13 Sep 2022
Blog: https://everyonecancontribute.com/post/2022-09-13-cafe-54-pixie-for-kubernetes-observability/
Pixie website: px.dev
Installation: https://docs.pixielabs.ai/installing-pixie/install-guides/
Scripts: https://docs.pixielabs.ai/tutorials/pxl-scripts/write-pxl-scripts/custom-pxl-scripts-1/
Dashboards: https://docs.pixielabs.ai/tutorials/integrations/grafana/#create-a-dashboard-panel-of-pixie-data-select-a-pre-made-script
Mentioned articles:
- https://medium.com/@isalapiyarisi/getting-started-on-kubernetes-observability-with-ebpf-88139eb13fb2
- https://www.containiq.com/post/decrypting-ssl-at-scale-with-ebpf
- https://aws-otel.github.io/
Events:
- Kubernetes Community Days Munich: https://community.cncf.io/events/details/cncf-kcd-munich-presents-kubernetes-community-days-munich-2022-1/
Pixie website: px.dev
Installation: https://docs.pixielabs.ai/installing-pixie/install-guides/
Scripts: https://docs.pixielabs.ai/tutorials/pxl-scripts/write-pxl-scripts/custom-pxl-scripts-1/
Dashboards: https://docs.pixielabs.ai/tutorials/integrations/grafana/#create-a-dashboard-panel-of-pixie-data-select-a-pre-made-script
Mentioned articles:
- https://medium.com/@isalapiyarisi/getting-started-on-kubernetes-observability-with-ebpf-88139eb13fb2
- https://www.containiq.com/post/decrypting-ssl-at-scale-with-ebpf
- https://aws-otel.github.io/
Events:
- Kubernetes Community Days Munich: https://community.cncf.io/events/details/cncf-kcd-munich-presents-kubernetes-community-days-munich-2022-1/
- 4 participants
- 1:40 hours
12 Jul 2022
We started learning WebAssembly from scratch with AssemblyScript, following the tutorial with TypeScript with add() and our own functions to manipulate HTML DOM: fib() for numbers, hello_from() for strings, sort() and format_arr() for array sorting. The whole experience was done in Gitpod in the browser.
Demo project: https://gitlab.com/everyonecancontribute/dev/learn-wasm-assemblyscript
Blog: https://everyonecancontribute.com/post/2022-07-12-cafe-53-webassemply-assemblyscript-first-steps-gitpod/
AssemblyScript: https://www.assemblyscript.org/getting-started.html#setting-up-a-new-project
Wasm Cooking with Golang book: https://k33g.gumroad.com/l/wasmcooking
Demo project: https://gitlab.com/everyonecancontribute/dev/learn-wasm-assemblyscript
Blog: https://everyonecancontribute.com/post/2022-07-12-cafe-53-webassemply-assemblyscript-first-steps-gitpod/
AssemblyScript: https://www.assemblyscript.org/getting-started.html#setting-up-a-new-project
Wasm Cooking with Golang book: https://k33g.gumroad.com/l/wasmcooking
- 4 participants
- 1:10 hours
14 Jun 2022
Blog post: https://everyonecancontribute.com/post/2022-06-16-cafe-52-learned-at-kubecon-eu-coffee-chat/ (including all playlists, blog posts, CLI commands and more context to learn)
Tetragon: https://github.com/cilium/tetragon
Tetragon: https://github.com/cilium/tetragon
- 2 participants
- 1:11 hours
11 May 2022
Chainguard Enforce: https://www.chainguard.dev/chainguard-enforce
Blog with all URLs and insights: https://everyonecancontribute.com/post/2022-05-10-cafe-51-first-look-chainguard-enforce-software-supply-chain-security/
Request a demo at https://www.chainguard.dev/chainguard-enforce
TOC
00:00 Introductions
3:04 Introduction to Software Supply Chain Security
5:00 Introduction to Chainguard Enforce
9:55 Demo: GitLab repo with a webserver which gets deployed as container image in the pipeline
12:00 cosign verify - unsiged image
13:20 chainctl SaaS login to load default image policy
15:10 Chainguard Enforce custom policy for GitLab deployment
17:00 Chainguard agent install, light-weight to observe & enforce
23:00 Update GitLab CI/CD config to build & sign the image
28:20 Deploy and verify the signed image
31:30 Observing - now enforcing the policies, verify the signatures and identities
36:00 Other types of policies for Enforce
36:50 Why Chainguard Enforce
37:30 Questions, answers, discussions
56:33 KubeCon EU outlook - join Carlos with the SIG Release Update on "Releasing Kubernetes Less Often and More Secure"- https://twitter.com/dnsmichi/status/1524080403405017089
Blog with all URLs and insights: https://everyonecancontribute.com/post/2022-05-10-cafe-51-first-look-chainguard-enforce-software-supply-chain-security/
Request a demo at https://www.chainguard.dev/chainguard-enforce
TOC
00:00 Introductions
3:04 Introduction to Software Supply Chain Security
5:00 Introduction to Chainguard Enforce
9:55 Demo: GitLab repo with a webserver which gets deployed as container image in the pipeline
12:00 cosign verify - unsiged image
13:20 chainctl SaaS login to load default image policy
15:10 Chainguard Enforce custom policy for GitLab deployment
17:00 Chainguard agent install, light-weight to observe & enforce
23:00 Update GitLab CI/CD config to build & sign the image
28:20 Deploy and verify the signed image
31:30 Observing - now enforcing the policies, verify the signatures and identities
36:00 Other types of policies for Enforce
36:50 Why Chainguard Enforce
37:30 Questions, answers, discussions
56:33 KubeCon EU outlook - join Carlos with the SIG Release Update on "Releasing Kubernetes Less Often and More Secure"- https://twitter.com/dnsmichi/status/1524080403405017089
- 6 participants
- 59 minutes
13 Apr 2022
Website: https://dagger.io/
Blog: https://everyonecancontribute.com/post/2022-04-12-cafe-50-first-look-dagger/
Slides: https://docs.google.com/presentation/d/1sWZBTmNIM1pil_Im3doWlCXOsweDAcPMwmvIi7X-MQo/edit
Example project: https://gitlab.com/everyonecancontribute/ci-cd/dagger
Blog: https://everyonecancontribute.com/post/2022-04-12-cafe-50-first-look-dagger/
Slides: https://docs.google.com/presentation/d/1sWZBTmNIM1pil_Im3doWlCXOsweDAcPMwmvIi7X-MQo/edit
Example project: https://gitlab.com/everyonecancontribute/ci-cd/dagger
- 4 participants
- 1:14 hours
9 Mar 2022
Anaïs Urlichs did a deep dive into the OSS tools from Aqua Security: Trivy, tfsec, Starboard, Tracee and more. We have discussed usage scenarios, custom policies, the integration touch points between the tools, and how to contribute.
