Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist
https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist
GitHub
GitHub - walidshaari/Certified-Kubernetes-Security-Specialist: Curated resources help you prepare for the CNCF/Linux Foundation…
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by ra...
🎉8❤2👍2
The article provides detailed explanations and examples of how to avoid these misconfigurations.
https://www.armosec.io/blog/kubernetes-misconfigurations/
https://www.armosec.io/blog/kubernetes-misconfigurations/
ARMO
Kubernetes Misconfigurations and Prevention
Kubernetes misconfigurations can create security risks and other issues. This article covers common types, their impact, and how ARMO can help prevent them. Read all about it!
Copilot moved forward for other type of work than programming
https://blogs.microsoft.com/on-the-issues/2023/09/07/copilot-copyright-commitment-ai-legal-concerns/
https://blogs.microsoft.com/on-the-issues/2023/09/07/copilot-copyright-commitment-ai-legal-concerns/
Microsoft On the Issues
Microsoft announces new Copilot Copyright Commitment for customers
With customers ask whether they can use Microsoft’s Copilot services without worrying about copyright claims, we are providing a straightforward answer: yes, you can, and if you are challenged on copyright grounds, we will assume responsibility for the potential…
Terravision visualises Terraform code as live Professional Cloud Architecture Diagrams by analysing the code dynamically. Supports AWS, Google and Azure.
https://github.com/patrickchugh/terravision
https://github.com/patrickchugh/terravision
GitHub
GitHub - patrickchugh/terravision: Terravision creates Professional Cloud Architecture Diagrams from your Terraform code automatically.…
Terravision creates Professional Cloud Architecture Diagrams from your Terraform code automatically. Supports AWS, Google and Azure. - patrickchugh/terravision
❤2
Have you ever thought that Cloudflare Tunnels isn't a secure?
https://www.youtube.com/watch?v=oqy3krzmSMA
https://www.youtube.com/watch?v=oqy3krzmSMA
YouTube
You should NOT use Cloudflare Tunnel (if you do this...)
Are you interested in Remote Access for your Homelab? In this YouTube video, I will explain the potential implications and problems with Cloudflare Tunnel, and when you should NOT use it. I’ll also discuss the architecture of the service, the security and…
The post provides a brief history of Inter-Process Communication (IPC) at Netflix. It explains how Netflix was early to the cloud and had to build their own solutions since there were no existing ones available
https://netflixtechblog.com/zero-configuration-service-mesh-with-on-demand-cluster-discovery-ac6483b52a51
https://netflixtechblog.com/zero-configuration-service-mesh-with-on-demand-cluster-discovery-ac6483b52a51
Medium
Zero Configuration Service Mesh with On-Demand Cluster Discovery
Netflix’s service mesh adoption: history, motivations, and how we worked with the Envoy community on a feature to streamline mesh adoption
OpenAPI is a language-agnostic specification for defining RESTful APIs.
With the advent of Kubernetes 1.27, OpenAPI v3.0 has been made generally available, further enhancing the API functionality of Kubernetes1. This integration provides improved documentation, clear validation rules, and enhanced extensibility1.
https://medium.com/cloud-native-daily/kubernetes-1-27-goes-galactic-with-openapi3-6ea228785c50
With the advent of Kubernetes 1.27, OpenAPI v3.0 has been made generally available, further enhancing the API functionality of Kubernetes1. This integration provides improved documentation, clear validation rules, and enhanced extensibility1.
https://medium.com/cloud-native-daily/kubernetes-1-27-goes-galactic-with-openapi3-6ea228785c50
Medium
Kubernetes 1.27 Goes Galactic with OpenAPI3
Explore the power of Kubernetes 1.27 API with OpenAPI v3 validation. Learn usage examples and embrace flexible, reliable custom resources.
