wiki
  • My Knowledge Wiki
  • Microservices
  • Domain-driven design (DDD) learning resources
  • Go Programming Language
  • Kotlin Programming Language
  • Java Programming Language
  • Hibernate
  • Reactive Programming
  • Kubernetes
  • Apache Kafka
  • Apache Beam
  • Google Cloud
  • Serverless
  • Janusgraph
  • Event Sourcing & CQRS
  • Performance Engineering
  • Site Reliability Engineering
  • Software Security
  • Scalability
  • Software Craftsmanship
  • Books and Papers
  • Conference and meetup videos
Powered by GitBook
On this page
  • Introduction
  • CNI & Networking
  • AWS EKS
  • Ingress
  • External DNS
  • AWS/GCP IAM with Kubernetes
  • Service Mesh
  • Helm
  • Security
  • Chaos Engineering & Kubernetes
  • Serverless & Kubernetes
  • Misc (Tools, CI/CD, ML, CD/CI, Metrics)
  • Multi-cloud
  • PREEMPTIBLE & SPOT Instances
  • RBAC Sample

Was this helpful?

Kubernetes

PreviousReactive ProgrammingNextApache Kafka

Last updated 6 years ago

Was this helpful?

Introduction

  • The Illustrated Children's Guide to Kubernetes

CNI & Networking

AWS EKS

Ingress

  • Traefik from kubedex.com: "Another consideration is minimizing server reloads because that impacts load balancing quality and existing connections etc. Traefik doesn’t support hitless reloads so you need NGINX or Envoy Proxy for this. For a lot of people this is a big deal." vs from rancher.com: "Traefik has a true zero downtime reload and implements the possibility of defining circuit breakers rules."

External DNS

  • apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: test-wordpress
  annotations:
    kubernetes.io/ingress.class: traefik
    external-dns.alpha.kubernetes.io/target: mytraefikservice.mydomain.com
spec:
  rules:
  - host: test.mydomain.com
    http:
      paths:
      - path: /
        backend:
          serviceName: test-wordpress
          servicePort: 80

AWS/GCP IAM with Kubernetes

Service Mesh

Helm

Security

Chaos Engineering & Kubernetes

Serverless & Kubernetes

Misc (Tools, CI/CD, ML, CD/CI, Metrics)

Multi-cloud

PREEMPTIBLE & SPOT Instances

RBAC Sample

# Allows scaling deployments or stateful sets up/down
# Generally bound at the namespace level to allow scaling only in that namespace
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: namespace-scale
rules:
  - apiGroups:
      - '' # core group
    resources:
      - deployments/scale
      - statefulsets/scale
    verbs:
      - create
 ---

(istio stuff)

(nginx)

(haproxy)

(envoy)

(envoy) (with istio )

(envoy)

(ALB)

