Open source project recommendation
Podman Desktop Companion
The Podman desktop client supports macOS, Windows and Linux platforms. The backend supports native Podman (Linux only), Podman Machine, Lima (macOS only), and WSL (Windows only). It is also compatible with Docker API and has powerful functions.
xpid
Similar to Nmap, but xpid is used to scan processes and supports scanning all container processes, eBPF processes, hidden processes, etc.
xpid [flags] -o [output] <query>
Investigate all pids
xpid
Investigate pid 1
xpid 1
Investigate pids 1-10 in table view
xpid -o table 1-10
Find all container processes on a system
xpid -c
Find all container processes between pids 100-200 in the color formatter
xpid -c -o color 100-200
Find all processes running with eBPF programs as JSON
xpid --ebpf -o json <pid-query>
Find all processes between specific values
xpid <flags> +100 # Search pids up to 100
xpid <flags> 100-2000 # Search pids between 100-2000
xpid <flags> 65000+ # Search pids 65000 or above
Find all "hidden" processes on a system
# Looks for chdir, opendir, and dent in /proc
xpid -x <pid-query>VolSync
VolSync is a Kubernetes Operator used to asynchronously replicate the data of storage volumes (PVs) within a cluster (or across clusters). The stratum uses Rclone, Restic and Rsync. Regardless of the type of backend storage, any storage type can be replicated.
Scheduler Plugins
In addition to the built-in plug-ins, the Kubernetes scheduler also provides a series of popular plug-ins. The scheduling plug-ins provided by this repository have been widely used in some large companies and are highly reliable.
ssh no ports
This project is more interesting. The server does not need to open any ports, and the client can log in to the device through SSH.
Inspektor Gadget
Inspektor Gadget can be used as a Kubernetes cluster debugging detection toolbox, providing various parameters for detection and debugging. It uses the BPF helper in the kernel to monitor system call related events from user space programs and expose them to the user.
$ kubectl gadget --help
Collection of gadgets for Kubernetes developers
Usage:
kubectl-gadget [command]
Available Commands:
advise Recommend system configurations based on collected information
audit Audit a subsystem
completion generate the autocompletion script for the specified shell
deploy Deploy Inspektor Gadget on the cluster
help Help about any command
profile Profile different subsystems
snapshot Take a snapshot of a subsystem and print it
top Gather, sort and periodically report events according to a given criteria
trace Trace and print system events
traceloop Get strace-like logs of a pod from the past
undeploy Undeploy Inspektor Gadget from cluster
version Show version
...Fleet
Fleet is a new Rust compilation tool that compiles 5x faster than Cargo.
RedisInsight
RedisInsight is a Redis GUI management tool officially produced by Redis. It can monitor the memory, connection number, hit rate and uptime of Redis, and can use the interface CLI to interact with the connected Redis.
podman-login
This is Red Hat's open source GitHub Action dedicated to logging in to the OCI mirror repository. The usage is very simple, for example:
name: Log in to ghcr.io
on:
push:
env:
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
jobs:
login:
name: Log in to GitHub Container Registry
runs-on: ubuntu-20.04
steps:
- name: Log in to ghcr.io
uses: redhat-actions/podman-login@v1
with:
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
registry: ${{ env.IMAGE_REGISTRY }}
# Now you can push images, and pull private ones, from ghcr.io.eBook Recommendation
Designing data-intensive applications - Chinese translation
Today, especially in the Internet domain, most applications are data-intensive. This book describes the essence of data system design from the underlying data structure to the top-level architecture design. The valuable experience in it will be helpful for architects, DBAs, back-end engineers, and even product managers.
This is also a book that explains the profound things in a simple way. It tells the ins and outs of concepts instead of showing off definitions. It introduces the development and evolution of things instead of stacking up facts. It explains complex concepts in a simple and easy-to-understand way, but goes straight to the essence without losing depth. The citations at the end of each chapter are of very good quality and are an excellent index for in-depth study of individual topics.
AWK programming language - Chinese translation
Awk is a special programming language, it is very suitable for dealing with mechanical data processing work, often only one or two lines can get complex data processing work. The first goal of this book is to tell the reader what Awk is and how to use it efficiently to process data.
