Cloud technologies are fun. They speed up projects, ease changes, reduce cost
and improve security and reliability. Cloud-for-fun is a set of code samples
to illustrate some of those Cloud technologies. It sustains, with simple tests
and a few of my blog articles. Have a look,
contact me on and open issues if you need...
The blog directory contains projects that supports blog entries from
www.carnage.sh/blog. Below is the list
of them with some links to the blog posts:
- eks-terraform is an example of an AWS Kubernetes EKS cluster built with Terraform 0.12+, see EKS with terraform 0.12
- elasticsearch-stack
provides an example of managing docker logs with Fluentd, Elasticsearch and
Grafana. It nicely completes
prometheus-stack, see Managing logs with Fluentd, ElasticSearch and Grafana - kops-aws, knative-serving, knative-istio, knative-build, and knative-eventing are a set of resource to show how you can use the various Knative components
- kubeadm-aws provides a set of resources to create a Kubernetes vanilla configuration on AWS, see Installing Kubernetes 1.14 with Terraform and Kubeadm
- nlb-security contains a set of terraform resources that create a NLB to balance the load with an instance and test how you can setup security with security groups on the target instance.
- prometheus-alert
demonstrates a how to monitor URL and how to notify Ops on Slack. It relies
on
blackboxandalertmanager, see Monitoring URL and notifying Ops with Prometheus - prometheus-consul show how Prometheus can dynamically discover and monitor a service that registers in Consul. See Monitoring services with Prometheus and Consul
- prometheus-envoy
is basically an enhanced version of
prometheus-consulthat relies not only on Consul connect but also on Envoy for the same purpose. - prometheus-mtls relies on Consul Connect to prevent direct acces to Prometheus exporters and force mutual authentication with TLS between the server and its exporters...
- prometheus-stack provides an example of an API developed with NodeJS that embeds Prometheus custom metrics. It also includes Prometheus and Grafana. see Prometheus in Action (1/3), (2/3) and (3/3) for some details.
- red-black provides an example of an API that can be started/stopped, registers in consul and is accessible via Traefik. It shows blue/green updates as explained in Red/Black Updates with Consul and Traefik
- simple-op provides
a simple operator built with
operator-sdkand documented in Building an Operator with operator-sdk and Deploying an Operator with OLM. - vault-101 is a simple Vault built on top of a Consul cluster. It can easily be used to explore some feature from Vault, refer Generate TLS Certificates with Vault
- vault-audit is an example of Vault Audit trails being sent into an Elasticsearch with fluentd. It provides a whole stack and addresses some of the concerns of such an infrastructure, see Managing Vault Audit Trails in Elasticsearch
- vault-kubernetes demonstrates how to use Vault's Kubernetes Authentication Method quite easily. For more detailled instructions, see Vault's Kubernetes Authentication
- vault-mysql explains how to use Vault with a database to provide always changing passwords and request those on-demand or on application startup, see Rotate database passwords with Vault