Try   HackMD

Architecting on OpenShift

Welcome to the Architecting on OpenShift class. This note contain supporting material from public sources that will further improve your understanding of OpenShift / Kubernetes and the corresponding tools.

Books

https://www.redhat.com/cms/managed-files/cm-oreilly-kubernetes-patterns-ebook-f19824-201910-en.pdf
https://www.manning.com/books/kubernetes-in-action-second-edition

Kubernetes in 2023

https://www.youtube.com/watch?v=kGrpLKNi4ZI

Installation

Title Link
OpenShift Versions https://access.redhat.com/support/policy/updates/openshift
UPI VMWare https://github.com/openshift/installer/tree/master/upi/vsphere
Agent Based Installer https://www.youtube.com/watch?v=S_uxOKbD7Xo
SNO Cluster (Single node) https://docs.openshift.com/container-platform/4.12/installing/installing_sno/install-sno-preparing-to-install-sno.html
SNO on AWS Spot https://developers.redhat.com/blog/2023/02/08/sno-spot
Kubernetes the hard way https://github.com/kelseyhightower/kubernetes-the-hard-way

CLI Tools

Title Link
oc https://cheatography.com/itservicestart-up/cheat-sheets/oc-cli-commands/pdf/

Administration

Title Link
SSHing into a node https://access.redhat.com/solutions/6221581
Cluster restore https://www.youtube.com/watch?v=vNaezBzDv6A
App desaster recovery https://www.youtube.com/watch?v=1oypHzqLY6A

Monitoring Logging Tracing

Title Link
Logging https://cloud.redhat.com/blog/whats-new-in-red-hat-openshift-logging-5.5

Networking

Title Link
OVN Kubernetes https://www.youtube.com/watch?v=BMLmHgYYfDI
DNS https://youtu.be/xefHFc5pnJs?t=1403
1 https://www.youtube.com/watch?v=7LRtytR6ZbA
2 https://www.youtube.com/watch?v=NFApeJRXos4
3 https://medium.com/google-cloud/understanding-kubernetes-networking-pods-7117dd28727
4 https://github.com/ahmetb/kubernetes-network-policy-recipes/
5 https://www.youtube.com/watch?v=tq9ng_Nz9j8
6 https://aws.amazon.com/de/blogs/containers/optimize-ip-addresses-usage-by-pods-in-your-amazon-eks-cluster/

Troubleshooting Kubernetes

https://kubernetes.io/docs/tasks/debug-application-cluster/debug-application/
https://kubernetes.io/docs/tasks/debug-application-cluster/debug-running-pod/
https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/
https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/

Helm

https://dzone.com/articles/containerization-and-helm-templatization-best-prac
https://insights.project-a.com/whats-the-best-way-to-manage-helm-charts-1cbf2614ec40

Development

https://cdk8s.io

CICD

Title Link
Image Streams https://docs.openshift.com/container-platform/4.12/openshift_images/image-streams-manage.html
OpenShift pipelines and GitOps https://www.youtube.com/watch?v=TeNETrHuX70
Tekton https://docs.openshift.com/container-platform/4.4/cli_reference/tkn_cli/installing-tkn.html
Newman API testing https://medium.com/velotio-perspectives/api-testing-using-postman-and-newman-6c68c33303fc

OpenShift Runtime

Title Link
RHCOS https://docs.openshift.com/container-platform/4.12/architecture/architecture-rhcos.html

Stuff

Title Link
RH Communities of practice https://github.com/redhat-cop
BundesRZ https://www.youtube.com/watch?v=Ei2w651t0ew

etcd

https://monzo.com/blog/2017/11/29/very-robust-etcd
https://coreos.com/blog/etcd-3.2-announcement
https://coreos.com/blog/announcing-etcd-3.3
https://coreos.com/blog/history-etcd
https://www.slideshare.net/mitakeh/understanding-performance-aspects-of-etcd-and-raft

Audit

https://www.youtube.com/watch?v=WJ3w-hyt0hY

Security

Title Link
Security Contexts and Constraints https://www.youtube.com/watch?v=VtIxFh6cO0Q
Security Profile Operator https://www.youtube.com/watch?v=nUcUl5R9JkQ
Multiple Sites https://access.redhat.com/articles/3220991
Snyk https://snyk.io/blog/10-docker-image-security-best-practices/
Rekor https://github.com/sigstore/rekor

