Upgrading Kubernetes clusters can be a complex and costly endeavor, especially at scale. This article from Qovery explores the challenges and expenses involved in upgrading hundreds of Kubernetes clusters. Learn about the strategies, tools, and best practices to manage and minimize the costs while ensuring smooth and efficient upgrades.

https://www.qovery.com/blog/the-cost-of-upgrading-hundreds-of-kubernetes-clusters/

Generate documentation from Terraform modules in various output formats

https://github.com/terraform-docs/terraform-docs

Miller is like awk, sed, cut, join, and sort for name-indexed data such as CSV, TSV, and tabular JSON

https://github.com/johnkerl/miller

Advanced secret management is essential for securing sensitive data in Kubernetes environments. This article from Ediri.io explores the integration of Pulumi with the Secrets Store CSI Driver to enhance secret management on Kubernetes. Learn how to securely manage and automate secrets, leveraging Pulumi's infrastructure as code capabilities along with Kubernetes-native tools.


https://blog.ediri.io/advanced-secret-management-on-kubernetes-with-pulumi-secrets-store-csi-driver

Over two decades of Site Reliability Engineering (SRE) practice have provided valuable insights into maintaining reliable and scalable systems. This article from Google delves into the lessons learned from 20 years of SRE, sharing key practices, challenges, and strategies that have shaped the discipline. Discover the principles that continue to drive successful SRE teams and how they can be applied to modern engineering practices.

https://sre.google/resources/practices-and-processes/twenty-years-of-sre-lessons-learned/

Sveltos Kubernetes add-on controller programmatically deploys add-ons and applications in tens of clusters. Support for ClusterAPI powered clusters, Helm charts, kustomize ,YAMLs. Sveltos has built-in support for multi-tenancy.


https://github.com/projectsveltos/addon-controller

KubeBlocks is an open-source control plane software that runs and manages databases, message queues and other stateful applications on K8s.

https://github.com/apecloud/kubeblocks

Handling kernel panics in Kubernetes environments is critical for maintaining system stability. This article from the Netflix Tech Blog explores the challenges and solutions related to kernel panics in Kubernetes clusters. Learn about the techniques and tools Netflix uses to diagnose, mitigate, and prevent kernel panics, ensuring the resilience and reliability of their infrastructure.

https://netflixtechblog.com/kubernetes-and-kernel-panics-ed620b9c6225

Effective data caching is essential for improving application performance and scalability. This article from RevenueCat delves into their approach to data caching, exploring the strategies and technologies used to optimize data retrieval and reduce latency. Learn how RevenueCat enhances user experience and system efficiency through thoughtful caching practices.

https://www.revenuecat.com/blog/engineering/data-caching-revenuecat/

a lightweight kubernetes multi-tenancy gateway

https://github.com/kubewharf/kubezoo

Application lifecycle orchestration

https://github.com/akuity/kargo

Scaling to support over a million users online in a single server is a remarkable achievement, and Discord's engineering team has pushed the boundaries to make it possible. This article from the Discord blog details the challenges, innovations, and technical strategies employed to handle such massive scale, offering insights into the architecture and optimizations that enable seamless communication for millions of users simultaneously.

https://discord.com/blog/maxjourney-pushing-discords-limits-with-a-million-plus-online-users-in-a-single-server

Another acquisition by IBM; now it's Kubecost.
https://newsroom.ibm.com/blog-ibm-acquires-kubecost-to-broaden-hybrid-cloud-cost-management-capabilities

Implementing request-level authentication and authorization is vital for securing microservices in Kubernetes. This article from InfraCloud discusses how to integrate Istio with Keycloak to achieve fine-grained access control. Learn how these tools work together to enhance the security of your Kubernetes environment by managing authentication and authorization at the request level.

https://www.infracloud.io/blogs/request-level-authentication-authorization-istio-keycloak/

Codespaces but open-source, client-only and unopinionated: Works with any IDE and lets you use any cloud, kubernetes or just localhost docker.

https://github.com/loft-sh/devpod

Optimized and Maintenance-free Kubernetes on Hetzner Cloud in one command!

https://github.com/kube-hetzner/terraform-hcloud-kube-hetzner

Optimizing Terraform workflows is essential for efficient infrastructure management. This article by Bejarano.io introduces "Terraform Plan Light," a tool designed to speed up the Terraform plan process by reducing unnecessary overhead. Learn how to integrate this tool into your workflow to improve performance and streamline your Terraform operations.

https://www.bejarano.io/terraform-plan-light

Mastering Terraform modules is key to managing complex Azure infrastructure efficiently. In this final part of the series, IAMACHS delves into advanced techniques for using Terraform modules on Azure. Explore best practices, real-world examples, and tips for organizing and reusing infrastructure code, ensuring scalable and maintainable deployments.

https://www.iamachs.com/p/azure-terraform/part-7-modules-grand-finale/

Canonical Kubernetes is an opinionated and CNCF conformant Kubernetes operated by Snaps and Charms, which come together to bring simplified operations and an enhanced security posture on any infrastructure.

https://github.com/canonical/k8s-snap

eBPF Observability - Distributed Tracing and Profiling

https://github.com/deepflowio/deepflow

Monitoring containerd is essential for ensuring the health and performance of your containerized applications. This article by Povilas Veresciakas provides a comprehensive guide on how to monitor containerd effectively. Learn about the key metrics, tools, and best practices needed to gain insights into your container runtime and maintain reliable operations.

https://povilasv.me/how-to-monitor-containerd/