- Видео 24
- Просмотров 98 526
Lukonde Mwila
Добавлен 17 авг 2011
Welcome to my personal RUclips channel!
I have experience in application development, solution architecture, cloud engineering, and DevOps workflows. I'm a life-long learner and I'm passionate about sharing knowledge.
On this channel, you'll find content based on cloud-native technology, containers, Docker, Kubernetes, Terraform, AWS, DevOps workflows, and more.
I hope you enjoy the content and learn a lot!
I have experience in application development, solution architecture, cloud engineering, and DevOps workflows. I'm a life-long learner and I'm passionate about sharing knowledge.
On this channel, you'll find content based on cloud-native technology, containers, Docker, Kubernetes, Terraform, AWS, DevOps workflows, and more.
I hope you enjoy the content and learn a lot!
Optimizing Istio Ingress Gateway Performance
How do you optimize the Istio ingress gateway? When and why would you need to perform this? In this video, I discuss scenarios where a single Istio ingress gateway may not be suitable for your Kubernetes environment because of the degraded performance from bearing the load of many service proxy configurations. You may be running multiple unrelated workloads (in a multi-tenant environment) with varying configurations and requirements. In situations like this, it may be better to have multiple ingress gateways that serve the different types of applications in your Kubernetes cluster. In addition to that, to avoid stressing a single ingress gateway with all the configurations for every proxy...
Просмотров: 1 673
Видео
Taints and Tolerations in Kubernetes
Просмотров 1,2 тыс.Год назад
What are taints and tolerations in Kubernetes? In this video, I discuss and demonstrate how you can apply taints to the nodes in your cluster, and how to run workloads on dedicated nodes by applying matching tolerations to pods. In Kubernetes, you can use taints to tell your nodes to repel or reject certain pod placements, as well as influence how strictly the scheduler should take the effects ...
Pod Topology Spread Constraints in Kubernetes
Просмотров 3,7 тыс.Год назад
How do you configure pod topology constraints in Kubernetes? In this video, I'll address this very topic so that you can learn how to spread out your application workloads in Kubernetes for high availability and better resource utilization. In this video, I will also compare pod topology constraints to pod anti-affinity rules, and why topology constraints are a better option for application ava...
How to Setup External CA Integration in Istio
Просмотров 3,1 тыс.Год назад
Wondering how to set up an external CA (certificate authority) in Istio? In this video, I give a detailed walk-through on why it can be helpful to set up an external root certificate authority for your Istio service mesh, as well as a walk-through of the setup process. The external CA used in this video is AWS Private CA. Certificate management in Istio is at the heart of issuing identities to ...
Security with Istio: Using Authorization Policies
Просмотров 4,4 тыс.Год назад
When securing your container workloads in Kubernetes, it's important to have defence in depth. This. means having layers of security. As important as it is to have mTLS enabled in the Istio service mesh, you should also implement access control between services. To do this in Istio, you make use of Authorization Policies. After we've validated the identity of a service, we should check whether ...
How to Configure mTLS in Istio for Secure Kubernetes Workload Communication
Просмотров 7 тыс.Год назад
To secure network communication between container applications in the Istio service mesh, you can make use of mutual Transport Layer Security (mTLS). With mTLS, you can validate the sender of any request in your application network environment, as well as encrypt the network traffic from being understandable to any other party that might intercept it. Istio automatically enables mTLS in the ser...
GitOps Canary Deployments to Kubernetes with Istio, Argo CD and Flagger
Просмотров 4,9 тыс.2 года назад
Deploying a new version of a software application is the bread and butter of the development lifecycle. However, you still have to think through and strategize around how you're going to get this newly deployed version into the hands of your end users or whatever clients will be consuming it. In this video, I'll discuss how you can make use GitOps with a canary strategy to release newly deploye...
Secure Istio Gateway Traffic with TLS Encryption on Amazon EKS
Просмотров 6 тыс.2 года назад
In this video, I discuss and demonstrate how you can mitigate the risks of network interception attacks by encrypting the traffic that comes into the Istio service mesh with TLS. This video is a follow-up to a previous video titled Using Istio Gateway to Route Traffic to Microservices on Amazon EKS (link provided below). As much as a single point of entry provides a superior measure of security...
Using Istio Gateway to Route Traffic to Microservices on Amazon EKS
Просмотров 14 тыс.2 года назад
One of the glaring challenges of deploying microservices to Kubernetes is figuring out optimal and secure network communication from outside the cluster to your services inside of it and network communication between the services themselves. In some scenarios, we can use Kubernetes services like LoadBalancers and NodePorts to expose our applications to the world. However, there are use cases wh...
