pwny pwny

Coffee and Cloud Native - E120

Feb 23, 2021 pwny pwny operations automation education security development orchestration

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
6:18	Endgame takes a privileged AWS account and pwns all accessible resources. Hopefully this gets AWS to step up their game for reporting of over-privileged accounts.	☕️☕️☕️☕️
12:28	An interesting use of Helm to take laborious Kubernetes tasks and make them easier. By doing so they’re more likely to actually get done.	☕️☕️☕️☕️
16:10	Crio.Do wants to help developers grow their skills while keeping learning fun.	☕️☕️☕️
18:55	localstack mocks all AWS services locally for development. The free tier is generous, and the paid tier is comprehensive.	☕️☕️☕️☕️
20:35	A quick-and-dirty guide for using kube-bench with EKS, with a lead into AWS Security Hub and the Tool of the Day	☕️☕️☕️☕️
23:09	Terrible combines Terraform with ansible to create IaC for KVM/QEMU environments. This is a great demonstration of using the right tool for the right job.	☕️☕️☕️☕️
25:19	It’s easy to mock PHP for not being Go or Python or Rust, but that’s not why it was created. For those who have invested in PHP, Laravel has a library for managing Kubernetes resources.	☕️☕️
26:57	Tool of the Day: Cloud Custodian is like Kyverno for public cloud infrastructure.	☕️☕️☕️

Coffee and Cloud Native - E114

Feb 9, 2021 storage orchestration pwny pwny security operations networking development observability

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:46	An awesome article from a community member about OpenEBS, Rancher, RKE, and the NFS Server Provisioner.	☕️☕️☕️☕️☕️
4:57	TeamTNT is at it again, cryptojacking your Kubernetes clusters. You have to really work hard to make it easy for them, though.	☕️☕️☕️☕️
8:36	How hard is it to pwn a Kubernetes cluster through the kubelet? Easier than you think.	☕️☕️☕️☕️
13:51	kubeaudit can help identify Kubernetes misconfigurations that could cost you dearly.	☕️☕️☕️☕️☕️
15:22	Where Kubernetes complexity lets you down, Boundary can step in and simplify your life with solid RBAC controls for clusters and the underlying substrate.	☕️☕️☕️☕️☕️
18:26	Bion Consulting is offering free audits of Kubernetes clusters as an intro to their security service offerings.	☕️☕️☕️☕️
20:04	New features in k0s are taking shape around their goals to be the “frictionless” Kubernetes distro.	☕️☕️☕️
21:41	This article demonstrates how Traefik Ingress can be implemented as an entry point to an Istio service mesh.	☕️☕️☕️
23:28	Garden wants to solve the elusive problems developers face with Kubernetes by easing the transition between dev and prod in local testing and CI environments.	☕️☕️☕️☕️
25:56	This is the first in a series of AWESOME AWESOME AWESOME articles from codefresh on Kubernetes anti-patterns. This isn’t rehashed content. Read it and I guarantee you’ll learn something new.	☕️☕️☕️☕️☕️
27:32	Tool of the Day: This K8s operator creates UptimeRobot monitors for Kubernetes Ingresses. uptime_robot will you please gift Max a Pro account so he can test the Pro features?	☕️☕️☕️☕️☕️

Coffee and Cloud Native - E106

Jan 19, 2021 pwny pwny operations orchestration development ai/ml observability chaos engineering

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:16	How Parler totally screwed up the “secure” part of their application and got pwned.	☕️☕️☕️☕️
6:08	A quick overview of the options for Remove-PSSession	☕️☕️☕️
8:07	This article hits a lot of open source nails on the head. It’s a big world. OSS drives innovation. Commercialization stifles it.	☕️☕️☕️☕️
12:36	These are 65 things madzadev wishes he knew when starting to code, but many of them apply to other disciplines and life in general.	☕️☕️☕️☕️
19:21	Event-driven architecture is bubbling up as a popular design paradigm. Here’s an intro into using Azure Event Grid as the broker.	☕️☕️☕️☕️
21:02	Here’s a peek at the internals of just how awesome GPT-3 is. It reveals that any effort to create an OSS GPT-3 lite is going to need a lot of donated/distributed GPU power.	☕️☕️☕️☕️
23:07	Another article on the pitfalls of readiness probes, but this begs the question - should users see database errors, or should we intelligently route to failure pages when a service has no endpoints?	☕️☕️☕️☕️
25:56	Tool of the Day: stressy is a simple CPU stress test tool. no frills. comes in container format.	☕️☕️☕️

