Useful Links
Computer Science
Containerization and Orchestration
Container Technology
1. Introduction to Container Technology
2. Fundamental Container Concepts
3. Docker Platform
4. Container Orchestration Fundamentals
5. Kubernetes Deep Dive
6. Advanced Container Topics
Advanced Container Topics
Container Security
Security Threat Model
Attack Vectors
Security Boundaries
Risk Assessment
Image Security
Vulnerability Scanning
Static Analysis
Known Vulnerability Databases
Continuous Scanning
Image Signing and Verification
Content Trust
Notary Integration
Signature Validation
Base Image Selection
Minimal Images
Trusted Sources
Regular Updates
Supply Chain Security
Build Process Security
Dependency Management
Provenance Tracking
Runtime Security
Principle of Least Privilege
User Permissions
Capability Dropping
Resource Limits
Linux Security Modules
SELinux
Mandatory Access Control
Policy Configuration
AppArmor
Profile-Based Security
Application Confinement
Seccomp Profiles
System Call Filtering
Profile Creation
Default Profiles
Container Isolation
Namespace Security
cgroup Limitations
Kernel Vulnerabilities
Kubernetes Security
Pod Security Standards
Privileged
Baseline
Restricted
Security Contexts
Pod Security Context
Container Security Context
Security Policies
Role-Based Access Control (RBAC)
Users and Groups
Roles and ClusterRoles
RoleBindings and ClusterRoleBindings
Service Accounts
Network Security
Network Policies
Traffic Encryption
Service Mesh Security
Admission Controllers
Validating Admission
Mutating Admission
Custom Admission Controllers
Secrets Management
Secret Storage
etcd Encryption
External Secret Stores
Secret Rotation
Secret Distribution
Volume Mounts
Environment Variables
Init Containers
Secret Management Tools
HashiCorp Vault
AWS Secrets Manager
Azure Key Vault
Google Secret Manager
Monitoring and Observability
Observability Pillars
Metrics
Logs
Traces
Container Metrics
System Metrics
CPU Usage
Memory Usage
Disk I/O
Network I/O
Application Metrics
Business Metrics
Performance Metrics
Error Rates
Kubernetes Metrics
Cluster Metrics
Node Metrics
Pod Metrics
Service Metrics
Monitoring Tools and Platforms
Prometheus
Metrics Collection
Time Series Database
PromQL Query Language
Alerting Rules
Service Discovery
Grafana
Visualization Dashboards
Data Source Integration
Alerting
User Management
Kubernetes Monitoring
Metrics Server
kube-state-metrics
Node Exporter
cAdvisor
Logging Strategies
Logging Patterns
Application Logging
System Logging
Audit Logging
Log Collection
Logging Drivers
Sidecar Pattern
DaemonSet Pattern
Log Processing
Fluentd
Log Routing
Data Transformation
Output Plugins
Fluent Bit
Lightweight Agent
Performance Optimization
Logstash
Data Processing Pipeline
Log Storage and Analysis
Elasticsearch
Splunk
Cloud Logging Services
Distributed Tracing
Tracing Concepts
Spans and Traces
Context Propagation
Sampling Strategies
Tracing Tools
Jaeger
Zipkin
AWS X-Ray
OpenTelemetry
Unified Observability
SDK Integration
Collector Architecture
Service Mesh
Service Mesh Architecture
Data Plane
Sidecar Proxies
Traffic Interception
Policy Enforcement
Control Plane
Configuration Management
Service Discovery
Certificate Management
Service Mesh Capabilities
Traffic Management
Load Balancing
Round Robin
Least Connections
Consistent Hash
Traffic Routing
Path-Based Routing
Header-Based Routing
Weight-Based Routing
Circuit Breaking
Failure Detection
Automatic Recovery
Retries and Timeouts
Retry Policies
Timeout Configuration
Security Features
Mutual TLS (mTLS)
Certificate Management
Identity Verification
Authentication and Authorization
JWT Validation
RBAC Integration
Policy Enforcement
Access Control
Rate Limiting
Observability
Metrics Collection
Request Metrics
Error Rates
Latency Percentiles
Distributed Tracing
Automatic Instrumentation
Trace Correlation
Access Logging
Request Logging
Audit Trails
Service Mesh Implementations
Istio
Architecture Components
Pilot
Citadel
Galley
Mixer (deprecated)
Configuration Resources
VirtualService
DestinationRule
Gateway
ServiceEntry
Advanced Features
Multi-Cluster Support
Canary Deployments
Linkerd
Lightweight Architecture
Rust-Based Data Plane
Automatic mTLS
Observability Focus
Consul Connect
HashiCorp Ecosystem
Service Discovery Integration
Multi-Platform Support
Service Mesh Adoption
Migration Strategies
Gradual Rollout
Service-by-Service Migration
Performance Considerations
Latency Impact
Resource Overhead
Operational Complexity
Configuration Management
Troubleshooting
Container Ecosystem and Tools
Container Build Tools
Docker Build
BuildKit Backend
Multi-Platform Builds
Build Secrets
Buildah
Daemonless Building
OCI Compliance
Scriptable Interface
Kaniko
Kubernetes-Native Building
Unprivileged Execution
Cache Optimization
Cloud Native Buildpacks
Source-to-Image
Automatic Detection
Multi-Language Support
Package Management
Helm
Chart Structure
Templates
Values
Dependencies
Chart Repositories
Public Repositories
Private Repositories
Release Management
Installation
Upgrades
Rollbacks
Helm Hooks
Lifecycle Management
Custom Actions
Kustomize
Configuration Management
Overlay Pattern
Base and Variants
Operators
Custom Resource Definitions
Controller Pattern
Operator Framework
Serverless Containers
Knative
Serving Component
Auto-scaling
Traffic Splitting
Eventing Component
Event Sources
Event Brokers
Build Component (deprecated)
Cloud Serverless Platforms
AWS Fargate
Task-Based Execution
ECS and EKS Integration
Azure Container Instances
On-Demand Containers
Virtual Network Integration
Google Cloud Run
HTTP-Based Workloads
Automatic Scaling
Function-as-a-Service Integration
Container-Based Functions
Event-Driven Architecture
Development and Testing Tools
Local Development
Docker Desktop
Minikube
Kind (Kubernetes in Docker)
k3s
CI/CD Integration
Pipeline Automation
Image Building
Security Scanning
Deployment Automation
Testing Strategies
Unit Testing
Integration Testing
End-to-End Testing
Chaos Engineering
Previous
5. Kubernetes Deep Dive
Go to top
Back to Start
1. Introduction to Container Technology