Secure Your Kubernetes Software Supply Chain using Snyk, Amazon Inspector, Datree and NeuVector
Просмотров 3202 года назад
Security around containers and Kubernetes is a very hot topic at the moment because of the increasing awareness of the vulnerabilities that exist in these technologies. To improve your container and Kubernetes security posture, you should start by identifying the vulnerabilities and then pick a tool or tools that will help you address the identified weaknesses and risks. The software supply cha...
Container Best Practices with Datree
Просмотров 2572 года назад
Getting started with containers is relatively straightforward. If you have an environment like your personal laptop with a container runtime such as docker or containerd, the docker CLI, and a docker file for your application then you can have a container up and running in no time. However, there's still a lot of groundwork that has to be done to configure your containers to be considered optim...
Scaling Kubernetes with Karpenter: Advanced Scheduling with Pod Affinity & Volume Topology Awareness
Просмотров 1,6 тыс.2 года назад
One feature that draws people to Kubernetes is its ability to scale automatically. Auto-scaling Kubernetes is an essential part of your cloud-native strategy. In addition, you may be dealing with use cases requiring advanced Kubernetes scheduling requirements like pod affinity, pod anti-affinity, and volume topology awareness. In this video, I'll show you how to automatically scale the compute ...
Using Argo CD and Rancher for Kubernetes Multi-tenancy & GitOps
Просмотров 6 тыс.2 года назад
Kubernetes multi-tenancy is one of the biggest challenges when operating Kubernetes at scale. It's not easy figuring out the best way to manage, organize and isolate teams and unrelated workloads on shared clusters. In some cases, you might have one big cluster, and in other cases, you might have multiple big clusters housing different teams and workloads. In this video, I talk about how organi...
Multicloud Kubernetes with Rancher
Просмотров 1,3 тыс.2 года назад
Multicloud strategies are becoming increasingly popular, with a number of companies looking to adopt this model and distribute their architecture across different cloud environments. For organizations running containerized workloads at scale, this can work especially well because of the infrastructure agnosticism that Kubernetes offers. In this video, I talk about the pros and cons of multiclou...
Prevent Kubernetes Misconfigurations in Argo - Using Datree with Argo CD & Argo Rollouts
Просмотров 5 тыс.2 года назад
In this video, I demonstrate how you can make use of Datree's new Argo policy rules as a defensive strategy from misconfigurations. This video follows up on a previous video where I walked through a GitOps CI/CD pipeline with AWS CodeBuild and Argo CD for deployments to an Amazon EKS cluster. In that video, I used Datree to ensure best practices are upheld and to protect from common container a...
Managing Sensitive Data in Kubernetes with Sealed Secrets and External Secrets Operator (ESO)
Просмотров 6 тыс.2 года назад
Managing Sensitive Data in Kubernetes with Sealed Secrets and External Secrets Operator (ESO)
Using Argo CD & Datree for Stable Kubernetes CI/CD Deployments
Просмотров 2,3 тыс.2 года назад
Using Argo CD & Datree for Stable Kubernetes CI/CD Deployments
Getting Started with ArgoCD for GitOps Deployments
Просмотров 7 тыс.2 года назад
Getting Started with ArgoCD for GitOps Deployments
Using Skaffold and GitHub Actions for Deployments to Amazon EKS
Просмотров 2,1 тыс.2 года назад
Using Skaffold and GitHub Actions for Deployments to Amazon EKS
CI/CD Deployments with AWS CodeBuild and GitOps to EKS and AKS Kubernetes Clusters
Просмотров 2,9 тыс.3 года назад
CI/CD Deployments with AWS CodeBuild and GitOps to EKS and AKS Kubernetes Clusters
Create an RKE Kubernetes Cluster in AWS with Terraform
Просмотров 2,3 тыс.3 года назад
Create an RKE Kubernetes Cluster in AWS with Terraform
Port Forwarding in Kubernetes with kubectl
Просмотров 4,8 тыс.3 года назад
Port Forwarding in Kubernetes with kubectl
Manage Amazon EKS Cluster with Rancher
Просмотров 7 тыс.3 года назад
Manage Amazon EKS Cluster with Rancher
Local Kubernetes Development with RKE (Rancher Kubernetes Engine)
Просмотров 4,5 тыс.3 года назад
Local Kubernetes Development with RKE (Rancher Kubernetes Engine)