Join our meetup group: https://www.meetup.com/everyonecancontribute-cafe/ Blog: https://everyonecancontribute.com/post/2022-03-08-cafe-49-aqua-security-open-source/
TOC
0:00 Introduction
2:39 Overview of Aqua Security OSS projects
3:22 Trivy: Container and IaC security scanning https://aquasecurity.github.io/trivy/latest/
16:40 Trivy: Custom policies https://aquasecurity.github.io/trivy/latest/misconfiguration/custom/ & differences to tfsec https://aquasecurity.github.io/trivy/latest/misconfiguration/comparison/tfsec/
19:34 Starboard: Vulnerability scanning in Kubernetes clusters https://aquasecurity.github.io/starboard/latest/
25:34 Starboard: Custom policies for Trivy https://aquasecurity.github.io/starboard/latest/integrations/vulnerability-scanners/trivy/
30:22 Trivy exporter for Prometheus
30:58 Aqua Enterprise insights into runtime protection
35:00 Starboard operator, with Prometheus metrics
38:00 Starboard integrations: Polaris, Conftest
42:58 Tracee: Runtime security and forensics using eBPF https://aquasecurity.github.io/tracee/latest/
51:55 Tracee: Differences to Falco discussion https://github.com/aquasecurity/tracee/issues/48
57:52 How to contribute: Slack https://blog.aquasec.com/open-source-developer-slack-community & projects https://github.com/aquasecurity
1:00:43 Q&A: Starboard reports dashboard, alerting, OOTB support in Aqua Enterprise, open-sourcing the tools to keep the pace of development, and reduce server load.
Join our meetup group: https://www.meetup.com/everyonecancontribute-cafe/ Blog: https://everyonecancontribute.com/post/2022-03-08-cafe-49-aqua-security-open-source/
TOC
0:00 Introduction
2:39 Overview of Aqua Security OSS projects
3:22 Trivy: Container and IaC security scanning https://aquasecurity.github.io/trivy/latest/
16:40 Trivy: Custom policies https://aquasecurity.github.io/trivy/latest/misconfiguration/custom/ & differences to tfsec https://aquasecurity.github.io/trivy/latest/misconfiguration/comparison/tfsec/
19:34 Starboard: Vulnerability scanning in Kubernetes clusters https://aquasecurity.github.io/starboard/latest/
25:34 Starboard: Custom policies for Trivy https://aquasecurity.github.io/starboard/latest/integrations/vulnerability-scanners/trivy/
30:22 Trivy exporter for Prometheus
30:58 Aqua Enterprise insights into runtime protection
35:00 Starboard operator, with Prometheus metrics
38:00 Starboard integrations: Polaris, Conftest
42:58 Tracee: Runtime security and forensics using eBPF https://aquasecurity.github.io/tracee/latest/
51:55 Tracee: Differences to Falco discussion https://github.com/aquasecurity/tracee/issues/48
57:52 How to contribute: Slack https://blog.aquasec.com/open-source-developer-slack-community & projects https://github.com/aquasecurity
1:00:43 Q&A: Starboard reports dashboard, alerting, OOTB support in Aqua Enterprise, open-sourcing the tools to keep the pace of development, and reduce server load.
- 6 participants
- 1:05 hours
9 Feb 2022
Niclas explained Blockchain from the fundamentals to deploying a program on Solana as an example. We've discussed Ethereum, web3 principles, and more ideas about blockchain development, CI/CD, Ops (storage, backup, observability).
* Proof of work vs Proof of Stake: https://tradewithus.ch/know-how/proof-of-work-vs-proof-of-stake/
* Solana quickstart: https://github.com/solana-labs/example-helloworld#quick-start
* Awesome Solana List: https://github.com/avareum/awesome-solana
* Solana development guide by Nader Dabit: https://dev.to/dabit3/the-complete-guide-to-full-stack-solana-development-with-react-anchor-rust-and-phantom-3291
* Book resource: Mastering Ethereum: https://ethereumbook.info/
* Meetup: https://www.meetup.com/everyonecancontribute-cafe/events/283360587/
More at https://everyonecancontribute.com/post/2022-02-08-cafe-48-blockchain-web3/
***Save the date for the next meetup on 2022-03-08: AquaSecurity and Open Source with Anaïs Urlichs*** - https://www.meetup.com/everyonecancontribute-cafe/events/283725605/
* Proof of work vs Proof of Stake: https://tradewithus.ch/know-how/proof-of-work-vs-proof-of-stake/
* Solana quickstart: https://github.com/solana-labs/example-helloworld#quick-start
* Awesome Solana List: https://github.com/avareum/awesome-solana
* Solana development guide by Nader Dabit: https://dev.to/dabit3/the-complete-guide-to-full-stack-solana-development-with-react-anchor-rust-and-phantom-3291
* Book resource: Mastering Ethereum: https://ethereumbook.info/
* Meetup: https://www.meetup.com/everyonecancontribute-cafe/events/283360587/
More at https://everyonecancontribute.com/post/2022-02-08-cafe-48-blockchain-web3/
***Save the date for the next meetup on 2022-03-08: AquaSecurity and Open Source with Anaïs Urlichs*** - https://www.meetup.com/everyonecancontribute-cafe/events/283725605/
- 2 participants
- 1:11 hours
19 Jan 2022
Slides: https://docs.google.com/presentation/d/15CzbqO3leXOnH3Pwz94zYRzeOT8g92YQK7wC-Ii8HzU/edit
Meetup: https://www.meetup.com/everyonecancontribute-cafe/events/282736146/
0:00 Introduction
1:40 Presentation start
3:16 3 Pillars of Observability: Metrics, logs, traces
10:47 Profiling
11:37 Overlap of Observability
15:47 Known and Unknown
17:14 Observability example: Docker Hub Rate Limits
18:55 OpenTelemetry & Tracing History
23:08 Use case: CI/CD Observability https://gitlab.com/gitlab-org/gitlab/-/issues/338943
25:31 Use case: Quality Gates
