This is a fork of awesome Kubernetes The Hard Way by Kelsey Hightower and is geared towards using it on AWS.

One of the features of Kubernetes security, is its flexible model. This allows cluster operators to have multiple Authentication or Authorization modes running covering a number of use cases. This does introduce some complexity though both in terms of operation and also in terms of reviewing or auditing rights.

The most common case here is cloud managed Kubernetes where, in addition to the in-built RBAC authorization, you’ll often find that there’s a webhook authorization mode enabled as well to allow for integration with the cloud provider’s IAM system.

Implementing Kubernetes Operators for Streamlined Application Management

Getting started with Kubernetes might seem like a daunting task at first, but getting a basic ephemeral cluster up and running with tools like minikube, kind, or k3d is quite straightforward if you follow their documentation.

In this article we’ll explore how to bootstrap a more permanent, or production grade, Kubernetes cluster using k3s. Other tools like kubeadm, k0s, microk8s, or kubespray (which uses kubeadm under the hood) are also available.

Headlamp is an easy-to-use and extensible Kubernetes web UI.

Headlamp was created to blend the traditional feature set of other web UIs/dashboards (i.e., to list and view resources) with added functionality.

List of container/k8s tools.

This Terraform module deploys a Kubernetes cluster on Azure using AKS (Azure Kubernetes Service) and adds support for monitoring with Log Analytics.

Reviewing the Service Level implementation in 3 observability providers

This seems to be a thing now: someone finds out that you worked as an SRE ("site reliability engineer", something from the big G back in the day) somewhere, and now all you're good for is "devops" - that is, you're going to be the "ops bitch" for the "real" programmers. You are the consumer. They are the producer. They squeeze one out and you have to make it sing and dance. You keep things running and you shut the hell up. You wear the pager so they don't have to.

Time series databases allow you to store and query metrics efficiently. For example, if you want to forecast load on your servers, or identify intermittent faults with your production services, time series databases can help. Besides infrastructure monitoring, time series databases have been invaluable in finance, IoT applications, manufacturing, and more.

Many time series databases, including VictoriaMetrics, are open source. In this article, you’ll see how time series databases came about, and why so many are open source. We’ll also share our insider take on the future of this space.

How Do Containers Communicate Inside a Pod?

Anybody that has dealt with Kubernetes clusters for any amount of time has likely ran into a situation where they run kubectl get nodes and may see the infamous NotReady state. It’s a deceivingly complex state, though, to have a node that isn’t ready. It sounds obvious, but… what does “ready” even mean for Kubernetes nodes?

Monitoring can get expensive due to the huge quantities of data that need to be processed. In this blog post, you’ll learn the best ways to store and process monitoring metrics to reduce your costs, and how VictoriaMetrics can help.

This blog post will only cover open-source solutions. VictoriaMetrics is proudly open source. You’ll get the most out of this blog post if you are familiar with Prometheus, Thanos, Mimir or VictoriaMetrics.

This blog post will give you a tutorial on how to back up a K3s single node control plane backed by sqlite3 with Litestream.

Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.

a Docker + Kubernetes network trouble-shooting swiss-army container

DirectPV is a CSI driver for Direct Attached Storage. In a simpler sense, it is a distributed persistent volume manager, and not a storage system like SAN or NAS. It is useful to discover, format, mount, schedule and monitor drives across servers.

Write terminal GIFs as code for integration testing and demoing your CLI tools.

jd is a commandline utility and Go library for diffing and patching JSON and YAML values.