105 articles
Kompletní průvodce zabezpečením Kubernetes clusterů v roce 2026. Od supply chain security přes eBPF runtime ochranu...
Key Vault pro secrets, keys, certificates. RBAC, Managed Identity a rotation.
Jak rozdělit síť do bezpečnostních zón. VLANy, subnety, mikrosegmentace.
Hybrid architektura, Azure Arc, AWS Outposts, Anthos a networking.
Custom controllers pro automatizaci aplikačního lifecycle v Kubernetes.
Kubernetes package manager. Vytvoření, konfigurace a nasazení Helm chartů.
Srovnání AWS CloudFormation a Terraform. Kdy použít co.
GitOps deployment with ArgoCD. Automatic synchronization of K8s clusters with Git repositories.
Multi-cloud architecture, vendor lock-in, abstraction layers, and real trade-offs.
Provoz stateful aplikací na Kubernetes. Databáze, message brokery, storage classes a data persistence.
Auto-discovery služeb, Docker/K8s integrace, Let's Encrypt.
How to isolate pods in Kubernetes. Ingress, egress rules.
Azure Kubernetes Service. Node pools, Azure CNI, Workload Identity a monitoring.
GitOps s Flux. Automatická synchronizace, image automation a Helm releases.
Build, test, scan, push, deploy. GitHub Actions + ArgoCD.
DR strategie, RTO/RPO, multi-region setup a testování.
Kompletní monitoring pro Kubernetes. Prometheus, Grafana, alerting.
GKE Autopilot vs Standard, Workload Identity, Config Connector a Gateway API.
Complete introduction to Docker. Containers, images, volumes, and first deployment.
Pod Security Standards, network policies, image scanning a RBAC.
Serverless kontejnery na Google Cloud Run. Deploy, autoscaling a konfigurace.
Podman — daemonless, rootless alternativa k Dockeru.
Crossplane compositions, claims, XRDs a GitOps workflow.
StatefulSets for stateful applications in Kubernetes. Ordered deployment, stable network identity.
Optimalizace Docker images pomocí multi-stage builds. Menší images, bezpečnější produkce.
Role-Based Access Control v Kubernetes. Roles, ClusterRoles, bindings a service accounts.
CloudFront distribuce, cache policies, Lambda@Edge, CloudFront Functions a origin failover.
Kaniko umožňuje buildovat Docker obrazy v Kubernetes bez Docker daemonu. Bezpečné CI/CD v kontejnerech.
Multi-cloud serverless deployment. Lambda, Azure Functions, Cloud Functions jedním nástrojem.
Izolace tenantů v Kubernetes. Namespace isolation, Network Policies, OPA Gatekeeper a virtual clusters.
ClusterIP, NodePort, LoadBalancer a Kubernetes networking model.
RollingUpdate, Recreate, Blue-Green a Canary v Kubernetes.
Serverless výhody a nevýhody — Lambda, Functions, kdy použít a kdy ne.
Kustomize pro overlay-based Kubernetes konfigurace. Base, overlays a patches.
Mac vs Linux for developers — hardware, software, terminal, ecosystem.
Jak debugovat problémy v Kubernetes. Kubectl příkazy, events, logs a ephemeral containers.
Service Bus queues, topics, sessions, dead-letter queue a transactions.
Istio architektura, traffic management, mTLS a observabilita.
Správná konfigurace CPU a memory pro pody. Requests, limits, QoS a OOMKill.
Native terraform test, Terratest, OPA policy-as-code a plan validation.
Flux CD v2: multi-tenancy, Helm releases, image automation a notifikace.
Bezpečný K8s cluster. RBAC, network policies, pod security, secrets.
CloudWatch metriky, logy, alarmy, Logs Insights a Synthetics.
K8s vs Swarm — complexity, features, ecosystem, and when to use which.
Síťový firewall v Kubernetes. Ingress a egress pravidla, namespace izolace.
Performance, features, complexity and when to choose which mesh.
Managed vector DB — setup and RAG integration.
Front Door routing, WAF politiky, caching a Private Link origins.
Porovnání IaC nástrojů: jazyk, state, ekosystém a kdy který zvolit.
Event Grid topics, subscriptions, filtering, dead-lettering a CloudEvents.
Validating and Mutating admission webhooks. Policy enforcement, auto-injection, and security in K8s clusters.
