DevOps / SRE - Top Links Last Week
Week 47 — Issue #54
Week 47 — Issue #54
DNS Spoofing on Kubernetes Clusters
An attacker can run malicious code on a Kubernetes cluster can, with no special permissive permissions, successfully spoof DNS responses to all the applications running on the cluster, and from there execute a MITM (Man In The Middle) on all network traffic of pods. In this blog, I’m mostly going to concentrate on the default configurations, just for setting a common ground. The ClusterFirst DNS policy is a default for pods, it is rare to use a different policy. This is how pods communicate with each other on the same node.
7 DevOps skills for Machine Learning Operations
DevOps Engineers are expected to know Git concepts and workflows such as Gitflow, GitHub flow, or custom alternatives. CI/CD knowledge is also mandatory in a DevOps Engineer’s toolbelt. Infrastructure as code should be used since the early days of an MLOps project. MLOps teams usually rely upon managed cloud services for data processing, storage, and model training, which means infrastructure provisioning is not exactly related to networks or virtual machines but to buckets, database-like services, and cloud schedulers.
7 Tips for Building a Multi-Tenant Cloud Service over AWS
A year ago, Hysolate started a new multi-tenant cloud service at the beginning of the year. We decided to share some of our insights on how to build a new product from scratch. Here are a few tips: Start with a single region and avoid supporting multiple regions early on. Avoid the AWS Elasticsearch Service (now Amazon Opensearch Service) and Elasticsearch. Use [email protected] to run custom code right at the CDN edge. Consider Fargate over K8s and Kubernetes to eliminate the hassle of maintaining a cluster.
Run as the Root Account
Rambo, First Blood Part 1, ran as the user account john instead of being powerful and running as root. Rambo is awesome because he ran as root, and Colonel Trautman, who is running as Root, contacts Rambo over the radio, telling Rambo to come back to base and surrender himself. In this version, Rambo turns himself in, instead of getting to shoot that sheriff a couple times. That's probably the worst movie ever. He told the Colonel that he would be making his own decision that day, and it was the right one.
20 Amazing GitHub Repositories Every Developer Should Follow
GitHub is the central place to host open-source projects and share resources among the developer community. With 45 million public repositories, GitHub offers every form of knowledge sharing for the developers, including open source projects, libraries, learning platforms, interview preparation, CV writing tips, knowledge base, and many more. In this article, I will list 20 excellent GitHub repositories with high popularity, usability, demand, and high demand. This list will be inclusive and will not focus on a particular programming language or target group.
18 links this week. AI aggregated, Human selected, AI summarized and Human edited. Unlock the rest below.