orchestration | Coffee and Cloud Native

HA K3s With kube-vip and MetalLB

Mar 9, 2021 orchestration operations networking

High availability Kubernetes is easy to get wrong because you need so many different layers to be HA. The control plane. The data plane. The load balancer. If you’re using K3s in a place where you don’t have lots of nodes, like a homelab or an edge environment, you want to get the most out of nodes without …

Read More

Coffee and Cloud Native - E120

Feb 23, 2021 pwny pwny operations automation education security development orchestration

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
6:18	Endgame takes a privileged AWS account and pwns all accessible resources. Hopefully this gets AWS to step up their game for reporting of over-privileged accounts.	☕️☕️☕️☕️
12:28	An interesting use of Helm to take laborious Kubernetes tasks and make them easier. By doing so they’re more likely to actually get done.	☕️☕️☕️☕️
16:10	Crio.Do wants to help developers grow their skills while keeping learning fun.	☕️☕️☕️
18:55	localstack mocks all AWS services locally for development. The free tier is generous, and the paid tier is comprehensive.	☕️☕️☕️☕️
20:35	A quick-and-dirty guide for using kube-bench with EKS, with a lead into AWS Security Hub and the Tool of the Day	☕️☕️☕️☕️
23:09	Terrible combines Terraform with ansible to create IaC for KVM/QEMU environments. This is a great demonstration of using the right tool for the right job.	☕️☕️☕️☕️
25:19	It’s easy to mock PHP for not being Go or Python or Rust, but that’s not why it was created. For those who have invested in PHP, Laravel has a library for managing Kubernetes resources.	☕️☕️
26:57	Tool of the Day: Cloud Custodian is like Kyverno for public cloud infrastructure.	☕️☕️☕️

Coffee and Cloud Native - E119

Feb 19, 2021 operations orchestration

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

In today’s episode of Shipwreck’s Sunken Treasure, Jason introduces us to Nixery.

Coffee and Cloud Native - E118

Feb 18, 2021 random orchestration security virtualization operations ci/cd

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
4:51	The utility known as z is a great complement to command frecency available in the fish shell.	☕️☕️☕️☕️
7:52	Another great article from learnk8s, this time on how to use multi-container Pods to extend app functionality in Kubernetes.	☕️☕️☕️☕️☕️
11:52	Some companies thank early adopters by supporting them. LastPass did it by crippling functionality to force users to pay. Drop LastPass and use BitWarden instead.	☕️☕️
15:27	At last, pfsense 2.5 arrives with support for WireguardVPN and other great features. Yummy!	☕️☕️☕️☕️
17:48	A fantastic article on both the WHY and the HOW of deploying Falco on Kubernetes.	☕️☕️☕️☕️
20:37	Utilities to easily control the virtualization framework on macOS.	☕️☕️
22:11	Using websocket connections as the custom metric for HPA in Kubernetes.	☕️☕️☕️☕️
23:24	Using GitHub Actions for canary deployments in Azure Kubernetes	☕️☕️☕️☕️
27:01	Tool of the Day: Hydra is a complete, open, powerful auth engine, written in Go, with libraries for any other language.	☕️☕️☕️☕️

Coffee and Cloud Native - E114

Feb 9, 2021 storage orchestration pwny pwny security operations networking development observability