Istio

Ingress with traefik

https://kubernetes.io/
https://github.com/ramitsurana/awesome-kubernetes
https://aws.amazon.com/eks/
https://cloud.google.com/kubernetes-engine/
https://azure.microsoft.com/pl-pl/services/kubernetes-service/
https://www.udacity.com/course/scalable-microservices-with-kubernetes--ud615
https://www.youtube.com/watch?v=4ht22ReBjno
https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/
https://kubernetes.io/docs/reference/kubectl/cheatsheet/
https://github.com/dennyzhang/cheatsheet-kubernetes-A4
https://github.com/ramitsurana/awesome-kubernetes#books
https://www.replex.io/blog/the-ultimate-kubernetes-cost-guide-aws-vs-gce-vs-azure-vs-digital-ocean
https://divvycloud.com/blog/kubedex-comparison-google-gke-microsoft-aks-amazon-eks/
https://github.com/ramitsurana/awesome-kubernetes#useful-article
https://github.com/kelseyhightower/kubernetes-the-hard-way
https://kubedex.com/google-gke-vs-microsoft-aks-vs-amazon-eks/
https://github.com/darshanime/notes/blob/master/kubernetes.org
https://chrislovecnm.com/kubernetes/cni/choosing-a-cni-provider/
https://itnext.io/benchmark-results-of-kubernetes-network-plugins-cni-over-10gbit-s-network-36475925a560
https://itnext.io/kubernetes-networking-behind-the-scenes-39a1ab1792bb
https://itnext.io/kubernetes-multi-cluster-networking-made-simple-c8f26827813
https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html
https://aws.amazon.com/eks/faq/
https://eksworkshop.com/introduction/
https://medium.com/@zhaimo/learning-kubernetes-by-doing-part-1-setting-up-eks-in-aws-50dcf7a76247
https://docs.aws.amazon.com/eks/latest/userguide/eks-ug.pdf
https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html
https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html
https://docs.aws.amazon.com/eks/latest/userguide/create-public-private-vpc.html
https://github.com/uswitch/kiam/pull/112
https://sourcediving.com/elastic-kubernetes-service-536a9ffe9223
https://aws.amazon.com/blogs/opensource/eksctl-eks-cluster-one-command/
https://aws.amazon.com/blogs/opensource/category/compute/amazon-elastic-container-service-for-kubernetes/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html
https://www.reddit.com/r/aws/comments/9kbejr/anyone_using_eks_yet_for_prod/
https://aws.amazon.com/blogs/opensource/eksctl-eks-cluster-one-command/
https://aws.amazon.com/blogs/opensource/aws-service-operator-kubernetes-available/
https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-eks-enables-support-for-kubernetes-dynamic-admission-cont/
https://docs.aws.amazon.com/eks/latest/userguide/calico.html
https://github.com/awsdocs/amazon-eks-user-guide/blob/master/doc_source/doc-history.md
https://github.com/awslabs/amazon-ecr-credential-helper
https://blog.giantswarm.io/load-balancer-service-use-cases-on-aws/
https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
https://github.com/kubernetes/kubernetes/issues/26670
https://www.weave.works/technologies/kubernetes-on-aws
https://stripe.com/blog/operating-kubernetes
https://eksworkshop.com/introduction/
https://github.com/aws/containers-roadmap/projects/1
https://github.com/pahud/eks-alb-ingress
https://github.com/awslabs/aws-app-mesh-examples
https://www.slideshare.net/AmazonWebServices/building-paas-with-amazon-eks-for-the-largescale-highly-regulated-enterprise-con309r1-aws-reinvent-2018
https://aws.amazon.com/app-mesh/features/
https://aws.amazon.com/blogs/opensource/kubernetes-service-catalog-aws-service-broker-on-eks/
https://github.com/kubernetes/ingress-nginx
https://github.com/Kong/kong
https://github.com/containous/traefik
https://github.com/haproxy/haproxy
https://github.com/appscode/voyager
https://github.com/heptio/contour
https://github.com/datawire/ambassador
https://www.getambassador.io/user-guide/with-istio/
https://istio.io/docs/tasks/traffic-management/ingress/
https://github.com/kubernetes-sigs/aws-alb-ingress-controller
https://github.com/zalando-incubator/kube-ingress-aws-controller
https://kubedex.com/nginx-ingress-vs-kong-vs-traefik-vs-haproxy-vs-voyager-vs-contour-vs-ambassador/
https://www.envoyproxy.io/
https://github.com/pahud/amazon-eks-workshop/tree/master/03-creating-services/ingress/traefik-ingress
https://github.com/aws-samples/aws-workshop-for-kubernetes
https://www.slideshare.net/Provectus/dive-into-devops-march-traefik-as-kubernetes-ingress-controller-ihor-borodin
https://medium.com/@dmaas/amazon-eks-ingress-guide-8ec2ec940a70
https://itnext.io/save-on-your-aws-bill-with-kubernetes-ingress-148214a79dcb
https://github.com/nginxinc/nginmesh
https://blog.giantswarm.io/load-balancer-service-use-cases-on-aws/
https://medium.com/devopslinks/istio-step-by-step-part-01-introduction-to-istio-b9fd0df30a9e
https://github.com/pahud/eks-alb-ingress
https://github.com/kubernetes-incubator/external-dns
