| |
| 🔗 Stories, Tutorials & Articles |
| |
|
| |
| Zero-Trust Kubernetes: Enforcing Security & Multi-Tenancy with Custom Admission Webhooks |
| |
| |
Tools like OPA Gatekeeper, Kyverno, and custom webhooks slam the brakes on sketchy workloads before they ever spin up.
These controllers aren’t just gatekeepers - they’re enforcers. They check pod configs, block unverified images, and apply live, scoped policies like tenant-aware network isolation and resource quotas on the fly. |
|
| |
|
| |
|
| |
| Azure Developer CLI: Azure Container Apps Dev-to-Prod Deployment with Layered Infrastructure |
| |
| |
Azure Developer CLI v1.20.0 leveled up Container Apps. Build and push are now split from deploy, so you can finally "build once, deploy everywhere" and mean it.
It adds layered infrastructure support, lets you share an Azure Container Registry across environments, and handles resource dependency sequencing in CI/CD. |
|
| |
|
| |
|
| |
| AWS to Bare Metal Two Years Later: Answering Your Toughest Questions About Leaving AWS |
| |
| |
OneUptime ditched the cloud bill and rolled their own dual-site setup. Think bare metal, orchestrated with MicroK8s, booted by Tinkerbell, patched together with Ceph, Flux, and Terraform. Result? 99.993% uptime and $1.2M/year saved - 76% cheaper than even well-optimized AWS.
They run it all with just ~14 engineer-hours/month. Thanks, Talos. The cloud's still in play, but only where it helps: archival, CDN, and burst capacity.
The bigger trend? Teams with steady workloads are eyeing physical infra again. Same automation. More control. Way less money lit on fire. |
|
| |
|
| |
|
| |
| How Airbnb Runs Distributed Databases on Kubernetes at Scale ✅ |
| |
| |
Airbnb runs distributed databases across multiple Kubernetes clusters - each tied to its own AWS Availability Zone. That setup isolates failures down to individual pods and keeps the whole system highly available.
They built a custom Kubernetes operator and leaned on EBS volumes with PVCs to smooth out node swaps. That way, even during shakeups - planned or not - quorum stays intact and the system holds steady.
System shift: Running stateful databases on Kubernetes isn’t just possible now. At scale, it's solid - thanks to smart cluster mapping, custom operators, and failover that actually respects storage. |
|
| |
|
| |
|
| |
| Kubernetes with Buildkite: faster, simpler, and ready for scale |
| |
| |
Buildkite just added a major revamp of its Kubernetes Agent Stack. Highlights: REST-based config, leaner K8s objects, and hardened security defaults.
It handles tens of thousands of concurrent jobs without breaking a sweat. Shared environment vars cut down pod config noise. Error messages come with full YAML receipts.. Metrics are exposed out of the box, no custom scrapers needed. And Helm got more knobs to tweak. |
|
| |
|
| |
|
| |
| Manage Secrets of your Kubernetes Platform at Scale with GitOps |
| |
| |
| Use the External Secrets Operator to manage secrets securely and connect workload clusters to a control plane with Argo CD. By integrating External Secrets, you can streamline secrets management and maintain a secure environment for your platform. Explore different reference architectures such as the Hub and Spoke model to effectively manage secrets and workload clusters in a scalable manner. |
|
| |
|
| |
👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community. |
