A library of articles and tools bookmarked by me for the years of working with DevOps practises.
Table of content:
Designing WhatsApp - High Scalability - highscalability.com
Designing Netflix - High Scalability - highscalability.com
How Kafka and Redis Solve Stream-Processing Challenges – The New Stack thenewstack.io
5 patterns to make your microservice fault-tolerant itnext.io
The Big Little Guide to Message Queues sudhir.io
How to create a financial marketplace for 500,000 people 💸. Part II (technical) hackernoon.com
sergiomarotco/Network-segmentation-cheat-sheet: Best practices for segmentation of the corporate network of any company github.com
Event-Driven Data Management for Microservices - NGINX www.nginx.com
Overview of Data Transfer Costs for Common Architectures | AWS Architecture Blog aws.amazon.com
Manage AWS Accounts Using Control Tower Account Factory for Terraform | Terraform - HashiCorp Learn learn.hashicorp.com
Books for Software Architects vvsevolodovich.dev
Чек-лист микросервисной архитектуры | Игорь Беспальчук bespalchuk.ru
Awesome Kubernetes Resources github.com
Awesome Prometheus alerts | Collection of alerting rules awesome-prometheus-alerts.grep.to
Awesome OpenTelemetry github.com
CHECKLIST - Kubernetes production best practices learnk8s.io
Kubernetes instance calculator learnk8s.io
GitHub - magsther/awesome-opentelemetry: A curated list of OpenTelemetry resources github.com
PromLabs | PromQL Cheat Sheet promlabs.com
Tables - Postgres Cheatsheet postgrescheatsheet.com
The Illustrated TLS Connection: Every Byte Explained tls.ulfheim.net
Overview - Amazon EKS Blueprints for Terraform aws-ia.github.io
ClusterAPI — A Guide on How to Get Started - Product Development at Condé Nast International - Medium medium.com
Amazon.com: Cloud Native DevOps with Kubernetes: Building, Deploying, and Scaling Modern Applications in the Cloud (9781492040767): John Arundel, Justin Domingus: Books www.amazon.com
How to deploy a production-grade Kubernetes cluster on AWS gruntwork.io
How to deploy a production-grade VPC on AWS gruntwork.io
CloudFormation Ref and GetAtt cheatsheet | theburningmonk.com theburningmonk.com
Cloud config examples — Cloud-Init 0.7.9 documentation cloudinit.readthedocs.io
Azure AD as OIDC identity provider authentication for Amazon EKS | by Rahmat Fedayizada | Medium fedayizada.medium.com
AWS EKS authentification, aws-iam-authenticator, and AWS IAM | by Arseny Zinchenko (setevoy) | ITNEXT itnext.io
EC2 EBS-SSD vs instance-store performance gist.github.com
How to use AWS Secrets & Configuration Provider with your Kubernetes Secrets Store CSI driver | AWS Security Blog aws.amazon.com
GitHub - iann0036/iamlive: Generate a basic IAM policy from AWS client-side monitoring (CSM) github.com
GitHub - elpy1/ssh-over-ssm: SSH over AWS SSM. No bastions or public-facing instances. SSH user management through IAM. No requirement to store SSH keys locally or on server. github.com
Kubernetes Capacity and Resource Management: It's Not What You Think It Is - DEV Community dev.to
User and workload identities in Kubernetes learnk8s.io
Kubernetes Network Plugins - kubedex.com kubedex.com
etcd: getting 30% more write/s. Undertaking performance analysis on our… | by Sam Lockart | Zendesk Engineering zendesk.engineering
Kube-fledged: Cache Container Images in Kubernetes | by Senthil Raja Chermapandian | Sep, 2021 | ITNEXT itnext.io
Kubernetes Multicluster with Kind and Cilium - Piotr's TechBlog piotrminkowski.com
How to run distributed performance tests in Kubernetes with K6 | by Javier Ramos | ITNEXT itnext.io
Java Application Optimization on Kubernetes on the Example of a Spring Boot Microservice medium.com
bmuschko/cka-crash-course: In-depth and hands-on practice for acing the exam. github.com
Introducing pvc-autoresizer - Kintone Engineering Blog blog.kintone.io
Kubernetes: жизнь пода / Хабр m.habr.com
Почему в Kubernetes так сложно с хранилищами? / Хабр m.habr.com
За кулисами сети в Kubernetes / Хабр m.habr.com
