Best practices for Kubernetes security; scaling write-heavy productions; & SRE

Arpit Mohan - Oct 15 '19 - - Dev Community

My TL;DR style notes from articles I read today.

9 Kubernetes security best practices everyone must follow

  1. Always use the latest stable version.
  2. Enable role-based access control (RBAC). Avoid granting cluster-wide permissions.
  3. Make sure to create non-default namespaces with security boundaries customized by their workload.
  4. Run especially sensitive workloads on a dedicated set of machines to limit fallout from any breaches.
  5. Carefully secure access to cloud metadata.
  6. Create and define cluster network policies.
  7. Define a cluster-wide Pod Security Policy for how workloads may run in each cluster.
  8. Harden node security by ensuring your host is secure & controlling network access to sensitive ports.
  9. Enable audit logs. Actively monitor them to identify access attempts.

Full post here, 5 mins read

How Sqreen handles 50,000 requests every minute in a write-heavy environment

Three principles used by Sqreen to build this scalable architecture:

  • Caching to handle large volumes of requests.
  • Using queues to reduce the number of write operations demanded within a given time frame to guard against overload.
  • Designing applications in a way that scalability is achieved by using more or fewer iterations of the same module to scale up and down, rather than requiring a single unit to work faster or harder.

Full post here, 9 mins read

Site reliability engineering best practices for data pipelines

  • Define and measure service-level objectives (SLOs) to ensure data freshness, data correctness, and superior data isolation.
  • Plan for dependency failures by checking for overdependence on products that don’t meet their own SLOs.
  • Create and maintain system diagrams, process documentation and playbook entries that outline recovery from alert conditions.
  • Reduce hot-spotting by balancing out the workload across resources.
  • Utilize autoscaling.
  • Adhere to strict access control for privacy, security and data integrity.
  • Use idempotent and two-phase mutations to avoid duplication or storage of incorrect data in case of pipeline failure in the middle of a process.
  • Use checkpointing to store partially implemented processes.

Full post here, 5 mins read

I share these TL;DR versions of articles on software engineering that I read every weekday through my newsletter - in.snippets(). Sign up here if you liked what you just read.

Image
What Can A Weekly Asbestos Settlement Amounts Project Can Change Your Life
Image
Airco onderhoud Boek direct een airco specialist via Zoofy
Image
15 Reasons Why You Shouldn't Ignore Asbestosis Asbestos Mesothelioma Attorney
Image
mengapa harus masuk di web-site judi slots online terunggul?
Image
15 Surprising Facts About Bi Fold Repairs
Image
10 Things We Hate About Asbestos Attorney
Image
Five Things You Didn't Know About Leg And Arm Injury Lawyers
Image
5 Head Injury Lawyer Projects For Any Budget
Image
How to detect your Python library path from docker in your VS Code
Image
15 Facts Your Boss Wished You Knew About Average Settlement For Asbestos Exposure
Image
What is Test Observability and How Does it Improve the Testing Process?

observability, testing
Image
service
Image
How to Find the Perfect Head Injury Compensation Claims On the Internet
Image
Ten Startups That Are Set To Change The Crypto Coin Casino Industry For The Better
Image
15 Twitter Accounts That Are The Best To Learn About Personal Injury Claims
Image
Couch: The Good, The Bad, And The Ugly
Image
Cat Flap Installation - How to Choose and Install a Cat Flap
Image
How You Can Use A Weekly Crypto Casino Games Project Can Change Your Life
Image
The Full Guide To Asbestos Mesothelioma Lawyers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Terabox Video Player