log2rbac Operator

Kubernetes operator that helps you to set up the RBAC rules for your application. If requested, it scans the application's log files for authorization errors and adds them as exceptions/rights to the associated {Cluster}Role. It is like having a sudo command for your service accounts. However, with great power comes great responsibility. The goal of the tool is to find the minimum set of rights that is needed for your workload to run instead of using the cluster admin for everything.

rbac kubernetes kubernetes-operator controller

Spark Operator

Operator for managing the Spark clusters on Kubernetes and OpenShift.

spark kubernetes openshift kubernetes-operator controller

Abstract Operator

Library for creating the operators for Kubernetes and Openshift.

kubernetes kubernetes-operator openshift

Bitcoin Insights

Analysis of Blockchain transaction captured in a project that uses Jupyter notebook with GraphFrames and NetworkX, spark-notebook with GrapX. Notebooks attaches to a Spark cluster deployed in a standalone mode, everything containerized and running in Kubernetes or OpenShift.

Spark Bitcoin data jupyter kubernetes

Autoscaling Generative AI Workloads

at KCD Praha 24

Short lightning talk about KEDA being used as autoscaler for AI/ML workload. Stable diffusion model was used as an example that generates images based on the text input. Demo application was scaling the worker pods based on the length of message queue. I also briefly talks about pitfalls of GPU intensive workloads on K8s.

( recording )

KEDA AI/ML KCD kubernetes 2024

Multi-Cloud Global Content Distribution at Cloud Native Speeds

at OpenSourceSummit EU 24 @ Vienna

If you’ve been globally distributing digital content for a while, you’ll understand that merely having numerous datacenters with advanced caching patterns isn’t sufficient. When your users need to retrieve an object that’s available in different locations worldwide, they should ideally be directed automatically to the location that’s nearest and fastest for the best experience. Cloud service providers typically offer services to handle this for you within their own clouds, but what if you are running a multi-cloud or hybrid environment? K8GB is a cloud-native solution that handles GeoDNS across heterogeneous environments and enables you to reach the same level of multiregion service resilience offered by cloud providers.

( recording , slides )

k8gb oss kubernetes 2024

k8gb meets Cluster API

at FOSDEM 24

In this talk we will be talking about an open-source way to fully automated K8s clusters that can host workloads that can survive any failure, using pure DNS as the underlying tool for switching the communication among available Kubernetes clusters. No single vendor lock-in. Workloads can be deployed in AWS, Azure, GCP, on-prem. The only common denominators are Kubernetes and Cluster-API.

( recording , slides )

k8gb FOSDEM Cluster-API kubernetes 2024

CRUDing Kubernetes Clusters with Cluster API @ KCD Bratislava 23

These days k8s namespaces don't provide enough isolation for our cloud native experiments. It's much easier to give a user the whole cluster to play with. Let them to break it; repeat. However, this assumes the cluster creation and deletion is an easy thing to do. Also there should be a nice API for that, not just some 5 years old web. Have you ever heard about clusterctl? If not, then come to this talk to learn how easy it is to start using it. If yes, then come to this talk to learn how hard it is to use it in production. Cluster API (CAPI) is a unique standardization effort among multiple cloud providers such as GCP, AWS, Azure but can also work with on-prem solutions such as OpenStack, KVM or vSphere. It allows you to dedicate one cluster in your infra as a control plane for creating the workload clusters. If you are into self-replicating robots, you are going to love this API!

Cluster-API KCD kubernetes 2023

log2rbac @ DevConf mini 22

If you have ever developed an operator pattern for Kubernetes, you have probably had to tweak your service account and assign it to a role. Setting up the RBAC correctly is not that hard, but it's not fun and it distracts you from the real problem the operator is about to solve. This often leads to assigning the cluster admin to the operator and neglecting the security altogether. Log2rbac is a tool (yet another operator) that aims to solve this issue. It assists you with setting up your RBAC roles that are tailored for your application's needs. Come to see this talk and learn more.

log2rbac DevConf kubernetes-operator kubernetes 2022

Kubernetes 101

Let's go together through the cloud native landscape and explore all the goodies that may help you to develop scalable and reliable distributed systems. Hopefully, you will leave this talk with basic understanding of Kubernetes and motivated to use it in production.

kubernetes yaml minikube kubernetes-operator 2019