Иллюстрированное руководство по устройству сети в Kubernetes / Блог компании Флант / Хабрахабр habrahabr.ru
Локальные файлы при переносе приложения в Kubernetes / Хабр m.habr.com
Масштабируем Kubernetes до 4000+ нод и 200 000 подов / Хабр habr.com
Из жизни с Kubernetes: Как мы выносили СУБД (и не только) из review-окружений в статическое / Блог компании Флант / Хабр m.habr.com
Как правильно сделать Kubernetes (обзор и видео доклада) / Блог компании Флант / Хабр habr.com
GitHub - kubernetes-sigs/kustomize: Customization of kubernetes YAML configurations github.com
GitHub - diegolnasc/kubernetes-best-practices: A cookbook with the best practices to working with kubernetes. github.com
GitHub - wencaiwulue/kubevpn: KubeVPN, A vpn tunnel tools which can connect to kubernetes cluster network, you can access remote kubernetes cluster network, remote kubernetes cluster service can also access your local service github.com
GitHub - loft-sh/vcluster: vcluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces. github.com
GitHub - utkuozdemir/pv-migrate: Persistent volume migration plugin for Kubernetes github.com
kops/README.md at master · kubernetes/kops · GitHub github.com
Manage Your AWS EKS Load Balancer Like a Pro | by Meysam | Towards Data Science towardsdatascience.com
clastix/capsule: Kubernetes multi-tenant Operator github.com
OpenTelemetry Operator. Tracing made easy | by Magsther | Mar, 2023 | Medium medium.com
Comparing Kubernetes operators for PostgreSQL – Flant blog blog.flant.com
Crunchy PostgreSQL Operator Documentation access.crunchydata.com
Mutating Kubernetes resources with Gatekeeper | by Lachlan Evenson | Aug, 2021 | Medium medium.com
Virtual Host Routing with Logical DNS Names - Aspen Mesh aspenmesh.io
Kubernetes Ingress Controllers: How to choose the right one: Part 1 itnext.io
Introduction to Vitess on Kubernetes for MySQL - Part I of III - Percona Database Performance Blog www.percona.com
Helm Best Practices lzone.de
Using EKS encryption provider support for defense-in-depth | Containers aws.amazon.com
Inside The Mind Of A Problem Solver - CoreDNS 1.5.1 Fix - Curve discover.curve.app
Self-Service Vault in Kubernetes www.hashicorp.com
How To Write Validating and Mutating Admission Controller Webhooks in Python for Kubernetes medium.com
Highly available Kafka cluster on Kubernetes learnk8s.io
yannh/kubeconform: A FAST Kubernetes manifests validator, with support for Custom Resources! github.com
Kubernetes Storage Performance Comparison v2 (2020 Updated) | by Jakub Pavlík | volterra.io | Medium medium.com
Представляем shell-operator: создавать операторы для Kubernetes стало ещё проще / Хабр m.habr.com
Обзор и сравнение контроллеров Ingress для Kubernetes / Хабр m.habr.com
:: Submariner k8s VPN interconnection submariner.io
k3d k3d.io
GitHub - jodevsa/wireguard-operator: A wireguard operator created to easily provision a VPN in a k8s cluster github.com
GitHub - k8spin/k8spin-operator: K8Spin multi-tenant operator - OSS github.com
haproxy-ingress/README.md at master · jcmoraisjr/haproxy-ingress · GitHub github.com
GitHub - AbsaOSS/k8gb: A cloud native Kubernetes Global Balancer github.com
OIDC with Terraform cloud wolfe.id.au
Zero Downtime Server Updates For Your Kubernetes Cluster blog.gruntwork.io
Flux from End-to-End | Flux fluxcd.io
Real-World GitOps with Flux, Flagger, and Linkerd | Linkerd linkerd.io
Four Great Alternatives to HashiCorp’s Terraform Cloud | by Elliot Graebert | Jul, 2022 | Medium medium.com
Blue/green deployments with Ingress rewrites medium.com
Deploys at Slack - Several People Are Coding slack.engineering
20 Terraform Best Practices to Create Clean and Reusable Code | Contino | Global Transformation Consultancy www.contino.io
The “Best” Terraform CD pipeline with GitHub Actions | by Sam Gallagher | Jan, 2023 | Medium medium.com
Lessons learned from 100s of Infrastructure as Code (IaC) setups | Sören Martius platformengineering.org
Top 10 Best Practices for Jenkins Pipeline Plugin - Platform as a Service Magazine www.paasmag.com
