cloud-native-platform
infrastructure
Our great sponsors
| cloud-native-platform | infrastructure | |
|---|---|---|
| 1 | 2 | |
| 28 | 5 | |
| - | - | |
| 0.0 | 7.1 | |
| almost 3 years ago | about 2 months ago | |
| Shell | Shell | |
| Apache License 2.0 | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cloud-native-platform
infrastructure
-
Ask HN: Who needs help with side projects?
I've been developing a recipe search engine and meal planner at https://www.reciperadar.com/ -- all the code is free and open source.
I think the two largest challenges it has at the moment are:
- Developer experience / infrastructure setup: the service is Kubernetes-based, composed primarily of Python+Flask microservices, and although the setup steps are documented[1], they're not yet automated.
- User interface: my lack of user interface design skills are fairly apparent, I think. Having some clear UI goals to work towards would be helpful - there's likely some overlap with product design questions here (what should be the range of functionality that the the app offers?)
Any and all feedback welcome, from discussion comments to pull requests to business model questions/critiques :)
PS: Don't forget to mention one or two of your own side projects if there's anything you're looking for help with, too.
-
Ask HN: Adversarial System Administration?
Hi folks,
I enjoy developing and maintaining the RecipeRadar[1] project's infrastructure in a truly open fashion.
Since the project itself is AGPL-licensed, that means I like to -- ideally -- push infrastructure documentation and changes before the associated administrative commands are run. That means that the code to the system itself is already published and available (in a chronological sense) to anyone using the service over the network at any given point in time.
However, it does introduce a set of strange risks: what if there changes expose security vulnerabilities that are _not yet_ introduced, but will be when the commands are run.
In a typical system administration scenario, generally the 'home team' acts carefully and is primarily only aware of their own actions - aside from monitoring for any externally-initiated or unexpected system behaviour during maintenance.
If a mistake is made, sometimes they'll backtrack and clean up, but for some kinds of system change, it's hard to know whether an exposed vulnerability was exploited, because the exposure window may have been very brief.
I have a sense that the best overall solution to this kind of problem (in this kind of open environment) would be an 'adversarial' system administration approach; perhaps involving some kind of mirroring.
Two (or more) systems would walk through the same series of administration steps, each with one (or more) red teams attempting to exploit the process -- already armed with the knowledge of the steps to be applied in advance.
Does that make sense to anybody, and/or can anyone provide thoughts or reading material about research into this kind of area?
[1] - https://www.reciperadar.com/
[2] - https://github.com/openculinary/infrastructure/
What are some alternatives?
k8s-gitops - GitOps principles to define kubernetes cluster state via code
usernetes - Kubernetes without the root privileges
kURL - Production-grade, airgapped Kubernetes installer combining upstream k8s with overlays and popular components
cheatsheets - My Cheatsheet Repository