wiki
  • My Knowledge Wiki
  • Microservices
  • Domain-driven design (DDD) learning resources
  • Go Programming Language
  • Kotlin Programming Language
  • Java Programming Language
  • Hibernate
  • Reactive Programming
  • Kubernetes
  • Apache Kafka
  • Apache Beam
  • Google Cloud
  • Serverless
  • Janusgraph
  • Event Sourcing & CQRS
  • Performance Engineering
  • Site Reliability Engineering
  • Software Security
  • Scalability
  • Software Craftsmanship
  • Books and Papers
  • Conference and meetup videos
Powered by GitBook
On this page
  • Introduction
  • CNI & Networking
  • AWS EKS
  • Ingress
  • External DNS
  • AWS/GCP IAM with Kubernetes
  • Service Mesh
  • Helm
  • Security
  • Chaos Engineering & Kubernetes
  • Serverless & Kubernetes
  • Misc (Tools, CI/CD, ML, CD/CI, Metrics)
  • Multi-cloud
  • PREEMPTIBLE & SPOT Instances
  • RBAC Sample

Was this helpful?

Kubernetes

Introduction

  • https://kubernetes.io/

  • https://github.com/ramitsurana/awesome-kubernetes

  • https://aws.amazon.com/eks/

  • https://cloud.google.com/kubernetes-engine/

  • https://azure.microsoft.com/pl-pl/services/kubernetes-service/

  • https://www.udacity.com/course/scalable-microservices-with-kubernetes--ud615

  • The Illustrated Children's Guide to Kubernetes https://www.youtube.com/watch?v=4ht22ReBjno

  • https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/

  • https://kubernetes.io/docs/reference/kubectl/cheatsheet/

  • https://github.com/dennyzhang/cheatsheet-kubernetes-A4

  • https://github.com/ramitsurana/awesome-kubernetes#books

  • https://www.replex.io/blog/the-ultimate-kubernetes-cost-guide-aws-vs-gce-vs-azure-vs-digital-ocean

  • https://divvycloud.com/blog/kubedex-comparison-google-gke-microsoft-aks-amazon-eks/

  • https://github.com/ramitsurana/awesome-kubernetes#useful-article

  • https://github.com/kelseyhightower/kubernetes-the-hard-way

  • https://kubedex.com/google-gke-vs-microsoft-aks-vs-amazon-eks/

  • https://github.com/darshanime/notes/blob/master/kubernetes.org

CNI & Networking

  • https://chrislovecnm.com/kubernetes/cni/choosing-a-cni-provider/

  • https://itnext.io/benchmark-results-of-kubernetes-network-plugins-cni-over-10gbit-s-network-36475925a560

  • https://itnext.io/kubernetes-networking-behind-the-scenes-39a1ab1792bb

  • https://itnext.io/kubernetes-multi-cluster-networking-made-simple-c8f26827813

AWS EKS

  • https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html

  • https://aws.amazon.com/eks/faq/

  • https://eksworkshop.com/introduction/

  • https://medium.com/@zhaimo/learning-kubernetes-by-doing-part-1-setting-up-eks-in-aws-50dcf7a76247

  • https://docs.aws.amazon.com/eks/latest/userguide/eks-ug.pdf

  • https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html

  • https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html

  • https://docs.aws.amazon.com/eks/latest/userguide/create-public-private-vpc.html

  • https://github.com/uswitch/kiam/pull/112

  • https://sourcediving.com/elastic-kubernetes-service-536a9ffe9223

  • https://aws.amazon.com/blogs/opensource/eksctl-eks-cluster-one-command/

  • https://aws.amazon.com/blogs/opensource/category/compute/amazon-elastic-container-service-for-kubernetes/

  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html

  • https://www.reddit.com/r/aws/comments/9kbejr/anyone_using_eks_yet_for_prod/

  • https://aws.amazon.com/blogs/opensource/eksctl-eks-cluster-one-command/

  • https://aws.amazon.com/blogs/opensource/aws-service-operator-kubernetes-available/

  • https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-eks-enables-support-for-kubernetes-dynamic-admission-cont/ (istio stuff)

  • https://docs.aws.amazon.com/eks/latest/userguide/calico.html

  • https://github.com/awsdocs/amazon-eks-user-guide/blob/master/doc_source/doc-history.md

  • https://github.com/awslabs/amazon-ecr-credential-helper

  • https://blog.giantswarm.io/load-balancer-service-use-cases-on-aws/

  • https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer

  • https://github.com/kubernetes/kubernetes/issues/26670

  • https://www.weave.works/technologies/kubernetes-on-aws

  • https://stripe.com/blog/operating-kubernetes

  • https://eksworkshop.com/introduction/

  • https://github.com/aws/containers-roadmap/projects/1

  • https://github.com/pahud/eks-alb-ingress

  • https://github.com/awslabs/aws-app-mesh-examples

  • https://www.slideshare.net/AmazonWebServices/building-paas-with-amazon-eks-for-the-largescale-highly-regulated-enterprise-con309r1-aws-reinvent-2018