hashicorp/tfc-workflows-github: Terraform Cloud starter workflows and github actions to automate Terraform Cloud CI/CD pipelines. github.com
Avoiding copy paste in Terraform: Two approaches for multi-environment Infra as code setups medium.com
Understandable Terraform projects | by Didrik Finnoy | Medium medium.com
Terraboard: 📋 A web dashboard to inspect Terraform States github.com
Terraform tips & tricks: loops, if-statements, and gotchas blog.gruntwork.io
Scaling Jenkins – Jonathan Block – Medium medium.com
jenkinsci/kubernetes-plugin: Jenkins plugin to run dynamic agents in a Kubernetes/Docker environment github.com
Keel keel.sh
Automated Testing for Terraform, Docker, Packer, Kubernetes, and More www.infoq.com
Аутентификация и чтение секретов в HashiCorp's Vault через GitLab CI / Блог компании Nixys / Хабр habr.com
Непрерывная интеграция с помощью Drone CI, Docker и Ansible / Хабрахабр habrahabr.ru
Как протестировать образ для docker за полсекунды / Блог компании Centos-admin.ru / Хабрахабр habrahabr.ru
Как сделать ваши GitLab CI пайплайны быстрее / Хабр habr.com
Лучшие практики для деплоя высокодоступных приложений в Kubernetes. Часть 1 / Флант / Хабр m.habr.com
Настройка окружения для сборки и тестирования приложения в закрытом периметре / Блог компании EPAM / Хабрахабр habrahabr.ru
dlvhdr/gh-dash: A beautiful CLI dashboard for GitHub 🚀 github.com
utils/terraform/aws-oidc-ci at main · marco-lancini/utils github.com
distroless-springboot github.com
GitHub - uber/kraken: P2P Docker registry capable of distributing TBs of data in seconds github.com
go-containerregistry/recipes.md at main · google/go-containerregistry · GitHub github.com
GitHub - pipe-cd/pipe: Continuous Delivery for Declarative Kubernetes, Serverless and Infrastructure Applications github.com
GitHub - stefanprodan/gitops-istio: GitOps Progressive Delivery demo with Istio, Flux, Helm Operator and Flagger github.com
Guide | Keel keel.sh
GitHub - valentindeaconu/terralist: A private Terraform registry github.com
GitHub - dineshba/tf-summarize: A command-line utility to print the summary of the terraform plan github.com
GitHub - awslabs/amazon-ecr-credential-helper: Automatically gets credentials for Amazon ECR on docker push/docker pull github.com
GitHub - vmware-tanzu/buildkit-cli-for-kubectl: BuildKit CLI for kubectl is a tool for building container images with your Kubernetes cluster github.com
GitHub - docker-slim/docker-slim: DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source) github.com
Grafana Loki - details archetecture and AWS setup [medium.com]https://itnext.io/grafana-loki-architecture-and-running-in-kubernetes-with-aws-s3-storage-and-boltdb-shipper-fbde1aea1b7c
Grafana Loki — Our journey on replacing Elastic Search medium.com
Deploying a Modern Monitoring Stack (Part 1) | by Caoimhe Harvey | Dev Genius blog.devgenius.io
How to Build an End to End Open Source Observability Solution on Kubernetes | by Eden Federman | Aug, 2022 | Medium medium.com
Multi-Cluster Monitoring with Thanos particule.io
Build an observability solution using managed AWS services and the OpenTelemetry standard | AWS Cloud Operations & Migrations Blog aws.amazon.com
Using OpenTelemetry auto-instrumentation/agents in Kubernetes | by Pavol Loffay | OpenTelemetry | Medium medium.com
What is OpenTelemetry? The Definitive Guide | Aspecto www.aspecto.io
SDK Registry | OpenTelemetry opentelemetry.io
17 DevOps Metrics To Measure Success | by Semaphore | Medium semaphoreci.medium.com
6 Metrics to Watch for on Your K8s Cluster | by Erez Rabih | May, 2022 | Medium erezrabih.medium.com
USE vs RED vs The Four Golden Signals | by Magsther | FAUN Publication medium.com
Top key metrics for monitoring MySQL – Sysdig sysdig.com
Elasticsearch Performance Tuning Practice at eBay www.ebayinc.com
Parsing SSH Logs with Grafana Loki voidquark.com
BotKube :: Messaging bot for monitoring and debugging Kubernetes clusters www.botkube.io
Code972 :: Why you shouldn't use AWS Elasticsearch Service code972.com
PromQL for Humans timber.io
