Terraform Orchestration Tool for DevOps. Keep environment configuration DRY with hierarchical imports of configurations, inheritance, and WAY more. Native support for Terraform and Helmfile.

Bugsink offers real-time error tracking for your applications with full control through self-hosting.

All-in-One Self-Hosted Project Management, Time Tracking and Focus App

Lessons learned using controller-gen in production

Hi there! I’m Rodrigo, a Staff Site Reliability Engineer at Miro. In this article, I’m excited to share how Miro’s Compute team automates complex Kubernetes workflows using Kyverno’s mutating webhooks. Whether you’re a seasoned Kubernetes administrator or just getting started with container orchestration, you’ll learn how Kyverno can streamline your operations, enhance security, and bring a new level of efficiency to your Kubernetes environments. Join me as we explore practical examples and best practices that you can apply to your own infrastructure. Let’s dive in and unlock the power of Kyverno together!

Use OpenID and grant groups or users the correct permissions in your cluster. Your organization already has an OpenID provider in place. Google, GitHub, Okta (and many more) can all be used. That’s it, that’s all you need. Don’t bother with IAM, service accounts or any of that other stuff. Those are all reasonable for machines - not for users.

This repository provides an opinionated tutorial on building Kubernetes controllers, sharing best practices and design patterns I have found most effective

Sealed Secrets Web is a web interface for Sealed Secrets by Bitnami. The web interface let you encode, decode the keys in the data field of a secret, load existing Sealed Secrets and create Sealed Secrets. Under the hood it uses Sealed Secrets service API to encrypt your secrets. The web interface should be installed to your Kubernetes cluster, so your developers do not need access to your cluster via kubectl.

Manages Envoy Proxy as a Standalone or Kubernetes-based Application Gateway

KCL is an open-source, constraint-based record and functional language that enhances the writing of complex configurations, including those for cloud-native scenarios. With its advanced programming language technology and practices, KCL is dedicated to promoting better modularity, scalability, and stability for configurations. It enables simpler logic writing and offers ease of automation APIs and integration with homegrown systems.

OpenID Connect (OIDC) & OAuth 2 API Server used to secure Kubernetes Ingress

So in response, we kicked off a Railway Metal project last year. Nine months later we were live with the first site in California, having designed, spec-ed, and installed everything from the fiber optic cables in the cage to the various contracts with ISPs. We’re lighting up three more data center regions as we speak.

The Hard Lesson on Backups, Disaster Recovery, and Human Error

Subtrace is Wireshark for your Docker containers. It lets developers see all incoming and outgoing requests in their backend server so that they can resolve production issues faster.