Article recommendation
Tracing intermittent failures in Cilium
Developing applications for distributed systems can be challenging because the network stack can be buggy in multiple places on different nodes in different Availability Zones or regions. Kubernetes is a double-edged sword that will magnify the challenge while also giving us better tools to gather the information we need from multiple angles to quickly locate the problem.
Hardening Kubernetes Cluster Security with Open Policy Agent
For most organizations, the built-in Kubernetes security features are not sufficient to enforce more granular rules and policies for the workloads running in their clusters, so projects like OPA and Gatekeeper are needed to help Kubernetes clusters achieve higher levels of security. safety.
Best Practices of Containerization of Zhongke Jincai Blockchain Platform
This article shares the experience of Zhongke Jincai based on the secondary development and transformation of KubeSphere fusion blockchain technology.
Cloud Native Dynamics
OpenFunction becomes a CNCF sandbox project
On April 27, 2022, OpenFunction, an open source function-as-a-service (FaaS: Function-as-a-Service) project of Qingyun Technology Container Team, successfully passed the vote of the CNCF Technical Oversight Committee (TOC) of the Cloud Native Computing Foundation and officially entered the CNCF Sandbox hosting. This means that OpenFunction has been recognized by the cloud native open source community. At the same time, by entering the Sandbox, the neutrality of the project can be further guaranteed. Developers and partners can participate in the project construction and jointly create a new generation of open source function computing platform.
Notification Manager 2.0.0 released
Notification Manager is a multi-tenant notification management system on the Kubernetes platform open sourced by the KubeSphere observable team. It receives alert messages from Alertmanager and sends alert messages to the corresponding notification channel according to the tenant label (such as namespace) of the alert message.
A few days ago, Notification Manager 2.0.0 was officially released. This version brings you many interesting features, including the addition of Feishu notifications, notification routing, notification silence, custom template enhancements, and more.
Kubernetes 1.24 released
Kubernetes 1.24 released, the first release of 2022!
This release contains 46 enhancements: 14 enhancements have been upgraded to stable, 15 enhancements are entering beta, and 13 enhancements are entering alpha. Additionally, two functions have been deprecated and two functions have been removed:
- Dockershim removed from kubelet
- Beta API is off by default
- Sign the release artifact
- OpenAPI v3
- Storage capacity and volume expansion are generally available
- Volume expansion adds support for resizing existing persistent volumes
- Non-preemptive takes precedence over stable
- Storage plugin migration
- gRPC probe upgraded to Beta
- Kubelet Credential Provider Graduates to Beta
- Contextual logging in Alpha
- Avoid conflicts in IP assignment to services
- ClusterIP can assign a service
- Remove dynamic Kubelet configuration from Kubelet
- Breaking changes related to CNI version
Istio has applied to become a CNCF project
The Istio project announced its participation in the Cloud Native Computing Foundation (CNCF). With the support of the Istio Steering Committee, Google has submitted a proposal for Istio to join the CNCF.
It has been almost 5 years since Google, IBM and Lyft launched Istio 0.1 in May 2017. The first version set the standard for service meshes: traffic management, policy enforcement, and observability, powered by sidecars alongside workloads. According to a recent CNCF survey, we are proud to be the most popular service mesh and look forward to working more closely with the CNCF community around networking and service meshes.
The Summer of Open Source 2022 is coming! Welcome to sign up for the KubeSphere Community Project!
"Summer of Open Source (OSPP)" is a series of summer activities under the guidance of the "Open Source Software Supply Chain Lighting Program" of the Institute of Software, Chinese Academy of Sciences, co-hosted by the Institute of Software and the openEuler community.
Open Source Summer is a summer open source activity mainly for college students. It aims to encourage students to actively participate in the development and maintenance of open source software, and promote the vigorous development of excellent open source software communities. The event unites major open source communities to provide projects for the development and maintenance of important open source software, and is open to university students around the world for registration.
In this event, the KubeSphere community submitted a total of 6 development projects, involving open source projects such as KubeSphere, KubeKey, KubeEye, and OpenFunction.
This article is published by OpenWrite , a multi-post blog platform!
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。