Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It automates known techniques to steal and collect service accounts, obtain further code execution, and gain control of the cluster.

youki is an implementation of the OCI runtime-spec in Rust, similar to runc.

Automated Cloud Advisor is an extensible tool that aims at facilitating cost optimization in AWS, by collecting data for resources that are under utilized. In addition, this is a great learning tool for new DevOps/Cloud engineers that want to start automating things in AWS.

How long does it take to read the time? How would you time time? These strange questions came to the fore back in 2014 when Netflix was switching services from CentOS Linux to Ubuntu, and I helped debug several weird performance issues including one I'll describe here.

pgmetrics is an open-source, zero-dependency, single-binary tool that can collect 350+ metrics from a running PostgreSQL server and display it in easy-to-read text format or export it as JSON and CSV for scripting.

Updated October 2021.

1. Nearly 90 percent of Kubernetes users leverage cloud-managed services
2. Amazon ECS users are shifting to AWS Fargate
3. The average number of pods per organization has doubled
4. Host density is 3 times higher on Kubernetes than on Amazon ECS
5. Pod auto-scaling is becoming more popular
6. Organizations are deploying more stateful workloads on containers
7. Organizations running container environments create more monitors
8. Organizations are starting to replace Docker with containerd as their preferred runtime for Kubernetes
9. OpenShift adoption is growing rapidly
10. NGINX, Redis, and Postgres are the top three container images

An instant GraphQL API to query your cloud infrastructure and configuration so that you can solve a host of complex security, compliance, and governance challenges 10x faster.

Continuous profiling for analysis of CPU, memory usage over time, and down to the line number. Saving infrastructure cost, improving performance, and increasing reliability.

Adventures in refactoring a decade-old feature without ruining it for everyone

Algo VPN is a set of Ansible scripts that simplify the setup of a personal WireGuard and IPsec VPN. It uses the most secure defaults available and works with common cloud providers. See our release announcement for more information.