- The original Kubernetes multi-tenancy project
- Limiting access to Kubernetes resources with RBAC
- Resource quotas
- Limit ranges
- Kubernetes network policies recipes
- coredns/policy
- API Priority and Fairness
- Exploiting applications using liveness probes in Kubernetes
- open-policy-agent/gatekeeper-library
- What vulnerabilities? Live hacking of containers and orchestrators
danielepolencic
/ resource-allocations.md
Last active
October 26, 2022 21:11
Resource allocations in Kubernetes nodes — links
- Kubernetes instance calculator.
- Allocatable memory and CPU in Kubernetes Nodes
- Allocatable memory and CPU resources on GKE.
- AWS EKS AMI reserved CPU and reserved memory.
- AKS resource reservations.
- Official docs https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/)
- Enabling prefix assignment in EKS and VPC CNI.
danielepolencic
/ links.md
Created
January 7, 2022 08:22
Links for scaling Nginx controllers with KEDA and Prometheus
danielepolencic
/ toy-db.ts
Created
November 27, 2021 07:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { LevelUp } from 'levelup' | |
| import { Transform } from 'stream' | |
| export function Document(db: LevelUp) { | |
| return { createCollection } | |
| function createCollection<T>({ collection }: { collection: string }) { | |
| return < | |
| Indexers extends { | |
| [name: string]: { |
Links:
- IP addresses per network interface per instance type
- How do I use multiple CIDR ranges with Amazon EKS?
- Amazon VPC CNI plugin increases pods per node limits
- Increase the amount of available IP addresses for your Amazon EC2 nodes
- Assigning prefixes to Amazon EC2 network interfaces
- Kubernetes instance calculator
danielepolencic
/ questions.md
Created
April 22, 2021 04:59
- Do you support managed worker nodes? (Something similar to this in AWS https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html)
- Do you support setting Kubelet parameters via config file? (https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/)
- Do you include a service mesh in your offering?
- Do you support bare-metal worker nodes?
- Is L4 load balancing supported for applications running on Kapsule?
- Is a key management solution included for Kubernetes secrets?
- Is multi-tenancy supported for Kubernetes cluster (namespace etc.)?
- Is Kubernetes Admission Controllers supported? (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/)
- Are POD security policies supported? (https://cloud.google.com/kubernetes-engine/docs/how-to/pod-security-policies)
- Are shielded nodes supported? (https://cloud.google.com/kubernetes-engine/docs/how-to/shielded-gke-nodes)
danielepolencic
/ autoscaler.yaml
Last active
April 18, 2021 02:51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| labels: | |
| k8s-addon: cluster-autoscaler.addons.k8s.io | |
| k8s-app: cluster-autoscaler | |
| name: cluster-autoscaler | |
| namespace: kube-system | |
| --- |
danielepolencic
/ nsm.md
Last active
April 10, 2023 17:45
Nginx Service Mesh — installation instructions
You will install the Nginx Service Mesh locally using minikube.
Launch a new cluster with:
minikube start \
--extra-config=apiserver.service-account-signing-key-file=/var/lib/minikube/certs/sa.key \
--extra-config=apiserver.service-account-key-file=/var/lib/minikube/certs/sa.pub \
danielepolencic
/ minikube-windows.md
Created
November 30, 2020 03:39
Note for running minikube on Windows.
Minikube is a tricky beast on Windows.
There are several options to run minikube on Windows:
- WSL2
- HyperV
- VirtualBox
The easiest option is to run minikube with VirtualBox.
danielepolencic
/ redux.ts
Created
September 9, 2020 03:02
Redux toolkit + redux-thunk end-to-end demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { createAsyncThunk, createSlice, configureStore, Dispatch, AnyAction } from '@reduxjs/toolkit' | |
| import thunk, { ThunkDispatch } from 'redux-thunk' | |
| const userAPI = { | |
| async fetchById(id: string) { | |
| return new Promise<{ data: number }>(resolve => | |
| setTimeout(() => { | |
| resolve({ data: 1 }) | |
| }, 4000), | |
| ) |
NewerOlder