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:46	An awesome article from a community member about OpenEBS, Rancher, RKE, and the NFS Server Provisioner.	☕️☕️☕️☕️☕️
4:57	TeamTNT is at it again, cryptojacking your Kubernetes clusters. You have to really work hard to make it easy for them, though.	☕️☕️☕️☕️
8:36	How hard is it to pwn a Kubernetes cluster through the kubelet? Easier than you think.	☕️☕️☕️☕️
13:51	kubeaudit can help identify Kubernetes misconfigurations that could cost you dearly.	☕️☕️☕️☕️☕️
15:22	Where Kubernetes complexity lets you down, Boundary can step in and simplify your life with solid RBAC controls for clusters and the underlying substrate.	☕️☕️☕️☕️☕️
18:26	Bion Consulting is offering free audits of Kubernetes clusters as an intro to their security service offerings.	☕️☕️☕️☕️
20:04	New features in k0s are taking shape around their goals to be the “frictionless” Kubernetes distro.	☕️☕️☕️
21:41	This article demonstrates how Traefik Ingress can be implemented as an entry point to an Istio service mesh.	☕️☕️☕️
23:28	Garden wants to solve the elusive problems developers face with Kubernetes by easing the transition between dev and prod in local testing and CI environments.	☕️☕️☕️☕️
25:56	This is the first in a series of AWESOME AWESOME AWESOME articles from codefresh on Kubernetes anti-patterns. This isn’t rehashed content. Read it and I guarantee you’ll learn something new.	☕️☕️☕️☕️☕️
27:32	Tool of the Day: This K8s operator creates UptimeRobot monitors for Kubernetes Ingresses. uptime_robot will you please gift Max a Pro account so he can test the Pro features?	☕️☕️☕️☕️☕️

Coffee and Cloud Native - E112

Feb 4, 2021 orchestration development operations observability

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
4:34	How to combine the power of a local VM with the flexibility of IaC and build your own Kubernetes development environment with Packer and K3s.	☕️☕️☕️☕️
7:16	How to use shell tools to quickly generate totally random passwords.	☕️☕️☕️
11:50	You don’t need Krew to build your own kubectl plugins. It’s easy. Here’s how.	☕️☕️☕️☕️
14:28	Nothing says “easy” like kicking off a Kubernetes install from a Chrome extension.	☕️☕️☕️
17:05	Did you know that you can use 1Password like your own HashiCorp Vault for local shell scripts? There’s a CLI!	☕️☕️☕️☕️
19:02	Apache Camel K doesn’t just bring Camel into Kubernetes. It does everything, from building to deploying the workloads for your project.	☕️☕️☕️
22:35	This service claims it can do cost reduction of Kubernetes across multiple clouds, with automatic migrations and other magic.	☕️☕️☕️
25:35	Tool of the Day: kubequery models Kubernetes resources as SQL tables and exposes them to standard SQL queries.	☕️☕️☕️

Coffee and Cloud Native - E111

Feb 2, 2021 operations orchestration observability gitops security development serverless random

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:08	Building PXE servers is a skill every operator should have. Here’s how to use a PXE env to build flatcar_linux nodes for Kubernetes.	☕️☕️☕️☕️
6:27	How to use kubeadm to build a Kubernetes cluster on Flatcar Linux.	☕️☕️☕️☕️
7:24	The logging operator from Banzai CLoud is amazing but has a bit of a learning curve. This walks you through setting it up w/ Loki from grafana.	☕️☕️☕️
10:12	Monk is a “modern Heroku,” and I like what monk_io has built. My only concern is that they will lock you out of your own systems and remove access to templates you’ve “bought” if you don’t keep paying them.	☕️☕️☕️
15:41	A plugin for ArgoCD to pull secrets from Hashicorp Vault and inject them into Kubernetes secrets.	☕️☕️☕️☕️
19:47	The state, or lack thereof, of GUI options for Rust.	☕️☕️☕️☕️
22:04	What do you do when your neighbor’s an a**hole? You build a serverless app to easily log his actions to support your complaint. Of course that’s what you do.	☕️☕️☕️☕️
24:35	How to create an awesome README for your GitHub profile. Show off them skillz!	☕️☕️☕️☕️
27:22	Tool of the Day: From the King of the Honk comes k8s-mirror, a tool to stuff a K8s cluster into a Docker container for offline poking and prodding.	☕️☕️☕️☕️

Coffee and Cloud Native - E107

Jan 20, 2021 chaos engineering security orchestration observability operators operations networking

