virtlet
kubernetes-network-policy-recipes
virtlet | kubernetes-network-policy-recipes | |
---|---|---|
1 | 13 | |
733 | 5,515 | |
0.8% | - | |
10.0 | 4.6 | |
about 4 years ago | about 2 months ago | |
Go | ||
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
virtlet
-
Multi-tenancy in Kubernetes
You could use a container sandbox like gVisor, light virtual machines as containers (Kata containers, firecracker + containerd) or full virtual machines (virtlet as a CRI).
kubernetes-network-policy-recipes
-
Kubernetes Security
Further reading: Controlling Access to Kubernetes API What is TLS Configure Service Accounts Dynamic Admission Control Network Policy Recipes
-
stopping namespaces to talk with each other
See: https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/04-deny-traffic-from-other-namespaces.md for an example of what you are looking to do.
-
Multi-tenancy in Kubernetes
This is not great for multi-tenancy, but you can correct this with NetworkPolicies.
- Please check thoroughly anything you copy and paste - ahmetb/kubernetes-network-policy-recipes: Example recipes for Kubernetes Network Policies that you can just copy paste
-
11 Resources that will make you a Kubernetes wizard in no time
🔗 https://github.com/ahmetb/kubernetes-network-policy-recipes
-
Data and System Visualization Tools That Will Boost Your Productivity
I'd recommend using this collection of network policy recipes to test out these 2 tools and see how they can be helpful to your workflow.
-
How to block access to pods from host? NetworkPolicy not working
Here's an example policy I've tried. https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/03-deny-all-non-whitelisted-traffic-in-the-namespace.md
-
Cleared my CKA exam with a score of 92%. Here are a few tips
The Network Policies recipes here: https://github.com/ahmetb/kubernetes-network-policy-recipes -- Do not under any circumstances overlook this goldmine of network policy examples. Super important.
-
How to learn and practice more in Kubernetes Network Policy for CKx exams and EKS ?
Good to learn more in Kubernetes network policy for CKx exams and EKS. Below are resources: 1/ read official doc and try to understand them well - https://kubernetes.io/docs/concepts/services-networking/network-policies/ 2/ bookmark samples for exams and EKS setups - https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource 3/ do more practices at https://github.com/ahmetb/kubernetes-network-policy-recipes 4/ visualize (image below) and try more at https://editor.cilium.io/ - it allows you to save the final netpol in k8s netpol OR Cilium netpol (EKS-A is using Cilium !)
- CKAD Exam Lab
What are some alternatives?
kamaji - Kamaji is the Hosted Control Plane Manager for Kubernetes.
ckad-questions - A set of exercises and solutions to prepare for the Certified Kubernetes Application Developer exam by Cloud Native Computing Foundation.
gatekeeper-library - 📚 The OPA Gatekeeper policy library
CKAD-exercises - A set of exercises to prepare for Certified Kubernetes Application Developer exam by Cloud Native Computing Foundation
vcluster - vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
cka-learning
hypershift - Hyperscale OpenShift - clusters with hosted control planes
jsonvisio.com - 🔮 Seamlessly visualize your JSON data instantly into graphs; paste, import or fetch! [Moved to: https://github.com/AykutSarac/jsoncrack.com]
cluster-api - Home for Cluster API, a subproject of sig-cluster-lifecycle
vagrant-kubernetes - Playground for setting up small Kubernetes cluster on some vagrant boxes and practice with various examples to get familiar with K8s.
policy - CoreDNS external plugin to provide in-process policies as well as external policy services
CKAD_labs - Includes labs I have done as part of preparation for CKAD exam