Kubesploit

Join a 3-part, free educational program on Kubernetes cost optimization & efficiency: 📏 How to size your cluster for efficiency 🤏 Combining autoscalers for minimal resource allocations ⚖️ Dynamically rebalancing workloads 👉 bit.ly/k8s-optimize-1

This article discusses the importance of static checking and validation of YAML files in the development lifecycle of Kubernetes resources. More: https://blog.codewdhruv.com/validate-clean-secure-k8s-yaml-files

In this 2-part tutorial, you will learn how to set up a Keycloak instance with Postgres on Kubernetes and then improve the setup to support high availability and failure tolerance. More: https://blog.brakmic.com/keycloak-with-postgresql-ha-on-kubernetes

Master Kubernetes with Learnk8s' Advanced Kubernetes workshops! What should you expect? - Learn how to architect and design clusters from the ground up (in the cloud or on-prem). - Explore the Kubernetes internal component and how the system is designed with resiliency in mind. - Deep-dive into the networking components and observe the packets flowing into the cluster. - Hands-on labs to test the theory with real-world scenarios! - And more. The course starts this September and you can sign up here: https://learnk8s.io/online-advanced-september-2023

In this post, you will learn how to apply various Pod security standards in Amazon EKS. More: https://aws.amazon.com/blogs/containers/implementing-pod-security-standards-in-amazon-eks

This week on the Learn Kubernetes Weekly: 🧚‍♀️ Fairness, pricing, and burstable CPUs 💪 How to debug errors like a pro 🗜️ Optimizing interzone egress cost 👮🏻‍♂️ Fine-grained pod topology spread policies 🤫 State of Kubernetes secrets management Read it now: https://learnk8s.io/issues/41

What's the salary range for a Kubernetes engineer? Do you need a Kubernetes certification to apply for a job? What technologies should I learn next to land my next job? We analyzed 123 Kubernetes jobs for the second quarter of 2023 and found that: - The average Kubernetes job pays €80,864 in Europe and $129,802 in North America. - 87% of the total listings are seeking senior engineers. - There's a significant drop in fully-remote positions (from 22% in 2022 to 2% today). - GitLab CI isn't the top CI tool (with 21% mentions): Jenkins (37%) has passed it again 😭. You can read the report here: https://kube.careers/state-of-kubernetes-jobs-2023-q2

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure that applications adhere to best practices. More: https://github.com/stackrox/kube-linter

In this tutorial, you will learn how to authenticate users to your apps deployed in Kubernetes using Nginx-ingress, Oauth2 and Azure AD. More: http://work.haufegroup.io/secure-your-application-with-k8s-nginx-ingress-oauth2-azuread

Checkov is a static code analysis tool for infrastructure as code and also a software composition analysis tool for images and open-source packages. It scans cloud infrastructure provisioned using Terraform, Kubernetes, Helm charts, Kustomize, and more. More: https://github.com/bridgecrewio/checkov

Master Kubernetes with Learnk8s' Advanced Kubernetes workshops! What should you expect? - Learn how to architect and design clusters from the ground up (in the cloud or on-prem). - Explore the Kubernetes internal component and how the system is designed with resiliency in mind. - Deep-dive into the networking components and observe the packets flowing into the cluster. - Hands-on labs to test the theory with real-world scenarios! - And more. The course starts this September and you can sign up here: https://learnk8s.io/online-advanced-september-2023

There are many factors to consider when deciding how Kubernetes secrets are managed and injected into containers. This blog post will discuss the most popular approaches available for Kubernetes Secrets management. More: https://doppler.com/blog/kubernetes-secrets-management-in-2022

This week on the Learn Kubernetes Weekly: 📺 How to integrate legacy VMs into container pipelines 📈 Kubernetes-native synthetic monitoring 📐 Choosing a worker node size 📥 Configuring local ingress domains 🤝 Manually scheduling pods Read it now: https://learnk8s.io/issues/40

🤔 Should you run a Kubernetes cluster with many smaller instances or a few larger ones? This article explores the pros/cons: 📊 Resource allocations 📝 Optimal node capacity ⚖️ Scaling considerations 🌊 Bandwidth implications ♻️ IP recycling 📦 Storage https://learnk8s.io/kubernetes-node-size

This repository contains a custom Kubernetes controller that can automatically create random secret values. This may be used for auto-generating random credentials for applications running on Kubernetes. More: https://github.com/mittwald/kubernetes-secret-generator

This article highlights the use of Common Expression Language (CEL) in Kyverno validation rules and the use of Kyverno CLI apply/test commands for Kubernetes Validating Admission policies. More: https://medium.com/@mariamfahmy66/validating-admission-policies-in-kyverno-1f4a3e972f92

In this tutorial, you'll learn how to install, configure and devise custom rules and alerts for Falco. With this, you can monitor your infrastructure and receive real-time alerts on critical security events. More: https://itnext.io/getting-started-with-falco-48e8631b6f86

In this article, you will learn about RBAC Buster. This new Kubernetes attack exploits the API servers to create a ClusterRoleBinding and gain full access to the cluster with persistence after the misconfiguration is fixed. More: https://blog.aquasec.com/leveraging-kubernetes-rbac-to-backdoor-clusters

This week on the Learn Kubernetes Weekly: ⚖️ Distributed and auto-scalable websocket server architecture 🏎️ Demystifying CPU limits 🙅‍♀️ Pod topology spread constraint pitfalls 🤔 When is a CPU not a CPU? 🛑 Never use alpine Linux ever again Read it now: https://learnk8s.io/issues/39

This tutorial will teach you how to use the Secrets Store CSI Driver to integrate your app with HashiCorp Vault on Kubernetes. More: https://piotrminkowski.com/2023/03/20/vault-with-secrets-store-csi-driver-on-kubernetes