krane
kubernetes-network-policy-recipes
Our great sponsors
krane | kubernetes-network-policy-recipes | |
---|---|---|
2 | 13 | |
1,366 | 5,466 | |
0.4% | - | |
7.4 | 4.6 | |
3 days ago | about 1 month ago | |
Ruby | ||
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
krane
-
Automating deployment to kubernetes
If you are deploying simple manifests (not helm-stuff), try shopify's [krane](https://github.com/Shopify/krane). I build a [deploy-container](https://github.com/strowi/deploy/) for use with gitlabs ci-stages a while back.
-
Using Ansible to deploy k8s manifests
If you have the flexibility to use a different tool https://github.com/Shopify/krane is a great one which among other things does compare what's on the cluster vs what's applied and can prune resources accordingly
kubernetes-network-policy-recipes
-
Kubernetes Security
Further reading: Controlling Access to Kubernetes API What is TLS Configure Service Accounts Dynamic Admission Control Network Policy Recipes
-
stopping namespaces to talk with each other
See: https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/04-deny-traffic-from-other-namespaces.md for an example of what you are looking to do.
-
Multi-tenancy in Kubernetes
This is not great for multi-tenancy, but you can correct this with NetworkPolicies.
- Please check thoroughly anything you copy and paste - ahmetb/kubernetes-network-policy-recipes: Example recipes for Kubernetes Network Policies that you can just copy paste
-
11 Resources that will make you a Kubernetes wizard in no time
🔗 https://github.com/ahmetb/kubernetes-network-policy-recipes
-
Data and System Visualization Tools That Will Boost Your Productivity
I'd recommend using this collection of network policy recipes to test out these 2 tools and see how they can be helpful to your workflow.
-
How to block access to pods from host? NetworkPolicy not working
Here's an example policy I've tried. https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/03-deny-all-non-whitelisted-traffic-in-the-namespace.md
-
Cleared my CKA exam with a score of 92%. Here are a few tips
The Network Policies recipes here: https://github.com/ahmetb/kubernetes-network-policy-recipes -- Do not under any circumstances overlook this goldmine of network policy examples. Super important.
-
How to learn and practice more in Kubernetes Network Policy for CKx exams and EKS ?
Good to learn more in Kubernetes network policy for CKx exams and EKS. Below are resources: 1/ read official doc and try to understand them well - https://kubernetes.io/docs/concepts/services-networking/network-policies/ 2/ bookmark samples for exams and EKS setups - https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource 3/ do more practices at https://github.com/ahmetb/kubernetes-network-policy-recipes 4/ visualize (image below) and try more at https://editor.cilium.io/ - it allows you to save the final netpol in k8s netpol OR Cilium netpol (EKS-A is using Cilium !)
- CKAD Exam Lab
What are some alternatives?
lens-resource-map-extension - Lens - The Kubernetes IDE extension that displays Kubernetes resources and their relations as a force graph.
ckad-questions - A set of exercises and solutions to prepare for the Certified Kubernetes Application Developer exam by Cloud Native Computing Foundation.
gluster-kubernetes - GlusterFS Native Storage Service for Kubernetes
CKAD-exercises - A set of exercises to prepare for Certified Kubernetes Application Developer exam by Cloud Native Computing Foundation
documentation - Kata Containers version 1.x documentation (for version 2.x see https://github.com/kata-containers/kata-containers).
cka-learning
deploy - deploy to kubernetes / docker-compose
jsonvisio.com - 🔮 Seamlessly visualize your JSON data instantly into graphs; paste, import or fetch! [Moved to: https://github.com/AykutSarac/jsoncrack.com]
rbac-tool - Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
vagrant-kubernetes - Playground for setting up small Kubernetes cluster on some vagrant boxes and practice with various examples to get familiar with K8s.
lazydocker - The lazier way to manage everything docker
CKAD_labs - Includes labs I have done as part of preparation for CKAD exam