great video!

agree 100% with your selection, I would add operators, trivy, grype, ondat, synk

@@CloudNativeJanitor Initially, the list was much bigger and had a tendency to become very big so I limited myself to 10. Those you mentioned were excluded not because I did not think (some of them) should not be in the list but because of the self-imposed limit of 10.

@@DevOpsToolkit yes, it makes sense, the landscape is huge, it would be very interesting to see what everyone's favourite 10 tools are? KubeVela and Pomtail are new to me, that is what I like about your channel, I am guaranteed to learn new things and expand on my knowledge, thank you very much

Great list! I need to setup my own home lab one of these days.

Thanks a ton @touchthesun

Thanks a ton!

Oh yeah. OhMyZSH is awesome and I honestly don't know how I would work without it.

Velero is the one I use the most.

By application I mean code of an app packaged as a container image and meant to run in Kubernetes. Or, in other words, whatever we are developing and want to make available to our customers.

I fully agree with that. We need to move the complexity into clusters (operators) and, from there on, a simple yaml should suffice to create the needed resources based on CRDs.

I'm doing my best to always introduce something new in every video. That's sometimes very challenging so I end up with videos like this one :(

@@DevOpsToolkit No need to apologize, you are always putting the best stuff ever

I agree. Still, many apps are only defined as helm charts and while I heavily lean towards kustomize, it might be hard for many to rewrite charts. In any case, kustomize rules :)

Oh yeah. Those are very important. Maybe I should have made it top 20 so that more can enter?

@@DevOpsToolkit yes top 20 would have covered important & necessary tools.

I'll do that the next time :)

It's not about adding tools on Rancher but rather to Kubernetes itself :)

Not yet. It is on my to-do list but I cannot yet say when I'll get to it. The list is growing much faster than i can handle. What i can say is thst, apart from having a dedicated video, it will be featured in kzbin.info/aero/PLyicRj904Z9-FzCPvGpVHgRQVYJpVmx3Z since it is a CNCF project.

It's still a very similar list. I'll add it to my TODO list to create a new (updated) one.

Yes, you can. Among others, you can use Cert Manager with the Let's Encrypt issuer for that.

CertManager can operate as a CA based on its own self-signed cert, then hand out certs signed by itself. You would then install the public key to browsers so that they trust any cert made by that CA. Alternatively, if you can, you can get a wild-card cert from LetsEncrypt for a domain you control, then use that. Your internal services would be registered against that name, even though they are only accessible internally (nothing stops you from setting a .com address to point at 192.168.1.1, for example).

I just realized that you asked about intranet and not internet sites. In that case, the saynay answer is the correct one.

@@saynay302 Thank you, I'll try it out.

I prefer Kustomize over Helm for my own apps. It's more elegant and, generally speaking, I prefer overlaying (Kustomize) over templating (Helm). Also, it's part of `kubectl`. You might want to check kzbin.info/www/bejne/kH6pioajZdGXh5I.

OAM with, let's say, KubeVela, expands into whichever Kubernetes resources you tell it to expand so it can be anything, including canary deployments with Argo rollouts or flagger.

@@DevOpsToolkit sorry for asking you without checking it, but can we achieve the same with crossplane instead kubevela?

@@betorvs Oh yeah. Crossplane Compositions serve a similar purpose as KubeVela. Both can be used to create new CRDs with corresponding controllers. Personally, I replaced KubeVela with Crossplane. However, I am also heavily invested in Crossplane so I'm trying to retain some level of objectivity by not recommending it exclusively.

@@DevOpsToolkit and do you have any example of using crossplane composition for it? Maybe some git repo? Thanks for your time and videos. They are amazing!!!

@@betorvs I have quite a few examples stored in github.com/vfarcic/devops-toolkit-crossplane. That repo alone might be too confusing so you might want to check out the videos in kzbin.info. That's where I publish most of the Crossplane-related videos since I joined Upbound. Just as in this channel, there is always a Gist with all the commands I run in a demo. Please let me know if you have trouble finding a video that specifically talks about the apps (quite a few do) and I'll get back to you with a direct link to it.

We already started working on the VSCode language syntax (marketplace.visualstudio.com/items?itemName=Upboundio.upbound). It's in early stages, but we're getting there. We're also working on other ways to define/template/overlay/etc. Crossplane compositions but we're still not 100% sure how it'll look like so I'll avoid giving more details until that's clarified.