Certificates

Title Link
Certificate Management Using cert-manager https://www.youtube.com/watch?v=YBixH5kX_bQ
Replacing the Default Ingress Cert https://docs.openshift.com/container-platform/4.13/security/certificates/replacing-default-ingress-certificate.html
Disabling Web Console https://docs.openshift.com/container-platform/4.9/web_console/disabling-web-console.html
Custom Web Console Cert https://access.redhat.com/solutions/5902661
Wildcard Certs DNS https://medium.com/@harsh.manvar111/wild-card-certificate-using-cert-manager-in-kubernetes-3406b042d5a2
Automating Certificates https://epam.github.io/edp-install/operator-guide/ssl-automation-okd/

Containers

Title Link
Buildah https://www.youtube.com/watch?v=60MrcHYUT-4
cgroups memory https://medium.com/@betz.mark/understanding-resource-limits-in-kubernetes-memory-6b41e9a955f9
cgroups CPU https://medium.com/@betz.mark/understanding-resource-limits-in-kubernetes-cpu-time-9eff74d3161b

Useful Tools

https://caylent.com/50-useful-kubernetes-tools-for-2020

Stateful Apps

Title Link
Strimzi Kafka Operator https://www.youtube.com/watch?v=GSh9aHvdZco
Production-grade Kafka https://www.youtube.com/watch?v=TDpOM7SNF1k

Service Mesh

istio

https://istio.io/latest/blog/2020/multiple-control-planes/

Envoy

https://www.youtube.com/watch?v=gQF23Vw0keg
https://de.slideshare.net/InfoQ/lyfts-envoy-embracing-a-service-mesh

Extending OpenShift

CRDs

https://www.oreilly.com/library/view/programming-kubernetes/9781492047094/ch01.html
https://book-v1.book.kubebuilder.io

Operators

Title Link
Operator Framework https://www.youtube.com/watch?v=oLAfCKM7RbA

Admission Controllers

https://kubernetes.io/blog/2019/03/21/a-guide-to-kubernetes-admission-controllers/

Custom Scheduler

https://kubernetes.io/docs/concepts/scheduling-eviction/scheduling-framework/
https://kubernetes.io/docs/reference/scheduling/policies/
https://www.youtube.com/watch?v=4TaHQgG9wEg
https://blog.heptio.com/core-kubernetes-jazz-improv-over-orchestration-a7903ea92ca

Data Science Tools

https://www.youtube.com/watch?v=tRJjvWgYqXo

Other Stuff

KubeCon 2019 Sessions

https://www.youtube.com/playlist?list=PLj6h78yzYM2PpmMAnvpvsnR4c27wJePh3

Tools

Title Link
Pureline https://github.com/chris-marsh/pureline

Microservices

https://samnewman.io/talks/principles-of-microservices/
https://martinfowler.com/articles/microservices.html
https://martinfowler.com/bliki/BoundedContext.html
https://martinfowler.com/bliki/CQRS.html
https://martinfowler.com/bliki/DomainDrivenDesign.html

Resiliency

https://www.youtube.com/watch?v=Fup5vHEvU50
https://github.com/bbc/chaos-lambda

DevOps

CALMS
https://www.youtube.com/watch?v=LdOe18KhtT4
https://www.kitchensoap.com/2010/11/07/mttr-mtbf-for-most-types-of-f/

Organization

https://www.youtube.com/watch?v=4GK1NDTWbkY

InnerSource

https://www.youtube.com/watch?v=r4QU1WJn9f8
https://www.youtube.com/watch?v=D3C12ojRcp0
Give back to the OpenSource community by being part of it!

Incident & Problem Management

https://community.monzo.com/t/resolved-current-account-payments-may-fail-major-outage-27-10-2017/26296/95
https://monzo.statuspage.io

Last changed by 
gekart
0
270

Read more

MLOps Engineering on AWS

Welcome to the Generative AI Essentials on AWS. This document contains useful links to complement our April 2025 training.

May 23, 2025
Argo CD

ApplicationSets Repository|https://codefresh.io/blog/how-to-structure-your-argo-cd-repositories-using-application-sets/Repository for Promotion|https://codefresh.io/blog/how-to-model-your-gitops-environments-and-promote-releases-between-them/

May 13, 2025
Create a simple kubeadm managed k8s cluster

aws ec2 run-instances –image-id ami-04a5bacc58328233d –count 1 –instance-type m5.large –key-name arch-kube –tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=KubeCPNode}]' –security-group-ids sg-00602c535f193f185 –subnet-id subnet-0b698c29da2490c1e –associate-public-ip-address

May 12, 2025
Architecting on Kubernetes

Welcome to the Architecting on Kubernetes class. This notes contain a lot of supporting material from public sources that will further improve your understanding of Kubernetes and the corresponding tools.

May 3, 2025
Read more from gekart
Published on HackMD