  • https://aws.amazon.com/app-mesh/features/

  • https://aws.amazon.com/blogs/opensource/kubernetes-service-catalog-aws-service-broker-on-eks/

Ingress

  • https://github.com/kubernetes/ingress-nginx

  • https://github.com/Kong/kong (nginx)

  • https://github.com/containous/traefik

  • https://github.com/haproxy/haproxy

  • https://github.com/appscode/voyager (haproxy)

  • https://github.com/heptio/contour (envoy)

  • https://github.com/datawire/ambassador (envoy) (with istio https://www.getambassador.io/user-guide/with-istio/)

  • https://istio.io/docs/tasks/traffic-management/ingress/ (envoy)

  • https://github.com/kubernetes-sigs/aws-alb-ingress-controller (ALB)

  • https://github.com/zalando-incubator/kube-ingress-aws-controller

  • https://kubedex.com/nginx-ingress-vs-kong-vs-traefik-vs-haproxy-vs-voyager-vs-contour-vs-ambassador/

  • https://www.envoyproxy.io/

  • https://github.com/pahud/amazon-eks-workshop/tree/master/03-creating-services/ingress/traefik-ingress

  • https://github.com/aws-samples/aws-workshop-for-kubernetes

  • https://www.slideshare.net/Provectus/dive-into-devops-march-traefik-as-kubernetes-ingress-controller-ihor-borodin

  • https://medium.com/@dmaas/amazon-eks-ingress-guide-8ec2ec940a70

  • https://itnext.io/save-on-your-aws-bill-with-kubernetes-ingress-148214a79dcb

  • Traefik from kubedex.com: "Another consideration is minimizing server reloads because that impacts load balancing quality and existing connections etc. Traefik doesn’t support hitless reloads so you need NGINX or Envoy Proxy for this. For a lot of people this is a big deal." vs from rancher.com: "Traefik has a true zero downtime reload and implements the possibility of defining circuit breakers rules."

  • https://github.com/nginxinc/nginmesh

  • https://blog.giantswarm.io/load-balancer-service-use-cases-on-aws/

  • https://medium.com/devopslinks/istio-step-by-step-part-01-introduction-to-istio-b9fd0df30a9e Istio

  • https://github.com/pahud/eks-alb-ingress

External DNS

  • https://github.com/kubernetes-incubator/external-dns

  • https://github.com/helm/charts/tree/master/stable/external-dns

  • https://github.com/kubernetes-incubator/external-dns/blob/master/docs/tutorials/nginx-ingress.md

  • https://banzaicloud.com/blog/k8s-external-dns-route53/

  • https://ryaneschinger.com/blog/automatic-dns-kubernetes-ingresses-externaldns/

  • https://medium.com/@russell.whelan/traefik-and-external-dns-naming-magic-b4d6a01d3634

  • https://github.com/kubernetes-incubator/external-dns/blob/master/docs/tutorials/istio.md

  • https://appscode.com/products/voyager/8.0.1/guides/ingress/dns/external-dns/

  • https://stackoverflow.com/questions/50251672/how-to-setup-up-dns-and-ingress-controllers-for-a-public-facing-web-app

  • https://github.com/kubernetes-incubator/external-dns/issues/413 Ingress with traefik

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: test-wordpress
  annotations:
    kubernetes.io/ingress.class: traefik
    external-dns.alpha.kubernetes.io/target: mytraefikservice.mydomain.com
spec:
  rules:
  - host: test.mydomain.com
    http:
      paths:
      - path: /
        backend:
          serviceName: test-wordpress
          servicePort: 80

AWS/GCP IAM with Kubernetes

  • https://github.com/uswitch/kiam

  • https://github.com/jtblin/kube2iam

  • https://github.com/ash2k/iam4kube

  • https://github.com/mikkeloscar/kube-aws-iam-controller

  • https://docs.google.com/document/d/1rn-v2TNH9k4Oz-VuaueP77ANE5p-5Ua89obK2JaArfg/edit?usp=sharing

  • https://github.com/kernelpayments/kube-google-iam

  • https://github.com/istio/istio/issues/9297

Service Mesh

  • https://istio.io/docs/concepts/what-is-istio/

  • https://kubernetes.io/blog/2017/05/managing-microservices-with-istio-service-mesh/