Using Environment Variables for Configuration, Provisioning, and Dashboards in Grafana | by Mikhail Volkov | Feb, 2022 | Volkov Labs volkovlabs.com
Horizontally Scaling Prometheus at Wish - Wish Engineering And Data Science - Medium medium.com
Monitoring Jenkins with Grafana and Prometheus – Mohamed Saeed – Medium medium.com
Введение в ELK: собираем, фильтруем и анализируем большие данные | статьи о программировании mkdev mkdev.me
Как мы Elasticsearch в порядок приводили: разделение данных, очистка, бэкапы / Блог компании Флант / Хабр habr.com
GitHub - dotdc/grafana-dashboards-kubernetes: A set of modern Grafana dashboards for Kubernetes. github.com
query-exporter/query_exporter at master · albertodonato/query-exporter · GitHub github.com
GitHub - prymitive/karma: Alert dashboard for Prometheus Alertmanager github.com
GitHub - prabhatsharma/zinc: Zinc Search engine. A lightweight alternative to elasticsearch that requires minimal resources, written in Go. github.com
GitHub - TwinProduction/gatus: ⛑ Gatus - Automated service health dashboard github.com
GitHub - kinvolk/inspektor-gadget: Collection of gadgets for debugging and introspecting Kubernetes applications using BPF github.com
GitHub - idealista/prom2teams: prom2teams is an HTTP server built with Python that receives alert notifications from a previously configured Prometheus Alertmanager instance and forwards it to Microsoft Teams using defined connectors github.com
GitHub - SigNoz/signoz: SigNoz is an open-source APM. It helps developers monitor their applications & troubleshoot problems, an open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open source Application Performance Monitoring (APM) & Observability tool github.com
KubeSecOps Pipeline(Container security) in a cloudnative ecosystem | by Vaibhav Chopra | Sep, 2020 | Medium medium.com
A Secure Cloud asecure.cloud
OWASP Top 10 CI/CD Security Risks | OWASP Foundation owasp.org
Top 20 Dockerfile best practices for security | Sysdig sysdig.com
5 best practices to get to production readiness with Hashicorp Vault in Kubernetes - Expel expel.io
DevSecOps — When “infrastructure as code” meets “security as code” | by Ravi Rajamiyer | FAUN Publication faun.pub
Identity and Access Management - EKS Best Practices Guide for Security aws.github.io
aquasecurity/kube-bench: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark github.com
armosec/kubescape: kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA (https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/) github.com
Стандарты безопасности в Kubernetes (обзор и видео доклада) / Хабр habr.com
GitHub - deepfence/SecretScanner: Find secrets and passwords in container images and file systems github.com
GitHub - fivexl/aws-ecr-client-golang: AWS ECR client to automated push to ECR and handling of vulnerability github.com
GitHub - toniblyx/my-arsenal-of-aws-security-tools: List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. github.com
vchinnipilli/kubestriker: A Blazing fast Security Auditing tool for Kubernetes github.com
A Step-by-Step Guide to Calculate SLAs, SLIs, and SLOs for Your IT Services | by Abhishek Gupta | Mar, 2023 | AceTheCloud blog.acethecloud.com
Availability window, SRE landing.google.com
SREcon: Performance Checklists for SREs 2016 www.brendangregg.com
Monitoring SRE's Golden Signals www.infoq.com
Serverless Framework vs SAM vs AWS CDK tastefulelk.hashnode.dev
Serverless patterns | Serverless Land serverlessland.com
Introducing AWS SAM Pipelines: Automatically generate deployment pipelines for serverless applications | AWS Compute Blog aws.amazon.com
lambci/lambci: A continuous integration system built on AWS Lambda github.com
sam deploy permissions? · Issue #420 · aws/aws-sam-cli github.com
dherault/serverless-offline: Emulate AWS λ and API Gateway locally when developing your Serverless project github.com
TheAlgorithms/Python: All Algorithms implemented in Python github.com
Build simple TCP Server with Python built-in SocketServer module | Gatsby: Software Engineer software-engineer.gatsbylee.com