28:41 From DIY Monitoring to Observability
30:40 o11y.love as learning collection
31:30 Group discussion
Meetup: https://www.meetup.com/everyonecancontribute-cafe/events/282736146/
0:00 Introduction
1:40 Presentation start
3:16 3 Pillars of Observability: Metrics, logs, traces
10:47 Profiling
11:37 Overlap of Observability
15:47 Known and Unknown
17:14 Observability example: Docker Hub Rate Limits
18:55 OpenTelemetry & Tracing History
23:08 Use case: CI/CD Observability https://gitlab.com/gitlab-org/gitlab/-/issues/338943
25:31 Use case: Quality Gates
28:41 From DIY Monitoring to Observability
30:40 o11y.love as learning collection
31:30 Group discussion
- 4 participants
- 1:06 hours
14 Dec 2021
00:00 Intros & learned this year
14:57 Michael Aigner shares how to develop a Raycast extension in a workshop
57:49 Opstrace announcement surprise with Seb and Mat
https://opstrace.com/blog/gitlab
https://venturebeat.com/2021/12/14/gitlab-acquires-open-source-observability-distribution-opstrace/
14:57 Michael Aigner shares how to develop a Raycast extension in a workshop
57:49 Opstrace announcement surprise with Seb and Mat
https://opstrace.com/blog/gitlab
https://venturebeat.com/2021/12/14/gitlab-acquires-open-source-observability-distribution-opstrace/
- 10 participants
- 1:09 hours
23 Nov 2021
k6: https://k6.io/
Blog: https://everyonecancontribute.com/post/2021-11-23-cafe-45-k6-load-performance-testing/
Twitter thread: https://twitter.com/dnsmichi/status/1463194953170014221
k6 Office Hours: How GitLab uses k6 with Grant Young: https://www.youtube.com/watch?v=YTGkq0m1bYk
Join our meetup group: https://www.meetup.com/everyonecancontribute-cafe/
Website: https://everyonecancontribute.com/
Chapters:
00:00 Introductions
8:42 k6 Introduction
14:00 OSS and cloud differences explained
17:16 Single binary and extensions
23:50 Thresholds and SLOs
31:28 k6 cloud as datasource for Grafana cloud
33:30 Prometheus remote writes
37:00 Browser testing (announced at Grafana ObservabilityCon)
47:25 k6 Operator - Load testing as code
49:10 Q&A
Blog: https://everyonecancontribute.com/post/2021-11-23-cafe-45-k6-load-performance-testing/
Twitter thread: https://twitter.com/dnsmichi/status/1463194953170014221
k6 Office Hours: How GitLab uses k6 with Grant Young: https://www.youtube.com/watch?v=YTGkq0m1bYk
Join our meetup group: https://www.meetup.com/everyonecancontribute-cafe/
Website: https://everyonecancontribute.com/
Chapters:
00:00 Introductions
8:42 k6 Introduction
14:00 OSS and cloud differences explained
17:16 Single binary and extensions
23:50 Thresholds and SLOs
31:28 k6 cloud as datasource for Grafana cloud
33:30 Prometheus remote writes
37:00 Browser testing (announced at Grafana ObservabilityCon)
47:25 k6 Operator - Load testing as code
49:10 Q&A
- 9 participants
- 1:10 hours
8 Sep 2021
Pyrra starts after the introductions at ~ 11:00
Blog: https://everyonecancontribute.com/post/2021-09-08-cafe-44-slo-management-prometheus-pyrra-nobl9-openslo/
Pyrra: https://pyrra.dev
Nobl9: https://nobl9.com/
OpenSLO: https://openslo.com
SLOConf YT playlist: https://www.youtube.com/playlist?list=PLLNq9CBV7AFwyRzICyCRKdcsAPAlG5bPu
SLO book: https://www.oreilly.com/library/view/implementing-service-level/9781492076803/
Blog: https://everyonecancontribute.com/post/2021-09-08-cafe-44-slo-management-prometheus-pyrra-nobl9-openslo/
Pyrra: https://pyrra.dev
Nobl9: https://nobl9.com/
OpenSLO: https://openslo.com
SLOConf YT playlist: https://www.youtube.com/playlist?list=PLLNq9CBV7AFwyRzICyCRKdcsAPAlG5bPu
SLO book: https://www.oreilly.com/library/view/implementing-service-level/9781492076803/
- 14 participants
- 1:05 hours
18 Aug 2021
Blog: https://everyonecancontribute.com/post/2021-08-18-cafe-43-more-package-dependency-hunting-with-gitlab/
Slides: https://docs.google.com/presentation/d/1biVRpHGBeHJvUeeySOrPAW8qFmls-EvWEj9_JVHVnuw/edit
Repositories: https://gitlab.com/everyonecancontribute/security
Slides: https://docs.google.com/presentation/d/1biVRpHGBeHJvUeeySOrPAW8qFmls-EvWEj9_JVHVnuw/edit
Repositories: https://gitlab.com/everyonecancontribute/security
- 5 participants
- 1:11 hours
11 Aug 2021
Blog: https://everyonecancontribute.com/post/2021-08-11-cafe-42-falco-gitlab-package-hunter/
Falco: https://falco.org/
Package Hunter: https://about.gitlab.com/blog/2021/07/23/announcing-package-hunter/
Falco: https://falco.org/
Package Hunter: https://about.gitlab.com/blog/2021/07/23/announcing-package-hunter/
- 4 participants
- 1:08 hours
4 Aug 2021
Blog post: https://everyonecancontribute.com/post/2021-08-04-cafe-41-kubernetes-cluster-image-scanning-trivy-starboard/
Twitter thread: https://twitter.com/dnsmichi/status/1422554626700754948
Twitter thread: https://twitter.com/dnsmichi/status/1422554626700754948
- 5 participants
- 1:41 hours
28 Jul 2021
Blog: https://everyonecancontribute.com/post/2021-07-28-cafe-40-terraform-helm-gitlab-registry/
Twitter thread: https://twitter.com/dnsmichi/status/1420404195895689216
Twitter thread: https://twitter.com/dnsmichi/status/1420404195895689216
- 8 participants
- 1:46 hours
21 Jul 2021
Blog: https://everyonecancontribute.com/post/2021-07-21-cafe-39-civo-cloud-k3s-gitlab/
Website: https://www.civo.com/
Follow Anaïs Urlichs on https://twitter.com/urlichsanais
Twitter thread: https://twitter.com/dnsmichi/status/1417878884217991177
Website: https://www.civo.com/