Kubernetes networking model. CNI pluginy, Service types, Ingress controllery a DNS.
Fan-out, Step Functions orchestrace, CQRS a event sourcing na serverless.
Optimalizace Dockerfile pro menší images, rychlejší build a bezpečnost.
Kubernetes troubleshooting flowchart — Pod not starting, CrashLoopBackOff, networking.
Optimalizace nákladů na Kubernetes. Right-sizing, spot instances, resource quotas a cost visibility nástroje.
Right-sizing, reserved capacity, spot instances, tagging a governance.
Service mesh pro mikroservisní architektury. Istio vs Linkerd, mTLS, traffic management a observability.
Consul service discovery, Connect proxy, intentions a multi-datacenter.
S3 lifecycle policies, replication, event notifications, Object Lock a access policies.
Jak šifrovat data na disku. AES-256, LUKS, cloud KMS, database encryption.
Routing, aggregation, authentication, rate limiting.
Pub/Sub topics, subscriptions, exactly-once delivery a BigQuery export.
Apache Pulsar odděluje compute od storage. Multi-tenancy, tiered storage a Pulsar Functions.
Infrastructure as Code v TypeScript, Python nebo Go. Alternativa k Terraform.
GitOps on Kubernetes — ArgoCD with UI vs FluxCD native in K8s.
Fault injection, circuit breaking, request mirroring a header-based routing.
How to properly manage secrets in K8s. External Secrets, Sealed Secrets, Vault.
Nejpoužívanější kubectl příkazy pro každodenní práci s Kubernetes.
Cloud Functions 2nd gen, Eventarc triggery, concurrency a secrets.
Firestore datový model, real-time listeners, security rules a offline podpora.
CDK constructs L1/L2/L3, stacks, aspects a testing.
Remote state, locking, moved blocks, import and CI/CD pipeline.
IAM policies, roles, STS, permission boundaries a least privilege best practices.
Managing Terraform state in team. Remote backend, locking, state operations.
Vývoj Kubernetes operátoru s Operator SDK. Reconciliation loop, finalizers a status management.
Checklist for production Kubernetes cluster — networking, security, monitoring.
Sprava Docker images. ECR, ACR, GCR, Harbor.
Infrastructure jako Kubernetes resources. Crossplane compositions a claims.
Infrastructure as Code with Terraform. Providers, resources, state, and first deployment.
Automatická synchronizace DNS záznamů z Kubernetes Services a Ingress.
Logic Apps designer, konektory, Standard vs Consumption a error handling.
Reusable Terraform modules. Structure, registry and best practices.
Static hosting with S3 and CDN distribution via CloudFront.
Terraform od základů — providers, resources, state, modules, best practices.
BigQuery architektura, partitioning, clustering, ML a cost control.
IaC best practices. Terraform modules, state management, testing a drift detection.
Serverless functions on AWS. Triggers, cold start, layers, and best practices.
Strategie zálohování a obnovy Kubernetes clusterů. Velero, etcd backup, PV snapshots a DR plány.
Backup checklist — 3-2-1 rule, testing, retention, encryption.
GitOps principles, ArgoCD, ApplicationSets, and progressive delivery.
VPC design, subnets, NAT Gateway, Transit Gateway, and security groups.
Drift detection, terraform plan -refresh-only, prevention and remediation.
Kubernetes Event-driven Autoscaler. Scaling based on queues, metrics, and external sources — down to zero.
Comparison of the three major cloud providers — services, pricing, and ecosystem.
Automatic CPU and memory configuration for containers. Recommendations and auto-update.
Elastic Kubernetes Service. Cluster setup, node groups, Fargate profiles, IRSA a add-ons.
HTTP routing v Kubernetes. Nginx Ingress, Traefik, TLS terminace a path-based routing.
Encrypted secrets for GitOps. Safely storing secrets in Git repositories.
Rozšíření Kubernetes API vlastními resource typy. CRD definice, validace, verzování a best practices.
Helm charts v GitOps workflow. Chart design, values management, dependency management a automated upgrades.
Serverless na Azure. HTTP triggers, bindings, Durable Functions.
Pod lifecycle in Kubernetes. Phases, init containers, probes, and graceful shutdown.
Docker vs Podman — daemon, rootless, ecosystem, and migration.
Elastic Container Service. Task definitions, services, Fargate vs EC2, service discovery.