Coffee and Cloud Native - E103

Jan 14, 2021 networking security orchestration random storage pwny pwny

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
8:23	Want a new or different Kubernetes job, or is your company looking for skilled workers? Check out the new careers board from learnk8s.	☕️☕️☕️☕️
10:20	Gloo 1.6 has configuration for blocking CSRF attacks at the edge. Here’s how to do it.	☕️☕️☕️☕️
14:04	What a crazy POC. ahachete built a 100-node (63 accessible) K8s cluster on a single r5.metal instance using Firecracker and EKS-D.	☕️☕️☕️☕️
17:06	Here’s a tool from mtougeron that tags EBS volumes from annotations on the Kubernetes Deployment or PVC.	☕️☕️☕️☕️
19:20	eBPF is going to eat the world. If you’re not already using it in Kubernetes (or elsewhere), you need to get on the bus.	☕️☕️☕️☕️
22:09	In <24h researchers went from “scan” to “pwn 100k UN employee records.” Whoever committed admin db creds to Git in a Wordpress config needs to be fired.	☕️☕️☕️☕️☕️
27:02	Tool of the Day: juicefs is a distributed POSIX filesystem built on Redis and any S3-compatible object store. Holy cow.	☕️☕️☕️☕️

Coffee and Cloud Native - E94

Dec 18, 2020 random security development pwny pwny automation orchestration storage dns observability IoT service mesh

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
7:15	Sequoia is a Rust library for a modern implementation of OpenPGP, now at v1.0!	☕️☕️☕️☕️☕️
10:43	Researchers exploit RAM bus to create binary-encoded signals in the WiFi range and exfil data from airgapped computers.	☕️☕️☕️☕️
13:34	Don’t have time to build your own home automation infrastructure? Just buy a preconfigured home_assistant box and hit the ground running!	☕️☕️
15:44	ciliumproject eBPF replacement for Kubernetes proxy is not vulnerable to CVE-2020-8554 MitM vuln	☕️☕️☕️☕️
17:35	The Harvester project is open source HCI, built on top of Kubernetes.	☕️☕️☕️☕️☕️
19:22	zfs-localpv for Kubernetes hits GA milestone	☕️☕️☕️☕️
22:11	If I was still using grep, awk, and xargs to prune old Docker images and containers, does that make me an old fogey?	☕️☕️☕️☕️
26:06	Using k8s_gateway and CoreDNS with zone delegation to expose Kubernetes resources in a Windows network	☕️☕️☕️☕️
28:28	The TICK stack gives you an all-in-one solution for doing more than just graphing metrics. How about validating auth on an endpoint?	☕️☕️☕️☕️
31:00	Researchers find a material that may generate enough power from indoor ambient light to power smart devices in the home.	☕️☕️☕️☕️
31:40	Google wants to help independent creators of critical software get paid. Doesn’t sound bad, but lots of people are up in arms anyway…	☕️☕️☕️☕️☕️
34:01	A list of free or cheap hosting solutions for your dev projects	☕️☕️☕️☕️☕️
36:41	The EU cybersecurity policy for the next decade is an engrossing read that shows just how broken things are and what they want to do about it.	☕️☕️☕️☕️
39:22	AWS updated the app mesh controller for Kubernetes	☕️☕️☕️☕️
39:33	Need a book for the holidays? How about one to help you decide how to get the most out of service mesh?	☕️☕️☕️☕️
40:12	Embedding PKI registration and mTLS into IoT devices sounds like a Good Thing, but then you need PKI infrastructure and someone who knows how to run it.	☕️☕️☕️☕️
42:11	Tool of the Day: tor-controller exposes Kubernetes services to the onion network.	☕️☕️☕️☕️

Coffee and Cloud Native - E91

Dec 15, 2020 operations pwny pwny community random orchestration chaos engineering education security ai/ml observability

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
5:18	Learn how to debug your Kubernetes workloads with kubectl	☕️☕️☕️☕️
6:27	Are you running SolarWinds Orion? You probably want to power it off immediately.	☕️☕️☕️☕️☕️
8:11	Hey let’s all help BulmaBrian put his Blender rendering into Kubernetes for his mom’s Etsy store	☕️☕️☕️☕️
9:39	Did you know the Kubernetes logo fails originality tests and is therefore public domain?	☕️☕️☕️
11:22	Do you struggle with infographics for your presentations? Check out this article from VismeApp	☕️☕️☕️☕️☕️
13:24	Enabling GPU support in your Kubernetes clusters	☕️☕️☕️☕️☕️
15:48	Want to start using chaos engineering in Kubernetes?	☕️☕️☕️☕️
17:02	Right after I showed the webinar for hacking your car via the OBD2 port (E89), here’s an article showing how to make a custom display for engine metrics.	☕️☕️☕️☕️
19:28	Wearables are stepping up to encourage social distancing in office environments for a post-COVID world.	☕️☕️☕️☕️
22:01	Siemens helps you teach your kids the importance of COVID hygiene in public spaces with a new online game.	☕️☕️☕️☕️☕️
24:29	Sophos announces 4 open AI initiatives to handle malware.	☕️☕️☕️☕️
28:51	Tool of the Day: Kubenurse checks the network health of critical Kubernetes components and makes it available for Prometheus to scrape.	☕️☕️

