elsesiy/kubectl-view-secret
Forwarded from LearnKube news
This week on Learn Kubernetes Weekly 119:
🌪️ From chaos to harmony: a deep dive into centralizing kubernetes controller upgrades
🆙 Major update on the ingress controller
📦 OCI introduction: the full journey from code to container in a Kubernetes environment
🚦 Achieving high availability for Kubernetes control plane using dynamic DNS
🤗 Embracing cgroup v2: best practices for migrating Kubernetes clusters to AlmaLinux
Read it now: https://learnk8s.io/issues/119
⭐️ This newsletter is brought to you by Loft Labs to announce the launch of Multitenancy March https://ku.bz/yk4mJkv34
🌪️ From chaos to harmony: a deep dive into centralizing kubernetes controller upgrades
🆙 Major update on the ingress controller
📦 OCI introduction: the full journey from code to container in a Kubernetes environment
🚦 Achieving high availability for Kubernetes control plane using dynamic DNS
🤗 Embracing cgroup v2: best practices for migrating Kubernetes clusters to AlmaLinux
Read it now: https://learnk8s.io/issues/119
⭐️ This newsletter is brought to you by Loft Labs to announce the launch of Multitenancy March https://ku.bz/yk4mJkv34
This article covers pentesting techniques, including enumeration and exploitation methods, to help you secure your Docker registries and restrict Docker daemon access.
By following these tips, you can improve your Docker security and prevent attacks
More: https://0xm154n7hr0p3.medium.com/pentesting-docker-101-0432dcf5b63d
By following these tips, you can improve your Docker security and prevent attacks
More: https://0xm154n7hr0p3.medium.com/pentesting-docker-101-0432dcf5b63d
This tutorial will teach you how to restrict traffic between pods and secure your application with network policies.
You'll learn how to set up a cluster with Cilium and kubeadm and implement network policies to control access to your application.
More: https://medium.com/@ashhadali2019/network-policies-hands-on-securing-traffic-in-kubernetes-61353829af03
You'll learn how to set up a cluster with Cilium and kubeadm and implement network policies to control access to your application.
More: https://medium.com/@ashhadali2019/network-policies-hands-on-securing-traffic-in-kubernetes-61353829af03
Forwarded from LearnKube news
Why can't you ping a Kubernetes service?
Learnk8s runs a 4-day Advanced Kubernetes course on Mar 20, and you will get to the bottom of questions like this (spoiler: services only exist in etcd).
You will also learn the nitty-gritty details of Kubernetes networking:
- How to plan and design a cluster network.
- How do the four Kubernetes services extend each other, and what do you gain from each?
- How CoreDNS, Ingress, and kube-proxy consume the Kubernetes currency: endpoints.
This (and much more) is covered on the third day of the course.
You can find the full agenda, a breakdown of the modules and how to sign up here: https://ku.bz/DX6TPV4P_
Are you training your team?
Customize the workshop in full with corporate training https://learnk8s.io/corporate-training
Learnk8s runs a 4-day Advanced Kubernetes course on Mar 20, and you will get to the bottom of questions like this (spoiler: services only exist in etcd).
You will also learn the nitty-gritty details of Kubernetes networking:
- How to plan and design a cluster network.
- How do the four Kubernetes services extend each other, and what do you gain from each?
- How CoreDNS, Ingress, and kube-proxy consume the Kubernetes currency: endpoints.
This (and much more) is covered on the third day of the course.
You can find the full agenda, a breakdown of the modules and how to sign up here: https://ku.bz/DX6TPV4P_
Are you training your team?
Customize the workshop in full with corporate training https://learnk8s.io/corporate-training