Follow Anaïs Urlichs on https://twitter.com/urlichsanais
Twitter thread: https://twitter.com/dnsmichi/status/1417878884217991177
- 8 participants
- 1:18 hours
14 Jul 2021
Blog: https://everyonecancontribute.com/post/2021-07-14-cafe-38-talos-kubernetes-os/
Website: https://www.talos.dev/
Twitter thread: https://twitter.com/philip_welz/status/1415341665636732933
Website: https://www.talos.dev/
Twitter thread: https://twitter.com/philip_welz/status/1415341665636732933
- 3 participants
- 1:36 hours
7 Jul 2021
Blog: https://everyonecancontribute.com/post/2021-07-07-cafe-37-policy-reporter-for-kyverno/
Policy Reporter: https://github.com/fjogeleit/policy-reporter
Policy Reporter: https://github.com/fjogeleit/policy-reporter
- 4 participants
- 1:05 hours
23 Jun 2021
Blog: https://everyonecancontribute.com/post/2021-06-23-cafe-35-litmus-chaos-engineering-kubernetes/
Litmus: https://litmuschaos.io/
Twitter thread: https://twitter.com/dnsmichi/status/1407731465509654530
Litmus: https://litmuschaos.io/
Twitter thread: https://twitter.com/dnsmichi/status/1407731465509654530
- 5 participants
- 2:05 hours
16 Jun 2021
- Blog post: https://everyonecancontribute.com/post/2021-06-16-cafe-34-gitlab-14-secrets-session/
- GitLab 14 release post items: https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests?scope=all&state=all&label_name%5B%5D=release%20post&milestone_title=14.0
- Twitter ideas: https://twitter.com/nmeisenzahl/status/1405211201756438539
- GitLab 14 release post items: https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests?scope=all&state=all&label_name%5B%5D=release%20post&milestone_title=14.0
- Twitter ideas: https://twitter.com/nmeisenzahl/status/1405211201756438539
- 4 participants
- 1:31 hours
9 Jun 2021
Blog: https://everyonecancontribute.com/post/2021-06-09-cafe-33-cloud-native-security-snyk/
Website: https://snyk.io/
Twitter thread: https://twitter.com/dnsmichi/status/1401945459510415367
Website: https://snyk.io/
Twitter thread: https://twitter.com/dnsmichi/status/1401945459510415367
- 5 participants
- 1:05 hours
2 Jun 2021
Blog: https://everyonecancontribute.com/post/2021-06-02-cafe-32-polar-signals-continuous-profiling/
Website: https://www.polarsignals.com/
Twitter thread: https://twitter.com/dnsmichi/status/1400121372341321734
Demo starts at 14:20
Website: https://www.polarsignals.com/
Twitter thread: https://twitter.com/dnsmichi/status/1400121372341321734
Demo starts at 14:20
- 8 participants
- 1:00 hours
26 May 2021
Blog: https://everyonecancontribute.com/post/2021-05-26-cafe-31-machine-learning/
Kris Howard: https://twitter.com/web_goddess
Twitter thread: https://twitter.com/dnsmichi/status/1397584420534726665
Kris Howard: https://twitter.com/web_goddess
Twitter thread: https://twitter.com/dnsmichi/status/1397584420534726665
- 7 participants
- 1:28 hours
19 May 2021
Blog: https://everyonecancontribute.com/post/2021-05-19-cafe-30-kubernetes-monitoring-prometheus/
- Kubernetes Operator Quickstart https://prometheus-operator.dev/docs/prologue/quick-start/
- GitLab Kubernetes Agent
- Repository https://gitlab.com/everyonecancontribute/kubernetes/k8s-agent
- /metrics endpoint analysis](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/merge_requests/263/diffs#8a7842069a72b388bf7db1c9832ea514bbce16b8_19_23
- Twitter thread https://twitter.com/dnsmichi/status/1395056573492367371
- Prometheus Learning Resources
- Trainings by PromLabs](https://training.promlabs.com/
- 100 Days of Kubernetes by Anaïs Urlichs https://100daysofkubernetes.io/observability/prometheus-exporter.html
- Robust Perception Blog](https://www.robustperception.io/blog
- Prometheus: Up and Running book https://www.oreilly.com/library/view/prometheus-up/9781492034131/
- Kubernetes Operator Quickstart https://prometheus-operator.dev/docs/prologue/quick-start/
- GitLab Kubernetes Agent
- Repository https://gitlab.com/everyonecancontribute/kubernetes/k8s-agent
- /metrics endpoint analysis](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/merge_requests/263/diffs#8a7842069a72b388bf7db1c9832ea514bbce16b8_19_23
- Twitter thread https://twitter.com/dnsmichi/status/1395056573492367371
- Prometheus Learning Resources
- Trainings by PromLabs](https://training.promlabs.com/
- 100 Days of Kubernetes by Anaïs Urlichs https://100daysofkubernetes.io/observability/prometheus-exporter.html
- Robust Perception Blog](https://www.robustperception.io/blog
- Prometheus: Up and Running book https://www.oreilly.com/library/view/prometheus-up/9781492034131/
- 4 participants
- 1:28 hours
12 May 2021
Blog: https://everyonecancontribute.com/post/2021-05-12-cafe-29-operational-verification-with-puppet/
- 3 participants
- 1:11 hours
5 May 2021
Blog: https://everyonecancontribute.com/post/2021-05-05-cafe-28-kubecon-gitlab-kubernetes-agent/
* KubeCon EU recap & insights 0:00 * GitLab Kubernetes Agent at 14:20 * Future cafe events at 1:14:20
* KubeCon EU recap & insights 0:00 * GitLab Kubernetes Agent at 14:20 * Future cafe events at 1:14:20
- 5 participants
- 1:23 hours
21 Apr 2021
Blog: https://everyonecancontribute.com/post/2021-04-21-cafe-26-automate-kubernetes-deployment-gitlab-ci-cd-iteration-2/
Repository: https://gitlab.com/everyonecancontribute/kubernetes/k3s-demo
Repository: https://gitlab.com/everyonecancontribute/kubernetes/k3s-demo
- 4 participants
- 1:03 hours
14 Apr 2021
Opstrace starts at 5:56 after introductions.