GitHub - benkehoe/aws-assume-role-lib: Assumed role session chaining (with credential refreshing) for boto3 github.com
Interprocess communication in Python - Stack Overflow stackoverflow.com
Signals and Slots (registering callbacks) — Pizco 0.1 documentation pizco.readthedocs.io
A guide to Python's function decorators www.thecodeship.com
Свой асинхронный tcp-сервер за 15 минут с подробным разбором / Блог компании Альфа-Банк / Хабр habr.com
Учебник – Нейронные сети neuralnet.info
Наглядно о том, как работает NumPy / Блог компании SkillFactory / Хабр habr.com
An A-Z of useful Python tricks – freeCodeCamp medium.freecodecamp.org
How to completely traverse a complex dictionary of unknown depth? - Stack Overflow stackoverflow.com
Building Self-driving Kafka clusters using open source components - Slack Engineering slack.engineering
PostgREST Documentation — PostgREST 7.0.1 documentation postgrest.org
How to measure Linux Performance Avoiding Most Typical Mistakes: CPU ma.ttias.be
PostgreSQL Replication with Docker medium.com
Minimal Oracle installation (and Docker image) - Franck Pachot - Medium medium.com
Кластер высокой доступности на postgresql 9.6 + repmgr + pgbouncer + haproxy + keepalived + контроль через telegram / Блог компании ESOFT / Хабрахабр habrahabr.ru
Deploying artifacts to Maven using Gradle – .debug – Medium medium.com
Don't Put Fat Jars in Docker Images phauer.com
Оптимизация настроек Redis . Хайлоад ruhighload.com
Nginx + Lua, гибкая балансировка нагрузки с сохранением сессии / Хабрахабр habrahabr.ru
Оптимальная настройка Nginx . Хайлоад ruhighload.com
Кэширование с Nginx . Хайлоад ruhighload.com
Магия SSH / Хабрахабр habrahabr.ru
Как быстро удалить множество строк из большой базы в MySQL / Хабрахабр habrahabr.ru
Тюнинг сетевого стека Linux для ленивых / Хабрахабр habrahabr.ru
Пособие по Ansible / Хабрахабр habrahabr.ru
Докеризация высокодоступного Postgres кластера / Хабрахабр habrahabr.ru
How To Configure Nginx with SSL as a Reverse Proxy for Jenkins | DigitalOcean www.digitalocean.com
gort/README.md at master · idestis/gort · GitHub github.com
GitHub - Yelp/dumb-init: A minimal init system for Linux containers github.com
Maven Publish Plugin docs.gradle.org
Caddy - The HTTP/2 Web Server with Automatic HTTPS caddyserver.com
bpftrace (DTrace 2.0) for Linux 2018 www.brendangregg.com
Экстремальная настройка производительности HTTP: 1,2M API RPS на инстансе EC2 с 4 виртуальными процессорами (vCPU) / Хабр habr.com
GitHub - GoogleContainerTools/distroless: 🥑 Language focused docker images, minus the operating system. github.com
batchcorp/plumber: A swiss army knife CLI tool for interacting with Kafka, RabbitMQ and other messaging systems. github.com
GitHub - tomav/docker-mailserver: A fullstack but simple mailserver (smtp, imap, antispam, antivirus, ssl...) using Docker. github.com
GitHub - flant/ovpn-admin: Simple web UI to manage OpenVPN users. github.com
GitHub - fabianlindfors/reshape: An easy-to-use, zero-downtime schema migration tool for Postgres github.com GitHub - genereese/togo: A script to create RPMs in less than five minutes from start to finish. github.com
GitHub - xo/usql: Universal command-line interface for SQL databases github.com
GitHub - readysettech/readyset: ReadySet is a lightweight SQL caching engine written in Rust that helps developers enhance the performance and scalability of existing applications. github.com
GitHub - kellyjonbrazil/jc: CLI tool and python library that converts the output of popular command-line tools, file-types, and common strings to JSON, YAML, or Dictionaries. This allows piping of output to tools like jq and simplifying automation scripts. github.com
Part I: Talos on Hetzner: datavirke.dk Part II: Cilium CNI & Firewalls: datavirke.dk Part III: Encrypted GitOps with FluxCD: datavirke.dk Part IV: Ingress, DNS and Certificates: datavirke.dk Part V: Scaling Out: datavirke.dk Part VI: Persistent Storage with Rook Ceph: datavirke.dk Part VII: Private Registry with Harbor: datavirke.dk Part VIII: Containerizing our Work Environment: datavirke.dk