- https://kubernetes.io/
- https://github.com/ramitsurana/awesome-kubernetes
- https://aws.amazon.com/eks/
- https://cloud.google.com/kubernetes-engine/
- https://azure.microsoft.com/pl-pl/services/kubernetes-service/
- https://www.udacity.com/course/scalable-microservices-with-kubernetes--ud615
- The Illustrated Children's Guide to Kubernetes https://www.youtube.com/watch?v=4ht22ReBjno
- https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/
- https://kubernetes.io/docs/reference/kubectl/cheatsheet/
- https://github.com/dennyzhang/cheatsheet-kubernetes-A4
- https://github.com/ramitsurana/awesome-kubernetes#books
- https://www.replex.io/blog/the-ultimate-kubernetes-cost-guide-aws-vs-gce-vs-azure-vs-digital-ocean
- https://divvycloud.com/blog/kubedex-comparison-google-gke-microsoft-aks-amazon-eks/
- https://github.com/ramitsurana/awesome-kubernetes#useful-article
- https://github.com/kelseyhightower/kubernetes-the-hard-way
- https://kubedex.com/google-gke-vs-microsoft-aks-vs-amazon-eks/
- https://github.com/darshanime/notes/blob/master/kubernetes.org
- https://chrislovecnm.com/kubernetes/cni/choosing-a-cni-provider/
- https://itnext.io/benchmark-results-of-kubernetes-network-plugins-cni-over-10gbit-s-network-36475925a560
- https://itnext.io/kubernetes-networking-behind-the-scenes-39a1ab1792bb
- https://itnext.io/kubernetes-multi-cluster-networking-made-simple-c8f26827813
- https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html
- https://aws.amazon.com/eks/faq/
- https://eksworkshop.com/introduction/
- https://medium.com/@zhaimo/learning-kubernetes-by-doing-part-1-setting-up-eks-in-aws-50dcf7a76247
- https://docs.aws.amazon.com/eks/latest/userguide/eks-ug.pdf
- https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html
- https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html
- https://docs.aws.amazon.com/eks/latest/userguide/create-public-private-vpc.html
- uswitch/kiam#112
- https://sourcediving.com/elastic-kubernetes-service-536a9ffe9223
- https://aws.amazon.com/blogs/opensource/eksctl-eks-cluster-one-command/
- https://aws.amazon.com/blogs/opensource/category/compute/amazon-elastic-container-service-for-kubernetes/
- https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html
- https://www.reddit.com/r/aws/comments/9kbejr/anyone_using_eks_yet_for_prod/
- https://aws.amazon.com/blogs/opensource/eksctl-eks-cluster-one-command/
- https://aws.amazon.com/blogs/opensource/aws-service-operator-kubernetes-available/
- https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-eks-enables-support-for-kubernetes-dynamic-admission-cont/ (istio stuff)
- https://docs.aws.amazon.com/eks/latest/userguide/calico.html
- https://github.com/awsdocs/amazon-eks-user-guide/blob/master/doc_source/doc-history.md
- https://github.com/awslabs/amazon-ecr-credential-helper
- https://blog.giantswarm.io/load-balancer-service-use-cases-on-aws/
- https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
- kubernetes/kubernetes#26670
- https://www.weave.works/technologies/kubernetes-on-aws
- https://stripe.com/blog/operating-kubernetes
- https://eksworkshop.com/introduction/
- https://github.com/aws/containers-roadmap/projects/1
- https://github.com/pahud/eks-alb-ingress
- https://github.com/awslabs/aws-app-mesh-examples
- https://www.slideshare.net/AmazonWebServices/building-paas-with-amazon-eks-for-the-largescale-highly-regulated-enterprise-con309r1-aws-reinvent-2018
- https://aws.amazon.com/app-mesh/features/
- https://aws.amazon.com/blogs/opensource/kubernetes-service-catalog-aws-service-broker-on-eks/
