Hey Argo CD fam...what's the largest single deployment you've ever seen? When I say "Deployment", I literally mean a single Kubernetes Deployment. How many clusters? How many Projects? How many Applications? Working with someone and not sure if we should do a single Argo CD for all their clusters and tenants or if we should break it up by cluster.
mlbiam :kubernetes:
@mlbiam@infosec.exchange
- 232 Followers
- 234 Following
- 206 Posts
Dad, CTO of Tremolo Security, co-author Kubernetes and Docker: An Enterprise Guide 2nd Ed. Toots on all things Kubernetes, security, and identity
You know we've written a real banger when someone from a competing solution comes up to you and says we really nailed enterprise kubernetes in Kubernetes: An Enterprise Guide. just sayin. Packt's basically giving the book away. Get the dead tree, it comes with a free PDF version so you can more easily run the labs. And don't forget to checkout our YouTube channel where we're streaming every chapter's labs! https://www.amazon.com/dp/B0CT8M958T
If you're using OpenUnison, we're looking for help testing out our new kubectl authentication plugin! Any feedback would be greatly appreciated! https://www.reddit.com/r/kubernetes/comments/1k4dlvm/help_testing_new_openunison_kubectl_login_plugin/
Let's talk Kubernetes authentication! We're talking chapter 6 from Kubernetes: An Enterprise Guide at the CNCF virtual book club! https://community.cncf.io/events/details/cncf-kubernetes-virtual-book-club-presents-virtual-meetup-kubernetes-an-enterprise-guide-integrating-authentication-2025-01-24/
Virtual Meetup - Kubernetes – An Enterprise Guide (Integrating Authentication) | CNCF
Virtual Event - Kubernetes – An Enterprise Guide: Effectively containerize applications, integrate enterprise systems, and scale applications in your enterprise, Second Edition by Marc Boorshtein, Scott Surovich
Kubernetes: An Enterprise Guide Chapter 1 - Docker at noon EST! There will be thrills! Chills! DOCKER! Hope to see you there! https://buff.ly/3PNfsPe
Wednesday Jan 8 at 12:00 PM EST - Scott and I are going to live stream the first chapter's lab from Kube: An Enterprise Guide - Docker and Container Essentials. Come join us, bring your book and your questions! https://buff.ly/3W3A2i7
OpenUnison+Argo Workflow SSO on login:
Creates the ServiceAccount and annotation with secret
Provisions and deprovisions ServiceAccount to (Cluster)RoleBindings based on mapping
Gives both visibility and easy access!!!
https://buff.ly/3ZWFO7p
OpenUnison and Argo Workflows
SSO with Argo Workflows, just-in-time provisioning the service account and (cluster)rolebdings for access
Securely access your Kubernetes clusters from GitHub actions workflows with no static credentials, keys, or ServiceAccount tokens using OpenUnison. Start with how GitHub actions handles identity, then how to validate that identity and exchange it for a kubectl configuration.
https://buff.ly/3ZDjdws
https://buff.ly/3ZDjdws
I know clickops gets lots of hate but you just can't beat immediate feedback when someone puts in bad input.
Use your workflow identity with Kubernetes and OpenUnison without ServiceAccounts. First, we're going to use GitLab's native job identity to call our cluster's APIs.
https://buff.ly/4fVkp3H
https://buff.ly/4fVkp3H
