If you want to make life easier when you work with secrets you can use sops #sops #security https://github.com/mozilla/sops
GitHub
GitHub - getsops/sops: Simple and flexible tool for managing secrets
Simple and flexible tool for managing secrets. Contribute to getsops/sops development by creating an account on GitHub.
👍2
First part about SRE from a Principal Software Engineer in SRE at Microsoft Azure. Lessons that were learned. #sre https://www.usenix.org/publications/loginonline/lessons-learned-10-years-sre-part-1-starting-sre
Interesting point of view about disabling SELinux #security #selinux https://www.ctrl.blog/entry/selinux-unmanageable.html
Ctrl.blog
SELinux is unmanageable; just turn it off if it gets in your way
I’ve been an SELinux complexity apologist for years. Lately, I’ve concluded that every implementation with difficult-to-configure policies is just unmanageable.
💩1
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. There are best practices #argocd #kubernetes https://datree.io/resources/argocd-best-practices-you-should-know
www.datree.io
ArgoCD Best Practices You Should Know | Datree.io
In this article, we’ll explore some of the best practices of Argo that I've found and learn how we can validate our custom resources against these best practices.
Good and simple explanation what Istion and service mesh are. #istio #kubernetes https://www.youtube.com/watch?v=16fgzklcF7Y
You shouldn't use the default namespace in your kubernetes cluster #kubernetes #security https://www.portainer.io/blog/why-restricting-access-to-the-default-namespace-is-key-to-running-a-secure-kubernetes-environment
www.portainer.io
Why restricting access to the default namespace is key to running a secure Kubernetes environment
Restricting access to the default namespace and using namespaces to manage resources is key to establishing an efficient Kubernetes environment.
Interesting point of view why you shouldn't use CloudFormation in AWS #cloudformation #aws https://medium.com/@gswallow/do-not-use-aws-cloudformation-7cf61f58bd5f
Medium
Do not use AWS CloudFormation
Several years ago I actually cared about the differences between AWS CloudFormation and Terraform. Namely, that Terraform did not provide…
Comparison Stateful vs Stateless side by side #stateful #stateless https://www.interviewbit.com/blog/stateful-vs-stateless/
InterviewBit
Stateful vs Stateless: Full Difference
Table Of Contents show Introduction What is Stateful? Advantages of Stateful Disadvantages of Stateful What is Stateless? Advantages of Stateless Disadvantages of Stateless Key Differences Stateful vs…
My first attempt to write an article for newbies. But it was written in Russian for now https://telegra.ph/Nachalo-DevOps-05-03
Telegraph
Начало. DevOps.
Последнее время я часто наблюдаю людей, которые хотели бы начать работать в новом популярном направление "Devops". Я не буду вдаваться в подробности этого термина и о корректности и не корректности его применения в той или иной ситуации. Профессию я же буду…
Article about establishing a set of core principles (Response, Observability, Availability and Delivery) #sre #road https://medium.com/@bruce_25864/the-road-to-sre-ad4c73df78b8
Medium
The ROAD to SRE
There are many ways to introduce Site Reliability Engineering practices to your organisation, but it can be confusing where you should…
#aws #security https://aws.amazon.com/blogs/security/how-to-control-access-to-aws-resources-based-on-aws-account-ou-or-organization/
Amazon
How to control access to AWS resources based on AWS account, OU, or organization | Amazon Web Services
AWS Identity and Access Management (IAM) recently launched new condition keys to make it simpler to control access to your resources along your Amazon Web Services (AWS) organizational boundaries. AWS recommends that you set up multiple accounts as your workloads…
If you want to scale your github runners and they are run in AWS cloud you can use this terraform module #aws #githubactions #terraform https://github.com/philips-labs/terraform-aws-github-runner
GitHub
GitHub - philips-labs/terraform-aws-github-runner: Terraform module for scalable GitHub action runners on AWS (MOVED)
Terraform module for scalable GitHub action runners on AWS (MOVED) - philips-labs/terraform-aws-github-runner
#kubernetes #elk https://medium.com/elmo-software/kubernetes-audit-logging-with-the-elastic-stack-843b3f70683f
Medium
Kubernetes — Audit logging with the elastic stack
In the previous article, I discussed how to authenticate to your Kubernetes cluster using keycloak. You might be thinking… Wow, we now…
Good view on planning backups and disaster recovery #backup #dr https://medium.com/@elliotgraebert/designing-a-backup-and-disaster-recovery-plan-3fb045a47c62
Medium
Designing a Backup and Disaster Recovery Plan
A deep-dive into backup a disaster recovery planning, as a followup post to: The Many Facets of Infrastructure
👍3
Monitoring is an important part of SRE work. This article shows three metrics from which you can start to monitor your k8s cluster #kubernetes #monitoring https://medium.com/@erezrabih/6-metrics-to-watch-for-on-your-k8s-cluster-76d58f08397f
Medium
6 Metrics to Watch for on Your K8s Cluster
Kubernetes. Nowadays it seems companies in the industry are divided into two pools: those that already use it heavily for their production…
👍4