Coffee and Cloud Native - E90

Dec 14, 2020 security operations iot observability pwny pwny release

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
6:32	PodSecurityPolicies are almost guaranteed to be deprecated and replaced. Move to Kyverno or OPA Gatekeeper today!	☕️☕️☕️☕️
10:00	The Kubernetes documentation has excellent info on enabling cluster security.	☕️☕️☕️☕️
13:15	Moddable’s hardware and SDK are high quality and accessible for IoT projects.	☕️☕️☕️☕️
15:15	How to enable mTLS for your users in Kubernetes ingress-nginx	☕️☕️☕️☕️
17:15	The Jetson Mate cluster box looks like a better solution for powerful Kubernetes home labs. How loud is the fan?	☕️☕️☕️☕️☕️
20:11	Grafana released a Helm chart for Loki! Kubernetes	☕️☕️☕️☕️
21:02	There’s a nasty malware campaign targeting browsers, with an unknown vector of infection.	☕️☕️☕️☕️☕️
23:56	MicroK8s 1.20 is out with support for lots of new add-ons and features	☕️☕️☕️☕️
25:00	newrelic gobbles up Pixie and plans to open source the platform	☕️☕️☕️☕️☕️
27:00	Tool of the Day: Cockpit is the perfect solution for web-based administration of Linux systems. This isn’t cPanel or Plesk. This is legit.	☕️☕️☕️☕️

Coffee and Cloud Native - E89

Dec 11, 2020 operations education security ai/ml webinar edge pwny pwny database orchestration

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
4:58	Need a rabbit hole? Here’s a spreadsheet of Kubernetes tools and add-ons.	☕️☕️☕️☕️☕️
7:03	Check out the cloud skills challenge from the Welsh Azure Users Group going on until Dec 21	☕️☕️☕️☕️☕️
8:15	NeuVector encourages you to ask difficult questions about the state of security in your Kubernetes clusters	☕️☕️☕️☕️
12:46	AWS is embedding ML analysis into data backends, performing automatic training and making results available as SQL queries. Data science without the data scientists!	☕️☕️☕️
16:46	Join the first webinar from Rancher_Labs and SUSE about how Rancher helps businesses achieve their cloud native objectives.	☕️☕️☕️☕️
17:50	Want to hear more about WHY the USAF put Kubernetes on a U2? Join this webinar.	☕️☕️☕️☕️
19:50	Curious about that port that interfaces to your car’s computer? Here’s info on how you can talk to it.	☕️☕️☕️☕️
22:11	A Kubernetes operator for FoundationDB, an ACID-compliant distributed database from Apple.	☕️☕️☕️☕️
24:22	Aqua releases a solution for analyzing and remediating overly permissive Kubernetes roles and accounts	☕️☕️☕️☕️
26:29	Tool of the Day: Why run Openstack on Kubernetes when SAP gives you a tool to run Kubernetes as a Service on Openstack?	☕️☕️☕️

Coffee and Cloud Native - E87

Dec 9, 2020 security random iot orchestration pwny pwny development

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
4:17	Continuous Inspiration: Meet Ariel Antigua!
8:06	If you don’t need to talk to the Kubernetes API from within your app, disable the automountServiceAccountToken for added security.	☕️☕️☕️☕️
10:53	This week’s CNCN Challenge is around NetworkPolicy in Kubernetes. Here’s an introduction to why it’s important.	☕️☕️☕️☕️
12:27	What do you do when you want your standing desk to move on its own? Ofc you write a Heroku app and a Google Smart Home Action.	☕️☕️☕️☕️
16:24	Azure Digital Twins now GA - make virtual replicas of real-world IoT infrastructure and the physical environments in which they live.	☕️☕️☕️☕️
20:04	MirantisIT drops Lens 4.0, with paid support options. IMO, if you need to pay them to teach you how to use Lens, you probably shouldn’t be using Kubernetes.	☕️☕️☕️
22:55	Gazillions of IoT devices have Dos/RCE vulns traceable to 4 TCP/IP libraries. IoT should always be isolated and locked down.	☕️☕️☕️☕️
26:18	How to pull Kubernetes secrets from Vault, with Spinnaker thrown in as a cherry on top.	☕️☕️☕️☕️
28:34	Tool of the Day: You can now deploy and work with K3d Kubernetes clusters from within VSCode!	☕️☕️☕️☕️☕️

Coffee and Cloud Native - E78

Nov 26, 2020 operations blockchain pwny pwny orchestration IoT development ci/cd

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
7:38	How to register and control K8s clusters with Azure Arc	☕️☕️☕️☕️
14:49	Four reasons that DAGs could replace Blockchains	☕️☕️☕️☕️
19:29	Researchers can hack personal assistant hardware at distance with a laser pointer. Be afraid.	☕️☕️☕️☕️☕️
21:26	Fear not the Terraform, for here be a cheat sheet for thee.	☕️☕️☕️☕️☕️
23:11	stakater has given us a CRD for creating Slack channels for alertmanager. Dope!	☕️☕️☕️☕️
24:29	Boston Networks wired the ENTIRE cities of Glasgow and Edinburgh with LoRaWAN!	☕️☕️☕️☕️
28:35	Tool of the Day: docker-lock pins Docker image dependency hashes and tells you if and when they change.	☕️☕️☕️☕️