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:53	KubeInvaders has new features where you can watch pod logs or fire off a kube-linter process!	☕️☕️☕️☕️
5:18	There’s an EU-backed bug bounty going on for Matrix. Security good.	☕️☕️☕️☕️
8:13	This is the best guide to Vertical Pod Autoscaling for Kubernetes.	☕️☕️☕️☕️
13:25	I think the new Elastic license is a defense against AWS continuing to profit off of their work.	☕️☕️☕️☕️
16:22	GoFish is like Homebrew, but for macOS, Linux, and Windows.	☕️☕️☕️☕️
17:50	Waiting to take Boundary for a spin? Here’s a full example walkthrough for Kubernetes.	☕️☕️☕️☕️
18:55	Check out this super-awesome synthetic user architecture that AppDynamics built with Kubernetes and ephemeral containers.	☕️☕️
21:26	This is a great use for an operator and a fun way to learn about building them with Python.	☕️☕️☕️☕️
23:37	Canary deployments with Linkerd, Github Actions, and Azure	☕️☕️☕️☕️
24:57	Picking up on the projectcalico article from 2019, lucjuggery digs further into kube-proxy and iptables	☕️☕️☕️☕️
27:12	Tool of the Day: A utility that uses the leader election functionality in Kubernetes to run multiple standby replicas of a pod. No more waiting 6 minutes for K8s to figure out a node died.	☕️☕️☕️☕️☕️

Coffee and Cloud Native - E106

Jan 19, 2021 pwny pwny operations orchestration development ai/ml observability chaos engineering

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:16	How Parler totally screwed up the “secure” part of their application and got pwned.	☕️☕️☕️☕️
6:08	A quick overview of the options for Remove-PSSession	☕️☕️☕️
8:07	This article hits a lot of open source nails on the head. It’s a big world. OSS drives innovation. Commercialization stifles it.	☕️☕️☕️☕️
12:36	These are 65 things madzadev wishes he knew when starting to code, but many of them apply to other disciplines and life in general.	☕️☕️☕️☕️
19:21	Event-driven architecture is bubbling up as a popular design paradigm. Here’s an intro into using Azure Event Grid as the broker.	☕️☕️☕️☕️
21:02	Here’s a peek at the internals of just how awesome GPT-3 is. It reveals that any effort to create an OSS GPT-3 lite is going to need a lot of donated/distributed GPU power.	☕️☕️☕️☕️
23:07	Another article on the pitfalls of readiness probes, but this begs the question - should users see database errors, or should we intelligently route to failure pages when a service has no endpoints?	☕️☕️☕️☕️
25:56	Tool of the Day: stressy is a simple CPU stress test tool. no frills. comes in container format.	☕️☕️☕️

Coffee and Cloud Native - E105

Jan 18, 2021 orchestration ci/cd networking observability database chaos engineering random operations

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
6:35	How to compile and test a local Terraform provider.	☕️☕️☕️
8:31	Do you need to move off of Travis CI? Here are some options.	☕️☕️☕️
11:39	Holy Tracing, Batman! ingress-nginx has OpenTracing baked in!	☕️☕️☕️☕️☕️
13:39	A peek into the DALL-E machine learning image generator from OpenAI	☕️☕️☕️☕️
17:02	Before today I had no idea just how awesome Graph DBs are.	☕️☕️☕️☕️
19:39	You can use Gremlin to trigger/test HPA on Kubernetes. It’s easy.	☕️☕️☕️
20:24	This is a great new series exploring unusual/unused HTML tags. kbd! progress! Please make more of these, BraydonCoyer!	☕️☕️☕️☕️
22:23	Azure has great metrics engines, and this article includes a bonus link on how to make your own Prometheus exporter for your apps.	☕️☕️☕️☕️
25:39	If you’re not a Prometheus/Grafana fan, perhaps some Azure ELK suits you? Here’s how to get started with Filebeat for observability.	☕️☕️☕️
26:36	Tool of the Day: Giggleworthy name aside, this tool is a leash for when Kubernetes distros straight-up ignore your image caching configuration.	☕️☕️☕️☕️

- 1
- 2
- 3
- 4