bookmarks

k8s bookmarks

k8s common

Install

• Guide: Kubernetes Multi-Master HA Cluster with kubeadm
• Kubernetes by kubeadm config yamls
• Настройка НА-кластера Kubernetes на «голом железе» с kubeadm p1, p2, p3
• Kubernetes-HA. Разворачиваем отказоустойчивый кластер Kubernetes c 5 мастерами
• Packer, Terraform и Ansible: деплой кластера Kubernetes за час
• Upgrading Homelab Kubernetes Cluster from 1.20 to 1.21
• Using dnsmasq with a local kind clusters

Tshoot

• Breaking down and fixing Kubernetes ru

Common

• Set OpenAPI patch strategy for Kubernetes Custom Resources - Kustomize
• Layer-by-Layer Cgroup in Kubernetes
• Quality of Service Management for Pods by Kubelet
• 47 Things To Become a Kubernetes Expert
• Kubernetes Overview Diagrams
• Kubernetes Examples
• Kubernetes under the hood
• Resources and limits
  • Who murdered my lovely Prometheus container in Kubernetes cluster?
  • How to rightsize the Kubernetes resource limits
  • Kubernetes Resource Management in Production
  • Ресурсы в Kubernetes
    • Часть 1: Память (Memory)
    • Часть 2: Процессор (CPU) Ресурсы в Kubernetes
• Kubernetes configuration patterns
  • Patterns for Kubernetes primitives)
  • Patterns for Kubernetes controllers
• Kubernetes Learning Resources
• Awesome k8s
• What happens when k8s
• What happens when Kubectl Run is executed?
• What Happens When Deleting a Pod
• Why and How of Kubernetes Ingress (and Networking)
• How does ‘kubectl exec’ work? / Docker shim
• How It Works — kubectl exec / CRI-O
• How to Clean Up Old Containers and Images in Your Kubernetes Cluster
• Demystifying kube-proxy
• Ephemeral Containers — For a More Civilized Debugging Age
• A Deep Dive into Kubernetes External Traffic Policies
• Deployment
  • Kubernetes Deployment Antipatterns
    • part 1
    • part 2
    • part 3
• VPA
  • Вертикальное автомасштабирование pod’ов в Kubernetes: полное руководство
• Architecting Kubernetes clusters — choosing the best autoscaling strategy
• Working with Kubernetes API
  • Kubernetes API Basics - Resources, Kinds, and Objects
  • How To Call Kubernetes API using Simple HTTP Client
  • How To Call Kubernetes API using Go - Types and Common Machinery
  • How To Extend Kubernetes API - Kubernetes vs. Django
  • How To Develop Kubernetes CLIs Like a Pro

Other

• Accessing kube-dns from your desktop
• The life of a DNS query in Kubernetes
• Kubernetes Node Local DNS Cache
• Vertical Pod Autoscaling: The Definitive Guide

GitOps

Argo

• ArgoCD: a Helm chart deployment, and working with Helm Secrets via AWS KMS
• Argo: Workflow Engine for Kubernetes
• Create Argo CD local users
• Разбираемся с Custom Tooling в Argo CD
• ArgoCD: деплой Helm-чарта и работа с Helm Secrets через AWS KMS
• ArgoCD with Kustomize and ksops
• argocd-vault-plugin
• kind keycloak and argocd with sso
• Gitops и ArgoCD: отслеживание изменений образов

Flux

• Manage your Kubernetes clusters with Flux2

PKI

• How to Generate a Self-Signed Certificate for Kubernetes
• Что делать, если протухли сертификаты и кластер превратился в тыкву?

Webhooks

• A Gentle Intro to Validation Admission Webhooks in Kubernetes
• How to run your own admission controller on Kubernetes
• Building a Kubernetes Mutating Admission Webhook
• Diving into Kubernetes MutatingAdmissionWebhook
• Getting Started to Write Your First Kubernetes Admission Webhook
  • part 1
  • part 2

operators

• Writing a Kubernetes Operator: From Zero to Hero rus
• shell-operator v1.0.0: долгожданный релиз нашего проекта для Kubernetes-операторов
• Kubernetes Operators by Example
• A Practical kubernetes Operator using Ansible — an example
• From Zero to Kubernetes Operator
• Getting Started With Kubernetes Operators
  • part 1 Helm Based
  • part 2 Ansible Based
  • part 3 go Based
• Kubernetes operators with Python
  • #1: Creating CRDs
  • #2: Implementing Controller
• Build a Highly Available Kubernetes Operator Using Golang
• Creating REDIS operator with kubebuilder

• Github Repository Operator

  Webhook with operator-sdk

  • part 1 Scaffold and first slice of the operator: creation of github repository
  • part 2 Update and delete of github repository
  • part 3 Creating of github repository by cloning another repository
  • part 4 Validation using webhooks

Networking

• Network Policy Editor
• Why and How of Kubernetes Ingress (and Networking)
• cilium: Debugging and Monitoring DNS issues in Kubernetes
• networkpolicy/tutorial
• Cilium Code Walk Through Series

ServiceMesh

Istio

• Istio Data Plane Pod Startup Process Explained
• Sidecar Injection, Transparent Traffic Hijacking , and Routing Process in Istio Explained in Detail
• Traffic Types and Iptables Rules in Istio Sidecar Explained
• Istio Component Ports and Functions in Detail
• Understanding Istio and TCP service
• Istio Ingress vs. Kubernetes Ingress
• Using Istio Service Mesh as API Gateway
• Why Would You Need SPIRE for Authentication With Istio?
• Locality Aware Routing

Monitoring

• Как настроить мониторинг событий в Kubernetes: 4 бесплатных инструмента
• Alerting with Prometheus on Kubernetes

etcd

• Как с fio проверить диски на достаточную производительность для etcd
• Ломаем и чиним etcd-кластер

security

• NSA, CISA release Kubernetes Hardening Guidance
• RBAC

SSO

• Kubernetes Single Sign On - A detailed guide

Other

• Running Vault and Consul on Kubernetes

Helm

• 13 Best Practices for using Helm
• Using Helm To Include All Files From A Directory In-line
• understanding-helm-upgrade-reset-reuse-values
• Helm — Advanced Commands

Dev

• Testing Production Kubernetes Controllers
• Writing and testing Kubernetes webhooks using Kubebuilder v2
• An example of using dynamic client of k8s.io/client-go
• The Kubernetes dynamic client
• Kubernetes Operator with Kubebuilder
  • part 1
  • part 2
  • part 3
• Running logic of kubebuilder operator
• Kubernetes operators for resource management
• Pure dry sorting, an article to understand kubebuilder installation, deployment and source code controller runtime library analysis
• In-depth analysis of the election mechanism in kubernetes
• Writing a Kubernetes Controller: part 1
• Writing a Kubernetes Controller: part 2
• A Gentle Intro to Validation Admission Webhooks in Kubernetes