Perfect presentation about zero-trust
https://www.youtube.com/watch?v=0fkFj5XVnpY
https://www.youtube.com/watch?v=0fkFj5XVnpY
YouTube
AWS re:Invent 2023 - Zero Trust access with zero waiting, zero pain, and zero compromises (SEC329)
Dynamic and contextual access is the foundation for building a Zero Trust architecture, but it takes work to get it right. It is challenging to create and manage access policies and controls that meet security and compliance requirements, and gathering evidence…
👍2
This post provides a comprehensive overview of Cloudflare's logging pipeline, detailing the various components and processes involved in managing, improving, and maintaining the internal logging systems. It covers the journey of logs from their inception to their storage, explaining the role of different technologies and methods used in this process. The article highlights Cloudflare's focus on scalability, high availability, and meeting service level objectives while handling immense volumes of log data.
https://blog.cloudflare.com/an-overview-of-cloudflares-logging-pipeline/
https://blog.cloudflare.com/an-overview-of-cloudflares-logging-pipeline/
The Cloudflare Blog
An overview of Cloudflare's logging pipeline
In this post, we’re going to go over what that looks like, how we achieve high availability, and how we meet our Service Level Objectives (SLOs) while shipping close to a million log lines per second.
👍4
Good article about k8s and Zero-Downtime applications
https://www.qovery.com/blog/how-to-achieve-zero-downtime-application-with-kubernetes
https://www.qovery.com/blog/how-to-achieve-zero-downtime-application-with-kubernetes
Qovery
How to Achieve Zero-Downtime Application with Kubernetes
In this article, I’ll explain why and how you can achieve a zero-downtime application with Kubernetes and what Qovery handles for you if you use it.
👍5
Diagram as code
https://diagrams.mingrammer.com/docs/getting-started/examples
from diagrams import Cluster, Diagram
from diagrams.aws.compute import ECS, EKS, Lambda
from diagrams.aws.database import Redshift
from diagrams.aws.integration import SQS
from diagrams.aws.storage import S3
with Diagram("Event Processing", show=False):
source = EKS("k8s source")
with Cluster("Event Flows"):
with Cluster("Event Workers"):
workers = [ECS("worker1"),
ECS("worker2"),
ECS("worker3")]
queue = SQS("event queue")
with Cluster("Processing"):
handlers = [Lambda("proc1"),
Lambda("proc2"),
Lambda("proc3")]
store = S3("events store")
dw = Redshift("analytics")
source >> workers >> queue >> handlers
handlers >> store
handlers >> dw
https://diagrams.mingrammer.com/docs/getting-started/examples
AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.
https://github.com/ScaleSec/terraform_aws_scp
https://github.com/ScaleSec/terraform_aws_scp
GitHub
GitHub - ScaleSec/terraform_aws_scp: AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.
AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform. - ScaleSec/terraform_aws_scp
👍4
The article discusses how they optimized costs for their Kubernetes-based ClickHouse clusters on AWS EKS. They achieved significant savings by analyzing and improving their EKS node utilization. The primary issue was the underutilization of EC2 instances. By changing the Kubernetes scheduler's scoring policy from 'LeastAllocated' to 'MostAllocated', they effectively increased cluster utilization and reduced the number of necessary EC2 nodes. This approach also involved setting up a custom scheduler and strategically handling system utility workloads. The result was a considerable reduction in infrastructure costs, without compromising performance or reliability for customers.
https://clickhouse.com/blog/packing-kubernetes-pods-more-efficiently-saving-money
https://clickhouse.com/blog/packing-kubernetes-pods-more-efficiently-saving-money
ClickHouse
Saving Millions of Dollars by Bin-Packing ClickHouse Pods in AWS EKS
Read about how changing the pod scheduling in our Kubernetes clusters, powering ClickHouse Cloud, saved millions of dollars.
👍5
Interesting article about CICD observability by Grafan
https://grafana.com/blog/2023/11/20/ci-cd-observability-via-opentelemetry-at-grafana-labs/
https://grafana.com/blog/2023/11/20/ci-cd-observability-via-opentelemetry-at-grafana-labs/
Grafana Labs
What is CI/CD observability?
Learn why observability is critical to CI/CD and how we're addressing it internally at Grafana Labs, and get a sneak peek at our vision for something that could democratize CI/CD insights for Grafana users and beyond.
👍4
Kubevious CLI - Prevent Kubernetes disasters at the early stages
https://github.com/kubevious/cli
https://github.com/kubevious/cli
GitHub
GitHub - kubevious/cli: Kubevious CLI - Prevent Kubernetes disasters at the early stages
Kubevious CLI - Prevent Kubernetes disasters at the early stages - kubevious/cli
👍3🔥2
Now you can store container images on separate volume for k8s
https://kubernetes.io/blog/2024/01/23/kubernetes-separate-image-filesystem/
https://kubernetes.io/blog/2024/01/23/kubernetes-separate-image-filesystem/
Kubernetes
Image Filesystem: Configuring Kubernetes to store containers on a separate filesystem
A common issue in running/operating Kubernetes clusters is running out of disk space. When the node is provisioned, you should aim to have a good amount of storage space for your container images and running containers. The container runtime usually writes…
👍5👌1
Kubernetes powered PaaS that runs in your own cloud.
https://github.com/porter-dev/porter
https://github.com/porter-dev/porter
👍4