Blog: https://everyonecancontribute.com/post/2021-04-14-cafe-25-opstrace-observability/
Twitter thread: https://twitter.com/dnsmichi/status/1382365947122581506
Website: https://opstrace.com/
Open Source observability is moving fast, it is hard to catch up. We want to make things easy to deploy and use.
Insights
- Quickstart installation in AWS.
- Opstrace deploys Loki, Cortex, Prometheus, Ingress Controller, APIs, UI, Grafana in the Kubernetes cluster in AWS.
- Authentication with Auth0, future brings Dex to provide SAML, etc. for SSO.
- Grafana comes with default dashboards.
- You can send data to Opstrace from a local demo environment with docker-compose.
- Metrics generated by Avalanche, scraped with Prometheus. Log messages scraped with Fluentd. - Grafana combines Loki (logs) and Prometheus (metrics) as data sources.
- Easy to use Prometheus Alert Manager, configuration using an API for automated rules creation, or a UI. The Cortex functionality is proxied by Opstrace with an authentication token and API interface.
- Roadmap ideas: SLOs and error budgets - generate rules and provide templates out of the box.
- Monitoring Cloud Vendor Metrics, no Prometheus provisioning. Instead, send configuration over the API and a new cloudwatch_exporter container is deployed to the Opstrace tenant.
- Open discussion with ideas and questions:
- High Availability - out of the box, Cortex comes with 3 nodes by default, and cloud/Kubernetes takes care of failover.
- Which problems are not yet solved with monitoring/observability?
- Now focus on onboarding, easy to get started with Open Source, similar experience like Datadog.
- Improve usability of Grafana, should be much more collaborative as a UI. Make it a debug session, and instead of using Google docs / Notion, add text, graphs, etc. and have these documents live in there, even after a year.
- How to answer any question - links between logs, metrics, traces. Exemplars for linking metrics and traces, released in Prometheus 2.26. More on this Grafana blog post about Tempo and our 6. Cafe with Tempo when it was announced in October 2020.
- Integrating Opstrace, e.g. a graph into Merge Requests from a staging deployment.
- Join the issue tracker and Slack to discuss development ideas.
- Thought of integrating Vector for logs?
- What was the intention to create Opstrace?
- Ask infrastructure questions, and needed to collect data. We love Prometheus, but there is still so much to build.
- Datadog and it runs in your SaaS, first idea was more closed.
- Continued to iterate, we are standing on the should of giants - make it an open source project. It is harder.
- Don’t re-implement everything, work together.
- Reporting dashboards & customization - make it easy to use.
- Incident management integrated with GitLab and alike.
- As a developer, I don’t care about the configuration or the service being run in Kubernetes. I want to see metrics from a staging deployment, and focus on the fun stuff.
- Security comes out of the box - communication between monitoring nodes. GDPR for logs, and compliance levels. What data is stored in the backend
- We’ll revisit Opstrace in the future and see how things are going. And of course try it ourselves, maybe in a future #everyonecancontribute cafe.
Blog: https://everyonecancontribute.com/post/2021-04-14-cafe-25-opstrace-observability/
Twitter thread: https://twitter.com/dnsmichi/status/1382365947122581506
Website: https://opstrace.com/
Open Source observability is moving fast, it is hard to catch up. We want to make things easy to deploy and use.
Insights
- Quickstart installation in AWS.
- Opstrace deploys Loki, Cortex, Prometheus, Ingress Controller, APIs, UI, Grafana in the Kubernetes cluster in AWS.
- Authentication with Auth0, future brings Dex to provide SAML, etc. for SSO.
- Grafana comes with default dashboards.
- You can send data to Opstrace from a local demo environment with docker-compose.
- Metrics generated by Avalanche, scraped with Prometheus. Log messages scraped with Fluentd. - Grafana combines Loki (logs) and Prometheus (metrics) as data sources.
- Easy to use Prometheus Alert Manager, configuration using an API for automated rules creation, or a UI. The Cortex functionality is proxied by Opstrace with an authentication token and API interface.
- Roadmap ideas: SLOs and error budgets - generate rules and provide templates out of the box.
- Monitoring Cloud Vendor Metrics, no Prometheus provisioning. Instead, send configuration over the API and a new cloudwatch_exporter container is deployed to the Opstrace tenant.
- Open discussion with ideas and questions:
- High Availability - out of the box, Cortex comes with 3 nodes by default, and cloud/Kubernetes takes care of failover.
- Which problems are not yet solved with monitoring/observability?
- Now focus on onboarding, easy to get started with Open Source, similar experience like Datadog.
- Improve usability of Grafana, should be much more collaborative as a UI. Make it a debug session, and instead of using Google docs / Notion, add text, graphs, etc. and have these documents live in there, even after a year.
- How to answer any question - links between logs, metrics, traces. Exemplars for linking metrics and traces, released in Prometheus 2.26. More on this Grafana blog post about Tempo and our 6. Cafe with Tempo when it was announced in October 2020.
- Integrating Opstrace, e.g. a graph into Merge Requests from a staging deployment.
- Join the issue tracker and Slack to discuss development ideas.
- Thought of integrating Vector for logs?
