Skip to content

Using Kubernetes production best policies to run the k8s manifest files through Datree.io to prevent Kubernetes misconfigurations from ever reaching production. 🛠️👨‍💻

License

Notifications You must be signed in to change notification settings

Snehomoy100/DevTool-API-Cloud-Native-Hackathon-2021

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 
 
 

Repository files navigation

CloudNativeHackathon2021

NAME OF THE PROJECT: DEVTOOL API

Video Demo of the project

Watch the video

Dependencies License

Programming languages & Tools used:

Python Docker Kubernetes GitHub Actions SQLite

Sponsor Tools used:

Datree.io

Devtron

Civo

About the project⭐

Using Kubernetes production best policies to run the k8s manifest files through Datree.io to prevent Kubernetes misconfigurations from ever reaching production.

  • Clusters are created using Kubernetes in Civo
  • DevOps(Configurations, etc)
  • Flask API integration
  • Python runs Datree commands and POST request to API
  • Metrics and logs of the configurations are checked using Grafana (Devtron)
  • Notification to the user using Twilio

Pull request to Datree: PRtoDatree

Reference: Kubernetes production best policies

Added next custom policies recommended for production environment✅:

  • CUSTOM_CONTAINERS_PODS_MISSING_OWNERS
  • CUSTOM_CONTAINERS_MISSING_LIVENESSPROBE
  • CUSTOM_CONTAINERS_MISSING_READINESSPROBE
  • CUSTOM_CONTAINERS_MISSING_IMAGE_TAG
  • CUSTOM_CONTAINERS_MIN_REPLICAS
  • CUSTOM_CONTAINERS_MISSING_PODANTIAFFINITY
  • CUSTOM_CONTAINERS_RESOURCES_REQUESTS_AND_LIMITS
  • CUSTOM_CONTAINERS_RESOURCES_REQUESTS_CPU_BELOW_1000M
  • CUSTOM_CONTAINERS_TECHNICAL_LABELS
  • CUSTOM_CONTAINERS_BUSINESS_LABELS
  • CUSTOM_CONTAINERS_SECURITY_LABELS
  • CUSTOM_CONTAINERS_RESTRICT_ALPHA_BETA

Policy type: Containers

Setup Process📝

  1. Clone the project: https://github.com/Snehomoy100/Cloud-Native-Hackathon-2021.git
  2. Then go to cd Cloud-Native-Hackathon-2021 ->cd api
  3. Set up the virtual environment using source env/bin/activate
  4. Install the required modules pip install -r requirements.txt
  5. Directory will look as follows:

directory

Docker🐋

By default, the Docker will expose port 5000, so change this within the Dockerfile if necessary. When ready, simply use the Dockerfile to build the image.

cd api
docker build -t imageonhack .

Workflow of our project

Workflow

About

Using Kubernetes production best policies to run the k8s manifest files through Datree.io to prevent Kubernetes misconfigurations from ever reaching production. 🛠️👨‍💻

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •