capsule
kubernetes-network-policy-recipes
capsule | kubernetes-network-policy-recipes | |
---|---|---|
5 | 13 | |
1,479 | 5,534 | |
1.6% | - | |
9.4 | 4.6 | |
7 days ago | 3 months ago | |
Go | ||
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
capsule
-
Multi-tenancy in Kubernetes
Capsule
-
How we reduced Kubernetes Clusters Sprawl by adopting Vclusters: An Introduction
At the end is just a tool which helps to achieve multi tenancy(with all pros and cons) in Kubernetes. It takes a different approach from capsule for example as you have a dedicated control plane for each tenant which means you have an isolated api server that you can spin up in a matter of seconds and lets you also achieve better resource utilizations by using the same nodes shared among all tenants
- Is it anti-pattern to have multiple environments under a single namespace?
-
k8s based platform
For multi tenancy you could use this: https://github.com/clastix/capsule
- RBAC for developer self-service?
kubernetes-network-policy-recipes
-
Kubernetes Security
Further reading: Controlling Access to Kubernetes API What is TLS Configure Service Accounts Dynamic Admission Control Network Policy Recipes
-
stopping namespaces to talk with each other
See: https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/04-deny-traffic-from-other-namespaces.md for an example of what you are looking to do.
-
Multi-tenancy in Kubernetes
This is not great for multi-tenancy, but you can correct this with NetworkPolicies.
- Please check thoroughly anything you copy and paste - ahmetb/kubernetes-network-policy-recipes: Example recipes for Kubernetes Network Policies that you can just copy paste
-
11 Resources that will make you a Kubernetes wizard in no time
🔗 https://github.com/ahmetb/kubernetes-network-policy-recipes
-
Data and System Visualization Tools That Will Boost Your Productivity
I'd recommend using this collection of network policy recipes to test out these 2 tools and see how they can be helpful to your workflow.
-
How to block access to pods from host? NetworkPolicy not working
Here's an example policy I've tried. https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/03-deny-all-non-whitelisted-traffic-in-the-namespace.md
-
Cleared my CKA exam with a score of 92%. Here are a few tips
The Network Policies recipes here: https://github.com/ahmetb/kubernetes-network-policy-recipes -- Do not under any circumstances overlook this goldmine of network policy examples. Super important.
-
How to learn and practice more in Kubernetes Network Policy for CKx exams and EKS ?
Good to learn more in Kubernetes network policy for CKx exams and EKS. Below are resources: 1/ read official doc and try to understand them well - https://kubernetes.io/docs/concepts/services-networking/network-policies/ 2/ bookmark samples for exams and EKS setups - https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource 3/ do more practices at https://github.com/ahmetb/kubernetes-network-policy-recipes 4/ visualize (image below) and try more at https://editor.cilium.io/ - it allows you to save the final netpol in k8s netpol OR Cilium netpol (EKS-A is using Cilium !)
- CKAD Exam Lab
What are some alternatives?
vcluster - vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
ckad-questions - A set of exercises and solutions to prepare for the Certified Kubernetes Application Developer exam by Cloud Native Computing Foundation.
kiosk - kiosk 🏢 Multi-Tenancy Extension For Kubernetes - Secure Cluster Sharing & Self-Service Namespace Provisioning
CKAD-exercises - A set of exercises to prepare for Certified Kubernetes Application Developer exam by Cloud Native Computing Foundation
kamaji - Kamaji is the Hosted Control Plane Manager for Kubernetes.
cka-learning
hierarchical-namespaces - Home of the Hierarchical Namespace Controller (HNC). Adds hierarchical policies and delegated creation to Kubernetes namespaces for improved in-cluster multitenancy.
jsonvisio.com - 🔮 Seamlessly visualize your JSON data instantly into graphs; paste, import or fetch! [Moved to: https://github.com/AykutSarac/jsoncrack.com]
kubeplus - Kubernetes Operator to create Kubernetes-native APIs from Helm charts for multi-instance SaaS
vagrant-kubernetes - Playground for setting up small Kubernetes cluster on some vagrant boxes and practice with various examples to get familiar with K8s.
loft - Namespace & Virtual Cluster Manager for Kubernetes - Lightweight Virtual Clusters, Self-Service Provisioning for Engineers and 70% Cost Savings with Sleep Mode
CKAD_labs - Includes labs I have done as part of preparation for CKAD exam