Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

https://github.com/kubescape/kubescape

Shell-operator is a tool for running event-driven noscripts in a Kubernetes cluster

https://github.com/flant/shell-operator

Integrating Istio with OPA in Kubernetes environments offers developers a robust framework for managing authentication and authorization challenges. This blogpost explores how these technologies enable self-service tools and streamline policy enforcement, empowering teams to secure their microservices effectively.

https://aws.plainenglish.io/authentication-and-authorization-with-istio-and-opa-on-kubernetes-d4452508897c

Cilium Service Mesh, powered by eBPF, offers a lightweight and efficient solution for managing secure and observable communication between Kubernetes microservices. This article demonstrates how to deploy Cilium Service Mesh on Amazon EKS, highlighting its architecture, traffic management capabilities, and observability features through tools like Hubble.

https://aws.amazon.com/blogs/opensource/getting-started-with-cilium-service-mesh-on-amazon-eks/

Process Compose is a simple and flexible scheduler and orchestrator to manage non-containerized applications.

https://github.com/F1bonacc1/process-compose

Start your containers on demand, shut them down automatically when there's no activity. Docker, Docker Swarm Mode and Kubernetes compatible.

https://github.com/sablierapp/sablier

Navigating the complexities of technical leadership in a startup requires balancing product vision, team dynamics, and rapid scaling challenges. This blogpost outlines the phases of growth for a VC-backed startup, highlighting the evolving role of the CTO and the common pitfalls that arise as teams expand and responsibilities multiply.

https://marcgg.com/blog/2024/07/17/startup-technical-leadership/

Slack can be a powerful tool for collaboration, but its effectiveness depends on creating space for flexibility and thoughtful communication practices. This article delves into the concept of "slack" in software development, emphasizing the importance of wiggle room in schedules and dependencies to avoid self-inflicted errors and ensure smoother project execution.

https://tidyfirst.substack.com/p/responsible-slack

CAAPH uses Helm charts to manage the installation and lifecycle of Cluster API add-ons.

https://github.com/kubernetes-sigs/cluster-api-addon-provider-helm

Flow collector, enricher and visualizer

https://github.com/akvorado/akvorado

Building and managing an executive team is a critical skill for any leader aiming to drive organizational success. This post likely explores strategies for structuring, aligning, and optimizing the performance of an exec team to achieve company-wide goals effectively.

https://www.harryglaser.com/how-to-build-and-run-your-exec-team

Deploying OpenAI Whisper for streaming audio trannoscription on Amazon EKS with Ray Serve combines cutting-edge ASR capabilities with scalable infrastructure. This blogpost outlines the architecture, tools, and processes needed to create a distributed ML inference solution that supports dynamic workloads and autoscaling with Kubernetes.

https://aws.amazon.com/blogs/containers/host-the-whisper-model-with-streaming-mode-on-amazon-eks-and-ray-serve/

Reduce the boot time of containers with large images by caching the images in the data volume of Bottlerocket OS.

https://github.com/aws-samples/bottlerocket-images-cache

Self-Host Cloud-Native Apps with the Ease of PaaS

https://github.com/polyseam/cndi

Securing multi-cluster ArgoCD setups requires innovative approaches to authentication and token management to avoid long-lived credentials. This post explores how OpenUnison, kube-oidc-proxy, and ArgoCD's credential plugins can be combined to create a centralized, secure GitOps platform that spans multiple Kubernetes clusters.

https://www.tremolo.io/post/securing-multi-cluster-argocd

Managing stateful workloads in Kubernetes often comes with challenges, particularly when scaling storage dynamically. This article introduces the PvcAutoscaler, a custom solution developed by City Storage Systems to enable volume expansion, shrinking, and modification for StatefulSets, improving cost efficiency and operational flexibility.

https://techblog.cloudkitchens.com/p/swapping-disks-in-kubernetes

Kubernetes Reboot Daemon

https://github.com/kubereboot/kured

Fast, scalable and reliable logging using Fluent Bit and ClickHouse

https://github.com/kobsio/klogs

Optimizing Kubernetes cluster networking is essential for modern applications requiring scalability, low latency, and efficient resource utilization. This blog explores how LoxiLB leverages eBPF technology to enhance load balancing, observability, and security while overcoming the limitations of traditional proxy-based solutions like kube-proxy.

https://www.loxilb.io/post/loxilb-cluster-networking-elevating-k8s-networking-capabilities

Enhancing workload isolation and security in Kubernetes environments is critical for protecting sensitive operations and preventing container breakouts. This blogpost explores how Kata Containers combine the efficiency of containers with the robust security of virtual machines, enabling secure deployments on Amazon EKS with minimal configuration changes.

https://aws.amazon.com/blogs/containers/enhancing-kubernetes-workload-isolation-and-security-using-kata-containers/

A free and self-hosted PaaS alternative to Heroku / Netlify / Coolify / Vercel / Dokku / Portainer running on Kubernetes

https://github.com/kubero-dev/kubero