Interesting feature was introduced in the 1.27 kubernetes release - log of the host system can be retrieved by kubectl command
https://kubernetes.io/blog/2023/04/21/node-log-query-alpha/

Good article about Github Action Pitfalls https://ashishb.net/tech/common-pitfalls-of-github-actions/

Kubernetes events help you understand how Kubernetes resource decisions are made and they can be helpful for debugging. Learn more about k8s events in this in-depth guide. https://www.containiq.com/post/kubernetes-events

25 Golden Rules that will help you in System Design Interviews

Very helpful video that explains how network namespaces works in linux kernel https://www.youtube.com/watch?v=j_UUnlVC2Ss

Envio is a command-line tool that simplifies the management of environment variables across multiple profiles. It allows users to easily switch between different configurations and apply them to their current environment

https://github.com/humblepenguinn/envio

Good start point for starting to work with loki and promtail https://akyriako.medium.com/kubernetes-logging-with-grafana-loki-promtail-in-under-10-minutes-d2847d526f9e

A case of migration from OpenShift to k8s https://blog.palark.com/migrating-from-openshift-to-vanilla-kubernetes/

This will help you to check a default alerts when you just init a monitoring from groud https://awesome-prometheus-alerts.grep.to/rules.html

Spin up ready-to-code, disposable dev environments on your own servers. Self-hosted alternative to Gitpod and Github Codespaces.

https://github.com/hocus-dev/hocus

A new alternative to DockerDesktop was released by RedHat https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#local_kubernetes_with_kind

A web-based UI for deploying and managing applications in Kubernetes clusters

https://github.com/vmware-tanzu/kubeapps

In this blog post, Ahmet Alp Balkan explains the peculiar and undocumented behavior of file changes in Kubernetes Secret and ConfigMap volumes when using the inotify(7) syscall. He highlights that typical file watch events like IN_MODIFY or IN_CLOSE_WRITE don't occur for files in these volumes. Instead, only the IN_DELETE_SELF event is received, requiring code to handle re-establishing the monitor each time a file is updated.

Balkan discusses the resilient file reloads from disk and the AtomicWriter algorithm used by kubelet for atomic and consistent updates to Secret/ConfigMap volumes. He explains the file structure in a mounted Secret/ConfigMap volume and the reason behind receiving only the IN_DELETE_SELF event.

To handle this behavior, Balkan suggests mounting ConfigMaps/Secrets as directories, starting inotify watches on individual files, avoiding the use of IN_DONT_FOLLOW option, handling inotify deletion events, re-establishing inotify watches when receiving deletion events, and testing the file reloading logic on Kubernetes. He also mentions opening an issue to document this behavior in the official Kubernetes documentation.

https://ahmet.im/blog/kubernetes-inotify/index.html

Exec into node via kubectl

https://github.com/kvaps/kubectl-node-shell

Interesting article about experience with linkerd https://tech.loveholidays.com/linkerd-at-loveholidays-our-journey-to-a-production-service-mesh-9a6cd478d395

An extremely fast Python linter, written in Rust.
https://github.com/charliermarsh/ruff

Kubernetes v1.25 has introduced the Container Checkpointing API as an alpha feature, allowing users to backup and restore containers without stopping them. This feature is primarily aimed at forensic analysis but can also be used for general backup and restore purposes. To set up the feature, a Kubernetes cluster (v1.25+) and container runtime supporting container checkpointing are required. Currently, only CRI-O supports checkpointing, with containerd support expected soon.

The checkpointing API is exposed on the kubelet of each cluster node. To create a checkpoint, you need to have a running Pod and make a request to the kubelet directly. Once the checkpoint has been created, you can analyze the contents of the archive or restore the container from the archive by creating an image from the checkpoint and deploying a new Pod using that image.

While the feature is usable, it lacks some essential functionality, such as native restore capabilities and support from all major container runtimes. Users are advised to be aware of its limitations before enabling it in production or development environments.

https://martinheinz.dev/blog/85