- What was the intention to create Opstrace?
- Ask infrastructure questions, and needed to collect data. We love Prometheus, but there is still so much to build.
- Datadog and it runs in your SaaS, first idea was more closed.
- Continued to iterate, we are standing on the should of giants - make it an open source project. It is harder.
- Don’t re-implement everything, work together.
- Reporting dashboards & customization - make it easy to use.
- Incident management integrated with GitLab and alike.
- As a developer, I don’t care about the configuration or the service being run in Kubernetes. I want to see metrics from a staging deployment, and focus on the fun stuff.
- Security comes out of the box - communication between monitoring nodes. GDPR for logs, and compliance levels. What data is stored in the backend
- We’ll revisit Opstrace in the future and see how things are going. And of course try it ourselves, maybe in a future #everyonecancontribute cafe.
- 8 participants
- 1:36 hours
7 Apr 2021
We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series.
- This week: https://everyonecancontribute.com/post/2021-04-07-cafe-24-automate-kubernetes-deployment-ansible-gitlab-cicd/
- Last week: https://everyonecancontribute.com/post/2021-03-31-cafe-23-automate-kubernetes-setup-hetzner-firewall-feature/
- This week: https://everyonecancontribute.com/post/2021-04-07-cafe-24-automate-kubernetes-deployment-ansible-gitlab-cicd/
- Last week: https://everyonecancontribute.com/post/2021-03-31-cafe-23-automate-kubernetes-setup-hetzner-firewall-feature/
- 4 participants
- 1:21 hours
31 Mar 2021
Blog: https://everyonecancontribute.com/post/2021-03-31-cafe-23-automate-kubernetes-setup-hetzner-firewall-feature/
Twitter thread: https://twitter.com/dnsmichi/status/1377291517409247243
Twitter thread: https://twitter.com/dnsmichi/status/1377291517409247243
- 5 participants
- 1:16 hours
24 Mar 2021
Blog: https://everyonecancontribute.com/post/2021-03-24-cafe-22-multi-tenancy-with-kiosk-in-kubernetes/
Twitter thread: https://twitter.com/dnsmichi/status/1374769483911430144
Twitter thread: https://twitter.com/dnsmichi/status/1374769483911430144
- 5 participants
- 1:08 hours
17 Mar 2021
Blog: https://everyonecancontribute.com/post/2021-03-17-cafe-21-kubernetes-security-openid-kiosk/
Last week: https://everyonecancontribute.com/post/2021-03-10-cafe-20-securing-kubernetes-with-kyverno/
Twitter: https://twitter.com/dnsmichi/status/1372233214543159298
Last week: https://everyonecancontribute.com/post/2021-03-10-cafe-20-securing-kubernetes-with-kyverno/
Twitter: https://twitter.com/dnsmichi/status/1372233214543159298
- 3 participants
- 1:05 hours
10 Mar 2021
Blog post with URLs & insights: https://everyonecancontribute.com/post/2021-03-10-cafe-20-securing-kubernetes-with-kyverno/
Continuing from last week, not breaking security but making it more secure :)
https://everyonecancontribute.com/post/2021-03-03-cafe-19-break-into-kubernetes-security/
Twitter thread: https://twitter.com/dnsmichi/status/1369697355281367047
Continuing from last week, not breaking security but making it more secure :)
https://everyonecancontribute.com/post/2021-03-03-cafe-19-break-into-kubernetes-security/
Twitter thread: https://twitter.com/dnsmichi/status/1369697355281367047
- 3 participants
- 1:10 hours
3 Mar 2021
Blog post: https://everyonecancontribute.com/post/2021-03-03-cafe-19-break-into-kubernetes-security/
Twitter thread: https://twitter.com/dnsmichi/status/1367159262653382666
Website: https://everyonecancontribute.com/
Kyverno for pod security: https://kyverno.io/
Twitter thread: https://twitter.com/dnsmichi/status/1367159262653382666
Website: https://everyonecancontribute.com/
Kyverno for pod security: https://kyverno.io/
- 4 participants
- 1:05 hours
24 Feb 2021
Blog post on https://everyonecancontribute.com/
Kubernetes group repos: https://gitlab.com/everyonecancontribute/kubernetes
Twitter thread: https://twitter.com/dnsmichi/status/1364622431202213893
Kubernetes group repos: https://gitlab.com/everyonecancontribute/kubernetes
Twitter thread: https://twitter.com/dnsmichi/status/1364622431202213893
- 4 participants
- 1:08 hours
17 Feb 2021
Last week: https://everyonecancontribute.com/post/2021-02-10-cafe-16-kubernetes-deployments-to-hetzner-cloud-part-3/
- Demo repository: https://gitlab.com/ekeih/k3s-demo
- Twitter thread: https://twitter.com/dnsmichi/status/1362101461337985028
- Demo repository: https://gitlab.com/ekeih/k3s-demo
- Twitter thread: https://twitter.com/dnsmichi/status/1362101461337985028
- 4 participants
- 1:28 hours
10 Feb 2021
Blog: https://everyonecancontribute.com/post/2021-02-10-cafe-16-kubernetes-deployments-to-hetzner-cloud-part-3/
Step 1: https://everyonecancontribute.com/post/2021-01-27-cafe-14-kubernetes-deployments-to-hetzner-cloud/
Step 2: https://everyonecancontribute.com/post/2021-02-03-cafe-15-kubernetes-deployments-to-hetzner-cloud-part-2/
Demo repo: https://gitlab.com/ekeih/k3s-demo
Follow Max Rosin on Twitter: https://twitter.com/ekeih
Step 1: https://everyonecancontribute.com/post/2021-01-27-cafe-14-kubernetes-deployments-to-hetzner-cloud/
Step 2: https://everyonecancontribute.com/post/2021-02-03-cafe-15-kubernetes-deployments-to-hetzner-cloud-part-2/
Demo repo: https://gitlab.com/ekeih/k3s-demo
Follow Max Rosin on Twitter: https://twitter.com/ekeih
