We show you how to create AWS ECR repositories from a function written in Go using IAM Roles for Service Accounts.| OpenFaaS - Serverless Functions Made Simple
Verify Sigstore Cosign format signatures and attestations using keys, certificates, or keyless attestors.| Kyverno
Learn how to save on infrastructure costs for your OpenFaaS functions on AWS EKS with Karpenter cluster autoscaling.| OpenFaaS - Serverless Functions Made Simple
Karpenter observes Kubernetes pods and launches nodes in response to those pods’ scheduling constraints. Karpenter does not perform the actual scheduling and instead waits for kube-scheduler to schedule the pods. When running in AWS, Karpenter is typically installed onto EC2 instances that run in EKS Clusters. Karpenter relies on public facing AWS APIs and standard IAM Permissions. Karpenter uses AWS-SDK-Go v1, and AWS advises that credentials are provided using IAM Roles for Service Accounts.| karpenter.sh
Migrate to Karpenter from Cluster Autoscaler| karpenter.sh
Cost monitoring for Kubernetes can be tricky. Find out how we automated it for EKS clusters with spot instances in AWS using Kubecost, Amazon Athena, and our Terraform modules. Benefit from the source code we share.| blog.palark.com
In this post, we look back on the 2021 cloud security data breaches and vulnerabilities in AWS, and showcase best practices to avoid them.| Christophe Tafani-Dereeper
DynamoDB provides built-in support for cross regional data replication using a solution AWS calls global tables. This article shows how to build and run an application in Kubernetes that uses global tables to replicate data between regions. In the event of a regional disaster, a secondary Kubernetes cluster in a secondary region has all the data from DynamoDB replicated locally to continue operation. How global tables work A DynamoDB global table is a set of multiple replica tables.| sookocheff.com
Declarative Setup¶| argo-cd.readthedocs.io
Using Kyverno to verify images with IRSA| Kyverno
Learn how to manage Kubernetes across multiple cloud providers with DKP.| D2iQ Engineering
AWS provides four different storage options for your Kubernetes cluster: EBS, EFS, FSx for Lustre, and Amazon File Cache. Each of these CSI drivers has different performance characteristics, depending on your workload. This post quantifies those performance differences using the flexible I/O tester FIO. Note: For an overview of the different CSI options available on AWS, see Picking the right AWS CSI driver for your Kubernetes application. Before we start, please note that these results come ...| sookocheff.com
cert-manager configuration: ACME DNS-01 challenges using Amazon AWS Route53 DNS| cert-manager