- https://github.com/kubernetes/ingress-nginx
- https://github.com/Kong/kong (nginx)
- https://github.com/containous/traefik
- https://github.com/haproxy/haproxy
- https://github.com/appscode/voyager (haproxy)
- https://github.com/heptio/contour (envoy)
- https://github.com/datawire/ambassador (envoy) (with istio https://www.getambassador.io/user-guide/with-istio/)
- https://istio.io/docs/tasks/traffic-management/ingress/ (envoy)
- https://github.com/kubernetes-sigs/aws-alb-ingress-controller (ALB)
- https://github.com/zalando-incubator/kube-ingress-aws-controller
- https://kubedex.com/nginx-ingress-vs-kong-vs-traefik-vs-haproxy-vs-voyager-vs-contour-vs-ambassador/
- https://www.envoyproxy.io/
- https://github.com/pahud/amazon-eks-workshop/tree/master/03-creating-services/ingress/traefik-ingress
- https://github.com/aws-samples/aws-workshop-for-kubernetes
- https://www.slideshare.net/Provectus/dive-into-devops-march-traefik-as-kubernetes-ingress-controller-ihor-borodin
- https://medium.com/@dmaas/amazon-eks-ingress-guide-8ec2ec940a70
- https://itnext.io/save-on-your-aws-bill-with-kubernetes-ingress-148214a79dcb
- Traefik from kubedex.com: "Another consideration is minimizing server reloads because that impacts load balancing quality and existing connections etc. Traefik doesn’t support hitless reloads so you need NGINX or Envoy Proxy for this. For a lot of people this is a big deal." vs from rancher.com: "Traefik has a true zero downtime reload and implements the possibility of defining circuit breakers rules."
- https://github.com/nginxinc/nginmesh
- https://blog.giantswarm.io/load-balancer-service-use-cases-on-aws/
- https://medium.com/devopslinks/istio-step-by-step-part-01-introduction-to-istio-b9fd0df30a9e Istio
- https://github.com/pahud/eks-alb-ingress
-
https://github.com/kubernetes-incubator/external-dns
-
https://github.com/helm/charts/tree/master/stable/external-dns
-
https://ryaneschinger.com/blog/automatic-dns-kubernetes-ingresses-externaldns/
-
https://medium.com/@russell.whelan/traefik-and-external-dns-naming-magic-b4d6a01d3634
-
https://github.com/kubernetes-incubator/external-dns/blob/master/docs/tutorials/istio.md
-
https://appscode.com/products/voyager/8.0.1/guides/ingress/dns/external-dns/
-
kubernetes-sigs/external-dns#413
Ingress with traefik
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test-wordpress annotations: kubernetes.io/ingress.class: traefik external-dns.alpha.kubernetes.io/target: mytraefikservice.mydomain.com spec: rules: - host: test.mydomain.com http: paths: - path: / backend: serviceName: test-wordpress servicePort: 80
- https://github.com/uswitch/kiam
- https://github.com/jtblin/kube2iam
- https://github.com/ash2k/iam4kube
- https://github.com/mikkeloscar/kube-aws-iam-controller
- https://docs.google.com/document/d/1rn-v2TNH9k4Oz-VuaueP77ANE5p-5Ua89obK2JaArfg/edit?usp=sharing
- https://github.com/kernelpayments/kube-google-iam
- istio/istio#9297
- https://istio.io/docs/concepts/what-is-istio/
- https://kubernetes.io/blog/2017/05/managing-microservices-with-istio-service-mesh/
- https://www.hashicorp.com/blog/consul-1-2-service-mesh
- https://linkerd.io/1/getting-started/k8s/
- https://thenewstack.io/which-service-mesh-should-i-use/
- https://medium.com/@jeffzzq/how-to-integrate-an-aws-lambda-function-into-your-kubernetes-service-mesh-5d665f351675
- https://helm.sh/
- https://www.digitalocean.com/community/tutorials/how-to-install-software-on-kubernetes-clusters-with-the-helm-package-manager