- 3 participants
- 1:15 hours
3 Feb 2021
Last week's session (recording & URLs included): https://everyonecancontribute.com/post/2021-01-27-cafe-14-kubernetes-deployments-to-hetzner-cloud/
Blog post: https://everyonecancontribute.com/post/2021-02-03-cafe-15-kubernetes-deployments-to-hetzner-cloud-part-2/
Repository: https://gitlab.com/ekeih/k3s-demo
Questions? Join our Gitter channel: https://gitter.im/everyonecancontribute/community
Blog post: https://everyonecancontribute.com/post/2021-02-03-cafe-15-kubernetes-deployments-to-hetzner-cloud-part-2/
Repository: https://gitlab.com/ekeih/k3s-demo
Questions? Join our Gitter channel: https://gitter.im/everyonecancontribute/community
- 2 participants
- 1:15 hours
27 Jan 2021
Hetzner Cloud: https://www.hetzner.com/cloud
Demo repository: https://gitlab.com/ekeih/k3s-demo
Direction: https://about.gitlab.com/direction/configure/infrastructure_as_code/
Features:
- Protected Terraform states (developer access): https://gitlab.com/gitlab-org/gitlab/-/issues/227108
- Terraform MR widget integration, next steps: https://gitlab.com/groups/gitlab-org/-/epics/3441
- 5 minute production app with Terraform in the background: https://about.gitlab.com/blog/2020/12/15/first-code-to-ci-cd-deployments-in-5-minutes/
- Terraform Registry: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18834
- Move Kubernetes cluster creation into Terraform: https://gitlab.com/gitlab-org/gitlab/-/issues/220201
Demo repository: https://gitlab.com/ekeih/k3s-demo
Direction: https://about.gitlab.com/direction/configure/infrastructure_as_code/
Features:
- Protected Terraform states (developer access): https://gitlab.com/gitlab-org/gitlab/-/issues/227108
- Terraform MR widget integration, next steps: https://gitlab.com/groups/gitlab-org/-/epics/3441
- 5 minute production app with Terraform in the background: https://about.gitlab.com/blog/2020/12/15/first-code-to-ci-cd-deployments-in-5-minutes/
- Terraform Registry: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18834
- Move Kubernetes cluster creation into Terraform: https://gitlab.com/gitlab-org/gitlab/-/issues/220201
- 4 participants
- 1:08 hours
20 Jan 2021
- Documentation: https://docs.gitlab.com/runner/configuration/autoscale.html
- Blog post: https://fotoallerlei.com/blog/post/2020/autoscaling-gitlab-runners-on-hetzner-cloud/post
- CI autoscaling research: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27061
- docker-machine direction in GitLab: https://gitlab.com/groups/gitlab-org/-/epics/2502
- Hetzner Cloud curated lists: https://github.com/hetznercloud/awesome-hcloud
Workaround for Docker problem. runners.machine - MachineOptions
"engine-install-url=https://releases.rancher.com/install-docker/19.03.9.sh"
- Blog post: https://fotoallerlei.com/blog/post/2020/autoscaling-gitlab-runners-on-hetzner-cloud/post
- CI autoscaling research: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27061
- docker-machine direction in GitLab: https://gitlab.com/groups/gitlab-org/-/epics/2502
- Hetzner Cloud curated lists: https://github.com/hetznercloud/awesome-hcloud
Workaround for Docker problem. runners.machine - MachineOptions
"engine-install-url=https://releases.rancher.com/install-docker/19.03.9.sh"
- 6 participants
- 1:09 hours
13 Jan 2021
Tweet to start: https://twitter.com/axccl/status/1347665411722989568
Repository: https://gitlab.com/tonka3000/conan-cpp-example
For loops in GitLab YAML with parent/child pipelines: https://gitlab.com/instantlinux/docker-tools/-/blob/master/.gitlab-ci.yml#L38
Repository: https://gitlab.com/tonka3000/conan-cpp-example
For loops in GitLab YAML with parent/child pipelines: https://gitlab.com/instantlinux/docker-tools/-/blob/master/.gitlab-ci.yml#L38
- 3 participants
- 1:27 hours
16 Dec 2020
- Repository: https://gitlab.com/gitlab-de/5-min-prod-app-vuejs
- Blog post: https://about.gitlab.com/blog/2020/12/15/first-code-to-ci-cd-deployments-in-5-minutes/
- Deploy template development: https://gitlab.com/gitlab-org/5-minute-production-app/deploy-template
- Live from AWS: https://twitter.com/dnsmichi/status/1339201532416372737
CI Insights
- Includes: https://docs.gitlab.com/ee/ci/yaml/includes.html
- Built-in templates: https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates
- 3 YAML tips for better pipelines: https://about.gitlab.com/blog/2020/10/01/three-yaml-tips-better-pipelines/
- Security Webcast: https://gitlab.com/dnsmichi/ci-security-webcast-2020/-/blob/master/.gitlab-ci.yml
- Tests with the same job name: https://gitlab.com/dnsmichi/ci-cd-playground/-/merge_requests/6/diffs
- Anchors und extends example: https://git.netways.de/packaging/pipelines/-/blob/master/rpm-base.yml
Learn X in Y minutes: https://learnxinyminutes.com/
- Blog post: https://about.gitlab.com/blog/2020/12/15/first-code-to-ci-cd-deployments-in-5-minutes/
- Deploy template development: https://gitlab.com/gitlab-org/5-minute-production-app/deploy-template
- Live from AWS: https://twitter.com/dnsmichi/status/1339201532416372737
CI Insights
- Includes: https://docs.gitlab.com/ee/ci/yaml/includes.html
- Built-in templates: https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates
- 3 YAML tips for better pipelines: https://about.gitlab.com/blog/2020/10/01/three-yaml-tips-better-pipelines/
- Security Webcast: https://gitlab.com/dnsmichi/ci-security-webcast-2020/-/blob/master/.gitlab-ci.yml