  • https://www.hashicorp.com/blog/consul-1-2-service-mesh

  • https://linkerd.io/1/getting-started/k8s/

  • https://thenewstack.io/which-service-mesh-should-i-use/

  • https://medium.com/@jeffzzq/how-to-integrate-an-aws-lambda-function-into-your-kubernetes-service-mesh-5d665f351675

Helm

  • https://helm.sh/

  • https://www.digitalocean.com/community/tutorials/how-to-install-software-on-kubernetes-clusters-with-the-helm-package-manager

  • https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-init/

  • https://github.com/helm/charts

  • https://www.terraform.io/docs/providers/helm/index.html

  • https://github.com/roboll/helmfile

  • https://github.com/Praqma/helmsman

Security

  • https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/

  • https://github.com/kubernetes-sigs/aws-iam-authenticator

  • https://kubernetes.io/docs/reference/access-authn-authz/rbac/

  • https://github.com/freach/kubernetes-security-best-practice

  • https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/

  • https://engineering.bitnami.com/articles/sealed-secrets.html

  • https://github.com/bitnami-labs/sealed-secrets

  • https://www.slideshare.net/sebastiengoasguen/kubernetes-sealed-secrets

  • https://medium.com/@gmaliar/dynamic-secrets-on-kubernetes-pods-using-vault-35d9094d169

  • https://github.com/Boostport/kubernetes-vault

  • https://coreos.com/blog/introducing-vault-operator-project

  • https://medium.com/containerum/top-security-tips-for-your-kubernetes-cluster-9b23a4e95111

  • https://neuvector.com/container-security/kubernetes-security-guide/

Chaos Engineering & Kubernetes

  • https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/

  • https://thenewstack.io/how-chaos-engineering-can-drive-kubernetes-reliability/

  • https://learnk8s.io/blog/kubernetes-chaos-engineering-lessons-learned

  • https://github.com/asobti/kube-monkey

  • https://github.com/bloomberg/powerfulseal

Serverless & Kubernetes

  • https://github.com/knative/

  • https://cloud.google.com/knative/

  • https://github.com/kubeless/kubeless

  • https://fission.io/

  • https://thenewstack.io/the-future-of-kubernetes-is-serverless/

  • https://thenewstack.io/why-serverless-vs-kubernetes-isnt-a-real-debate/

  • https://dzone.com/articles/when-to-use-serverless-when-to-use-kubernetes

  • https://medium.com/coryodaniel/from-erverless-to-elixir-48752db4d7bc

Misc (Tools, CI/CD, ML, CD/CI, Metrics)

  • https://kubernetes.io/docs/reference/tools/

  • https://github.com/ahmetb/kubectx

  • https://github.com/txn2/kubefwd

  • https://about.gitlab.com/solutions/kubernetes/

  • https://www.spinnaker.io/

  • https://www.kubeflow.org/

  • https://opencensus.io/

  • https://www.pulumi.com/

  • https://kubernetes.io/docs/tasks/debug-application-cluster/resource-usage-monitoring/

  • https://itnext.io/kubernetes-monitoring-with-prometheus-in-15-minutes-8e54d1de2e1

  • https://www.abhishek-tiwari.com/10-open-source-tools-for-highly-effective-kubernetes-sre-and-ops-teams/

  • https://logz.io/blog/kubernetes-monitoring/

  • https://thenewstack.io/5-tools-monitoring-kubernetes-scale-production/

  • https://medium.com/containerum/4-tools-to-monitor-your-kubernetes-cluster-efficiently-ceaf62818eea

  • https://www.weave.works/technologies/monitoring-kubernetes-with-prometheus/

  • https://github.com/XiaoMi/naftis

Multi-cloud

  • https://banzaicloud.com/blog/multi-cloud-k8s/

  • https://kubernetes.io/docs/setup/turnkey/stackpoint/

  • https://kubernetes.io/docs/concepts/cluster-administration/federation/

  • https://dzone.com/articles/best-practices-for-multi-cloud-kubernetes

  • https://cloudify.co/webinars/multi-cloud-orchestration-kubernetes

  • https://containership.io/

  • http://superuser.openstack.org/articles/how-to-multi-cloud-kubernetes/

  • https://www.tripwire.com/state-of-security/security-data-protection/cloud/multi-cloud-security-best-practices-guide/

PREEMPTIBLE & SPOT Instances

  • https://cloud.google.com/preemptible-vms/

  • https://aws.amazon.com/ec2/spot/

RBAC Sample

# Allows scaling deployments or stateful sets up/down
# Generally bound at the namespace level to allow scaling only in that namespace
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: namespace-scale
rules:
  - apiGroups:
      - '' # core group
    resources:
      - deployments/scale
      - statefulsets/scale
    verbs:
      - create
 ---

PreviousReactive ProgrammingNextApache Kafka

Last updated 6 years ago

Was this helpful?