That would be an interesting subject for an upcoming video. Until then, and assuming that it's about chaos through Kubernetes, I'd say that the two essential tools are a service mesh and a chaos engine. Service mesh should probably be whichever you use for other things (e.g., Istio, LinkerD, etc.). As for chaos itself, it can be Chaos Mesh, Chaos Toolkit, Litmus, etc. All of those are relatively young and tend to change very fast and, with those changes, the recommendations are changing fast as well. In any case... I'll add that to my TODO list... :)

KinD runs Kubernetes in a container which is great is you're using Docker. However, Rancher Desktop is standalone and is a full replacement for both Docker and Kubernetes. It's free, it's based on k3s (which I think is the best choice for local k8s), etc. Take a look at kzbin.info/www/bejne/m6e6gZyYZc6Bnbs.

I did not put it only because of the self-imposed limitation to 10 tools. I don't think that Skaffold or another similar type of tool should take the place of any of those I included in the video. If it would be "top 20", Skaffold would probably be in it.

Most of those are available as videos for free on this channel :)

Crossplane is built on top of Kubernetes with all the good things that brings to the table. Terraform does not have an API, continuous drift-detection and reconciliation, and many other things that are inherent part of Kubernetes and, therefore Crossplane. Then there is state management in Terraform that is challenging, to say the least. Further on, by being Kubernetes-native, it integrates with any other Kubernetes-native tool like Argo CD, Flux, Kyverno, Prometheus, Loki, etc. Further on, Crossplane has a concept of Compositions which is a way to create your own CRDs and controllers that define what something is by extending Kube API. To put it in other words... The same reasons why one would use Kubernetes to manage applications instead of doing the operations with a CLI are just as valid as reasons to use Kubernetes to manage any other type of resources. So, the question is whether Kubernetes is a good way to manage resources. The answer might be that it isn't. But, if it is, it should not matter what those resources are, be it containers, VMs, WASM, EC2 instances, DBs, clusters, or anything else. The benefits or downsides (depending on how you look at it) are the same no matter what those resources are. Now, if we do settle that Kubernetes and the ecosystem around it is a good thing, than we need to look for tools designed to leverage it (to be designed on its principles). When it comes to infrastructure and services, Crossplane is one of a few. Depending on what you need, you might opt for Cluster API, or KubeVirt, or something other than Crossplane, as long as that something follow the Kubernetes principles. Terraform, unfortunately, doesn't. It was designed long before Kubernetes was born. Many tried to put it inside Kubernetes, and no one succeeded simply because it's design is at ods with it.

JSPolicy is great but I don't think it's getting as much love and traction as, let's say, Kyverno. Also, with the introduction of Validating Admission Policy in Kubernetes v1.26, the game is going to change for all those tools. Now we finally have a standard API.

Will do. Adding it to my TODO list... :)

@@DevOpsToolkit thanks boss! Love your videos

I probably did not express myself well. You can definitely define kiss resource that constitute an app (or anything else) as a helm chart. What I wanted to say is that I prefer kustomize for internal apps.

@@DevOpsToolkit To clarify: this was in reference to idea that Crossplane or Kubevela is required to manage apps.

I would not say that those are required but that defining apps as CRs might be the next step forward. If it is, than Crossplane and KubeVela are a potentially helpful tools to create the Cards and controllers (operators) required for CRs to do what they need to do. A good example would be KNative. I am suggesting that something similar to it can be done with our own company-specific definitions.

There are quite a few others that should be included but were not. I limited it to 10 to avoid going into the rabbit hole of everything anyone might need when working with Kubernetes.

There are many things wrong with kubectl, but I'm not sure how does that relate to cost? I'm curious to know more about what you mean.

@@DevOpsToolkit thanks for you sharing about the kubectl. The idea of the kubectl is kick IT out of the process and reducing the effort on IT job. But in reality we still get control from IT so we have to pay for IT and also the cloud. When it come to company policy update or security update, It request these back to us to do their job because we are sub owner. To me that make kubectl idea is worsting idea ever

@@Dai-corporation kubectl is just a CLI that sends requests to KubeAPI. It's a helper tool and nothing more. We could do all the same actions by sending `curl` requests to KubeAPI. As such, I am not sure I understand how could kubectl "kick IT out of the process". As for reducing the effort... Aren't we all trying to reduce the effort? Isn't that the whole point?

@@DevOpsToolkit i dont think that we are on the same page. I am talking about the idea and purpose of using kubectl.

Kubectl is just a short way that I call the kubernestes :d. Sorry if that make you confuse.

Thanks a ton!

Thanks a ton Tal.