- Tests with the same job name: https://gitlab.com/dnsmichi/ci-cd-playground/-/merge_requests/6/diffs
- Anchors und extends example: https://git.netways.de/packaging/pipelines/-/blob/master/rpm-base.yml
Learn X in Y minutes: https://learnxinyminutes.com/
- 4 participants
- 1:04 hours
9 Dec 2020
Website: https://raycast.com/
Insights: https://twitter.com/dnsmichi/status/1336718843977338882
Blog soon on: https://everyonecancontribute.com/
Script commands: https://github.com/raycast/script-commands
GitLab commands: https://github.com/raycast/script-commands/pull/149
Insights: https://twitter.com/dnsmichi/status/1336718843977338882
Blog soon on: https://everyonecancontribute.com/
Script commands: https://github.com/raycast/script-commands
GitLab commands: https://github.com/raycast/script-commands/pull/149
- 5 participants
- 1:15 hours
2 Dec 2020
- Use Amazon EC2 Mac Instances to Build & Test macOS, iOS, ipadOS, tvOS, and watchOS Apps https://aws.amazon.com/blogs/aws/new-use-mac-instances-to-build-test-macos-ios-ipados-tvos-and-watchos-apps/
- AWS Proton: A microservices/container deployment service https://aws.amazon.com/blogs/aws/preview-aws-proton-automated-management-for-container-and-serverless-deployments/
- AWS Proton: A microservices/container deployment service https://aws.amazon.com/blogs/aws/preview-aws-proton-automated-management-for-container-and-serverless-deployments/
- 4 participants
- 1:22 hours
11 Nov 2020
Blog: https://everyonecancontribute.com/post/2020-11-11-cafe-8-keptn/
Website: https://keptn.sh/
Demo repositories:
- https://gitlab.com/checkelmann/keptn-demo
- https://gitlab.com/checkelmann/keptn-templates
- https://gitlab.com/checkelmann/keptn-docker
Insights: https://twitter.com/dnsmichi/status/1326572233830109185
Website: https://keptn.sh/
Demo repositories:
- https://gitlab.com/checkelmann/keptn-demo
- https://gitlab.com/checkelmann/keptn-templates
- https://gitlab.com/checkelmann/keptn-docker
Insights: https://twitter.com/dnsmichi/status/1326572233830109185
- 9 participants
- 1:24 hours
4 Nov 2020
Blog post with insights and URLs: https://everyonecancontribute.com/post/2020-11-04-cafe-7-docker-hub-rate-limit-monitoring/
- https://about.gitlab.com/blog/2020/10/30/mitigating-the-impact-of-docker-hub-pull-requests-limits/
- https://about.gitlab.com/blog/2020/10/30/minor-breaking-change-dependency-proxy/
- https://about.gitlab.com/blog/2020/10/30/mitigating-the-impact-of-docker-hub-pull-requests-limits/
- https://about.gitlab.com/blog/2020/10/30/minor-breaking-change-dependency-proxy/
- 4 participants
- 1:07 hours
28 Oct 2020
- 4 participants
- 1:04 hours
21 Oct 2020
Visit https://everyonecancontribute.com
Agenda: https://gitlab.com/everyonecancontribute/general/-/issues/54
Blog: https://about.gitlab.com/blog/2020/10/15/use-waypoint-to-deploy-with-gitlab-cicd/
Getting started: https://www.waypointproject.io/docs/getting-started
Learn: https://learn.hashicorp.com/waypoint
Roadmap: https://www.waypointproject.io/docs/roadmap
Agenda: https://gitlab.com/everyonecancontribute/general/-/issues/54
Blog: https://about.gitlab.com/blog/2020/10/15/use-waypoint-to-deploy-with-gitlab-cicd/
Getting started: https://www.waypointproject.io/docs/getting-started
Learn: https://learn.hashicorp.com/waypoint
Roadmap: https://www.waypointproject.io/docs/roadmap
- 8 participants
- 53 minutes
14 Oct 2020
Blog: https://everyonecancontribute.com/post/2020-10-14-cafe-4-jina-ai/
- Repository: https://github.com/jina-ai/jina
- Examples: https://github.com/jina-ai/examples
- Documentation: https://docs.jina.ai/index.html
- Contribute to Jina.ai: https://github.com/jina-ai/jina/blob/master/CONTRIBUTING.md
- Repository: https://github.com/jina-ai/jina
- Examples: https://github.com/jina-ai/examples
- Documentation: https://docs.jina.ai/index.html
- Contribute to Jina.ai: https://github.com/jina-ai/jina/blob/master/CONTRIBUTING.md
- 7 participants
- 57 minutes
7 Oct 2020
Blog: https://everyonecancontribute.com/post/2020-10-07-cafe-3-gitpod-gitlab-rust/
Slides: https://docs.google.com/presentation/d/1t1FdHh04TAOg9WITqRFJHz1YFxMbsQeekN8th1UfFcI/edit?usp=sharing
Repository: https://gitlab.com/dnsmichi/gitpod-learn-rust
Slides: https://docs.google.com/presentation/d/1t1FdHh04TAOg9WITqRFJHz1YFxMbsQeekN8th1UfFcI/edit?usp=sharing
Repository: https://gitlab.com/dnsmichi/gitpod-learn-rust
- 3 participants
- 2:18 hours
30 Sep 2020
Blog post: https://everyonecancontribute.com/post/2020-09-30-cafe-2-vault-ci/
Demo repository: https://gitlab.com/solidnerd/kaeffchen-vault-instance
GitLab CI Secrets integration: https://docs.gitlab.com/ee/ci/secrets/
Agenda: https://gitlab.com/everyonecancontribute/general/-/issues/43
Demo repository: https://gitlab.com/solidnerd/kaeffchen-vault-instance
GitLab CI Secrets integration: https://docs.gitlab.com/ee/ci/secrets/
Agenda: https://gitlab.com/everyonecancontribute/general/-/issues/43
- 4 participants
- 1:15 hours
23 Sep 2020
QuestDB Introduction, live demo and AMA with Vlad Ilyushchenko, Nicolas Hourcard, David G. Simmons, Niclas Mietz, Michael Friedrich, Michael Aigner, Nico Meisenzahl
Blog: https://everyonecancontribute.com/post/2020-09-23-cafe-1/
QuestDB: https://questdb.io/
Blog: https://everyonecancontribute.com/post/2020-09-23-cafe-1/
QuestDB: https://questdb.io/
- 7 participants
- 1:18 hours