- https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-init/
- https://github.com/helm/charts
- https://www.terraform.io/docs/providers/helm/index.html
- https://github.com/roboll/helmfile
- https://github.com/Praqma/helmsman
- https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/
- https://github.com/kubernetes-sigs/aws-iam-authenticator
- https://kubernetes.io/docs/reference/access-authn-authz/rbac/
- https://github.com/freach/kubernetes-security-best-practice
- https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/
- https://engineering.bitnami.com/articles/sealed-secrets.html
- https://github.com/bitnami-labs/sealed-secrets
- https://www.slideshare.net/sebastiengoasguen/kubernetes-sealed-secrets
- https://medium.com/@gmaliar/dynamic-secrets-on-kubernetes-pods-using-vault-35d9094d169
- https://github.com/Boostport/kubernetes-vault
- https://coreos.com/blog/introducing-vault-operator-project
- https://medium.com/containerum/top-security-tips-for-your-kubernetes-cluster-9b23a4e95111
- https://neuvector.com/container-security/kubernetes-security-guide/
- https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/
- https://thenewstack.io/how-chaos-engineering-can-drive-kubernetes-reliability/
- https://learnk8s.io/blog/kubernetes-chaos-engineering-lessons-learned
- https://github.com/asobti/kube-monkey
- https://github.com/bloomberg/powerfulseal
- https://github.com/knative/
- https://cloud.google.com/knative/
- https://github.com/kubeless/kubeless
- https://fission.io/
- https://thenewstack.io/the-future-of-kubernetes-is-serverless/
- https://thenewstack.io/why-serverless-vs-kubernetes-isnt-a-real-debate/
- https://dzone.com/articles/when-to-use-serverless-when-to-use-kubernetes
- https://medium.com/coryodaniel/from-erverless-to-elixir-48752db4d7bc
- https://kubernetes.io/docs/reference/tools/
- https://github.com/ahmetb/kubectx
- https://github.com/txn2/kubefwd
- https://about.gitlab.com/solutions/kubernetes/
- https://www.spinnaker.io/
- https://www.kubeflow.org/
- https://opencensus.io/
- https://www.pulumi.com/
- https://kubernetes.io/docs/tasks/debug-application-cluster/resource-usage-monitoring/
- https://itnext.io/kubernetes-monitoring-with-prometheus-in-15-minutes-8e54d1de2e1
- https://www.abhishek-tiwari.com/10-open-source-tools-for-highly-effective-kubernetes-sre-and-ops-teams/
- https://logz.io/blog/kubernetes-monitoring/
- https://thenewstack.io/5-tools-monitoring-kubernetes-scale-production/
- https://medium.com/containerum/4-tools-to-monitor-your-kubernetes-cluster-efficiently-ceaf62818eea
- https://www.weave.works/technologies/monitoring-kubernetes-with-prometheus/
- https://github.com/XiaoMi/naftis
- https://banzaicloud.com/blog/multi-cloud-k8s/
- https://kubernetes.io/docs/setup/turnkey/stackpoint/
- https://kubernetes.io/docs/concepts/cluster-administration/federation/
- https://dzone.com/articles/best-practices-for-multi-cloud-kubernetes
- https://cloudify.co/webinars/multi-cloud-orchestration-kubernetes
- https://containership.io/
- http://superuser.openstack.org/articles/how-to-multi-cloud-kubernetes/
- https://www.tripwire.com/state-of-security/security-data-protection/cloud/multi-cloud-security-best-practices-guide/
# Allows scaling deployments or stateful sets up/down
# Generally bound at the namespace level to allow scaling only in that namespace
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: namespace-scale
rules:
- apiGroups:
- '' # core group
resources:
- deployments/scale
- statefulsets/scale
verbs:
- create
---