https://github.com/helm/charts/tree/master/stable/external-dns
https://github.com/kubernetes-incubator/external-dns/blob/master/docs/tutorials/nginx-ingress.md
https://banzaicloud.com/blog/k8s-external-dns-route53/
https://ryaneschinger.com/blog/automatic-dns-kubernetes-ingresses-externaldns/
https://medium.com/@russell.whelan/traefik-and-external-dns-naming-magic-b4d6a01d3634
https://github.com/kubernetes-incubator/external-dns/blob/master/docs/tutorials/istio.md
https://appscode.com/products/voyager/8.0.1/guides/ingress/dns/external-dns/
https://stackoverflow.com/questions/50251672/how-to-setup-up-dns-and-ingress-controllers-for-a-public-facing-web-app
https://github.com/kubernetes-incubator/external-dns/issues/413
https://github.com/uswitch/kiam
https://github.com/jtblin/kube2iam
https://github.com/ash2k/iam4kube
https://github.com/mikkeloscar/kube-aws-iam-controller
https://docs.google.com/document/d/1rn-v2TNH9k4Oz-VuaueP77ANE5p-5Ua89obK2JaArfg/edit?usp=sharing
https://github.com/kernelpayments/kube-google-iam
https://github.com/istio/istio/issues/9297
https://istio.io/docs/concepts/what-is-istio/
https://kubernetes.io/blog/2017/05/managing-microservices-with-istio-service-mesh/
https://www.hashicorp.com/blog/consul-1-2-service-mesh
https://linkerd.io/1/getting-started/k8s/
https://thenewstack.io/which-service-mesh-should-i-use/
https://medium.com/@jeffzzq/how-to-integrate-an-aws-lambda-function-into-your-kubernetes-service-mesh-5d665f351675
https://helm.sh/
https://www.digitalocean.com/community/tutorials/how-to-install-software-on-kubernetes-clusters-with-the-helm-package-manager
https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-init/
https://github.com/helm/charts
https://www.terraform.io/docs/providers/helm/index.html
https://github.com/roboll/helmfile
https://github.com/Praqma/helmsman
https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/
https://github.com/kubernetes-sigs/aws-iam-authenticator
https://kubernetes.io/docs/reference/access-authn-authz/rbac/
https://github.com/freach/kubernetes-security-best-practice
https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/
https://engineering.bitnami.com/articles/sealed-secrets.html
https://github.com/bitnami-labs/sealed-secrets
https://www.slideshare.net/sebastiengoasguen/kubernetes-sealed-secrets
https://medium.com/@gmaliar/dynamic-secrets-on-kubernetes-pods-using-vault-35d9094d169
https://github.com/Boostport/kubernetes-vault
https://coreos.com/blog/introducing-vault-operator-project
https://medium.com/containerum/top-security-tips-for-your-kubernetes-cluster-9b23a4e95111
https://neuvector.com/container-security/kubernetes-security-guide/
https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/
https://thenewstack.io/how-chaos-engineering-can-drive-kubernetes-reliability/
https://learnk8s.io/blog/kubernetes-chaos-engineering-lessons-learned
https://github.com/asobti/kube-monkey
https://github.com/bloomberg/powerfulseal
https://github.com/knative/
https://cloud.google.com/knative/
https://github.com/kubeless/kubeless
https://fission.io/
https://thenewstack.io/the-future-of-kubernetes-is-serverless/
https://thenewstack.io/why-serverless-vs-kubernetes-isnt-a-real-debate/
https://dzone.com/articles/when-to-use-serverless-when-to-use-kubernetes
https://medium.com/coryodaniel/from-erverless-to-elixir-48752db4d7bc
https://kubernetes.io/docs/reference/tools/
https://github.com/ahmetb/kubectx
https://github.com/txn2/kubefwd
https://about.gitlab.com/solutions/kubernetes/
https://www.spinnaker.io/
https://www.kubeflow.org/
https://opencensus.io/
https://www.pulumi.com/
https://kubernetes.io/docs/tasks/debug-application-cluster/resource-usage-monitoring/
https://itnext.io/kubernetes-monitoring-with-prometheus-in-15-minutes-8e54d1de2e1
https://www.abhishek-tiwari.com/10-open-source-tools-for-highly-effective-kubernetes-sre-and-ops-teams/
https://logz.io/blog/kubernetes-monitoring/
https://thenewstack.io/5-tools-monitoring-kubernetes-scale-production/
https://medium.com/containerum/4-tools-to-monitor-your-kubernetes-cluster-efficiently-ceaf62818eea
https://www.weave.works/technologies/monitoring-kubernetes-with-prometheus/
https://github.com/XiaoMi/naftis
https://banzaicloud.com/blog/multi-cloud-k8s/
https://kubernetes.io/docs/setup/turnkey/stackpoint/
https://kubernetes.io/docs/concepts/cluster-administration/federation/
https://dzone.com/articles/best-practices-for-multi-cloud-kubernetes
https://cloudify.co/webinars/multi-cloud-orchestration-kubernetes
https://containership.io/
http://superuser.openstack.org/articles/how-to-multi-cloud-kubernetes/
https://www.tripwire.com/state-of-security/security-data-protection/cloud/multi-cloud-security-best-practices-guide/
https://cloud.google.com/preemptible-vms/
https://aws.amazon.com/ec2/spot/