The post explains how a request flows from a user’s perspective across the network to reach AWS and then Slack’s internal services
https://slack.engineering/traffic-101-packets-mostly-flow/
https://slack.engineering/traffic-101-packets-mostly-flow/
Engineering at Slack
Traffic 101: Packets Mostly Flow - Engineering at Slack
Slack handles billions of inbound network requests per day, all of which traverse through our edge network and ingress load balancing tiers. In this blog post, we’ll talk about how a request flows — from a Slack’s user perspective — across the vast ether…
The post explains how a request flows from a user’s perspective across the network to reach AWS and then Slack’s internal services
https://github.com/siderolabs/talos
https://github.com/siderolabs/talos
GitHub
GitHub - siderolabs/talos: Talos Linux is a modern Linux distribution built for Kubernetes.
Talos Linux is a modern Linux distribution built for Kubernetes. - siderolabs/talos
👍3
The post aims to simplify these complex concepts by relating them to everyday scenarios.
https://dev.to/aws-builders/load-balancer-reverse-proxy-and-api-gateway-analogies-to-real-life-scenarios-54el
https://dev.to/aws-builders/load-balancer-reverse-proxy-and-api-gateway-analogies-to-real-life-scenarios-54el
DEV Community
Load Balancer, Reverse Proxy, and API Gateway: Analogies to Real Life Scenarios
In the fast paced of tech world it's easy to get overwhelmed by the jargon and technicalities....
🔥1
An architecture-aware Kubernetes scheduler plugin
https://github.com/ElementTech/kube-arch-scheduler
https://github.com/ElementTech/kube-arch-scheduler
GitHub
GitHub - ElementTech/kube-arch-scheduler: An architecture-aware Kubernetes scheduler plugin
An architecture-aware Kubernetes scheduler plugin. Contribute to ElementTech/kube-arch-scheduler development by creating an account on GitHub.
The post emphasizes that while Kubernetes is a leading container management system, it’s not exempt from malicious attacks. Therefore, understanding Kubernetes’ environment and the different vulnerabilities one can be exposed to while creating, deploying, or running applications in clusters is crucial.
https://goteleport.com/blog/how-to-hack-kubernetes
https://goteleport.com/blog/how-to-hack-kubernetes
Goteleport
How to Hack Kubernetes (and How to Protect It)
Practical tips for how to hack Kubernetes and how to protect your clusters.
Provides a comprehensive guide on how to recreate the Kubernetes RBAC authorization model from scratch, and practice the relationships between Roles, ClusterRoles, ServiceAccounts, RoleBindings, and ClusterRoleBindings.
https://learnk8s.io/rbac-kubernetes
https://learnk8s.io/rbac-kubernetes
LearnKube
Limiting access to Kubernetes resources with RBAC
Learn how to recreate the Kubernetes RBAC authorization model from scratch and practice the relationships between Roles, ServiceAccounts, RoleBindings, etc.
It describes how to optimize Loki, a log aggregation system, for better performance in Grafana, a data visualization platform.
https://itnext.io/grafana-loki-performance-optimization-with-recording-rules-caching-and-parallel-queries-28b6ebba40c4
https://itnext.io/grafana-loki-performance-optimization-with-recording-rules-caching-and-parallel-queries-28b6ebba40c4
Medium
Grafana Loki: performance optimization with Recording Rules, caching, and parallel queries
Improve the performance and CPU/Memory resources usage by Grafana Loki components with Recording Rules and caching
🔥1
The blog post discusses the complexities of achieving compliance in a dynamic, ephemeral environment such as Kubernetes, and offers insights and guidance on maintaining a secure and compliant cloud environment².
https://www.armosec.io/blog/kubernetes-compliance-challenges
https://www.armosec.io/blog/kubernetes-compliance-challenges
ARMO
Kubernetes Compliance Challenges and Guidance | ARMO
Learn about Kubernetes compliance challenges, consequences of non-compliance, and get guidance on maintaining a secure and compliant cloud environment in a dynamic Kubernetes setup.