-->

whaust

2022年12月22日 星期四

2022/12/22

 How to restart a pod without a deployment in K8S?

https://stackoverflow.com/questions/65156414/how-to-restart-a-pod-without-a-deployment-in-k8s


Full-cluster restart and rolling restart

https://www.elastic.co/guide/en/elasticsearch/reference/8.5/restart-cluster.html#restart-cluster-rolling


我如何為 elasticsearch 生成註冊令牌以連接 kibana?

https://elasticstack.blog.csdn.net/article/details/125989411


Elasticsearch:使用不同的 CA 更新安全证书 (二)

https://blog.csdn.net/UbuntuTouch/article/details/125993452


Cannot run elasticsearch with security best practice readOnlyRootFilesystem: true

https://github.com/elastic/cloud-on-k8s/issues/6126


Set up basic security for the Elastic Stack

https://www.elastic.co/guide/en/elasticsearch/reference/8.5/security-basic-setup.html



Problem with configuring https x-pack

https://discuss.elastic.co/t/problem-with-configuring-https-x-pack/292509


elasticSearch(三)window报错:org.elasticsearch.ElasticsearchSecurityException:

https://huaweicloud.csdn.net/search?q=elasticSearch%EF%BC%88%E4%B8%89%EF%BC%89window%E6%8A%A5%E9%94%99%EF%BC%9Aorg.elasticsearch.ElasticsearchSecurityException%3A


Running Elasticsearch, Logstash, and Kibana on Kubernetes with Helm

https://coralogix.com/blog/elasticsearch-logstash-kibana-on-kubernetes/


Cluster health API

https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#


Deploy a secure instance of Elasticsearch on Kubernetes

在 Kubernetes 上部署 Elasticsearch 的安全實例

https://pimwiddershoven.nl/entry/deploy-a-secure-instance-of-elasticsearch-on-kubernetes


Update security certificates with a different CA

https://www.elastic.co/guide/en/elasticsearch/reference/current/update-node-certs-different.html



接下來呢?

https://docs.netapp.com/zh-tw/trident/trident-get-started/kubernetes-postdeployment.html#%E6%AD%A5%E9%A9%9F1%E5%BB%BA%E7%AB%8B%E5%BE%8C%E7%AB%AF


與營運者一起升級

https://docs.netapp.com/zh-tw/trident/trident-managing-k8s/upgrade-operator.html#%E5%8D%87%E7%B4%9A%E5%8F%A2%E9%9B%86%E7%AF%84%E5%9C%8D%E5%85%A7%E7%9A%84%E6%93%8D%E4%BD%9C%E5%93%A1%E5%AE%89%E8%A3%9D


與Trident營運者一起部署

https://docs.netapp.com/zh-tw/trident/trident-get-started/kubernetes-deploy-operator.html#%E6%9C%89%E9%97%9Castra-trident%E7%9A%84%E9%87%8D%E8%A6%81%E8%B3%87%E8%A8%8A22-10


Connecting Applications with Services

https://kubernetes.io/docs/tutorials/services/connect-applications-service/


Day 23: 使用 VS Code 來開發 PHP & Laravel

https://ithelp.ithome.com.tw/articles/10226612


Elasticsearch Helm Chart

https://github.com/elastic/helm-charts/tree/main/elasticsearch


The cluster-info ConfigMap does not yet contain a JWS signature for token ID "cjxj26"

https://stackoverflow.com/questions/68387634/the-cluster-info-configmap-does-not-yet-contain-a-jws-signature-for-token-id-cj


kubernetes报错笔记 (一) calico报错 原创

https://blog.51cto.com/u_14205795/4560662


kubernetes Releases

https://kubernetes.io/releases/


Elastic StackのSSL、TLS、HTTPS設定

https://qiita.com/hamingcode/items/3585053ab8b81fe6532c


污点和容忍度

https://kubernetes.io/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration/


Missing taint: node.kubernetes.io/unreachable:NoExecute when nodes enter NotReady state

https://github.com/kubernetes/kubernetes/issues/101674


Taints and Tolerations

https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/#taint-based-evictions


pod calico-node on worker nodes with 'CrashLoopBackOff'

https://github.com/projectcalico/calico/issues/2720


A lot of kubelet errors : Failed to update stats for container

https://stackoverflow.com/questions/32435859/a-lot-of-kubelet-errors-failed-to-update-stats-for-container


Creating a cluster with kubeadm

https://v1-24.docs.kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/


【從題目中學習k8s】-【Day8】K8s常用指令 (Cheat Sheet)&解題技巧

https://ithelp.ithome.com.tw/articles/10236404


kubectl 备忘单

https://kubernetes.io/zh-cn/docs/reference/kubectl/cheatsheet/


Node type

https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html#node-roles


Start the Elastic Stack with security enabled automatically

https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-stack-security.html


HTTPS on elasticsearch helm chart

https://stackoverflow.com/questions/63339235/https-on-elasticsearch-helm-chart

https://github.com/elastic/helm-charts/blob/main/elasticsearch/examples/security/values.yaml






[Day12] 實作 Kubernetes 裸機 Load Balancer Part2

https://ithelp.ithome.com.tw/articles/10221722


How can I write and append using echo command to a file

https://stackoverflow.com/questions/17189237/how-can-i-write-and-append-using-echo-command-to-a-file


ELK Stack 2 - Secure ELK Stack

https://ithelp.ithome.com.tw/articles/10216666


Enable Elasticsearch security featuresedit

https://www.elastic.co/guide/en/elasticsearch/reference/8.5/get-started-enable-security.html


Internal DNS

https://cloud.google.com/compute/docs/internal-dns?hl=zh-tw


How to Setup Metal LB for Nginx Ingress Loadbalancer IP in Kubernetes 1.25.4

https://hackmd.io/X3I6IwWESzG0agAgsRpg6A?view#How-to-Setup-Metal-LB-for-Nginx-Ingress-Loadbalancer-IP-in-Kubernetes-1254


metallb troubleshooting

https://metallb.universe.tf/configuration/troubleshooting/


[Day12] 實作 Kubernetes 裸機 Load Balancer Part2

https://ithelp.ithome.com.tw/articles/10221722


[ Kube 33.1 ] How to deploy & use MetalLB in bare metal Kubernetes

https://www.youtube.com/watch?v=2SmYjj-GFnE&t=640s



Enforce Pod Security Standards with Namespace Labels

https://kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-namespace-labels/


Bare-metal considerations¶

https://kubernetes.github.io/ingress-nginx/deploy/baremetal/


Pod Security Admission

https://kubernetes.io/docs/concepts/security/pod-security-admission/


metallb installation

https://metallb.universe.tf/installation/


Metallb LoadBalancer is stuck on pending

https://stackoverflow.com/questions/66124430/metallb-loadbalancer-is-stuck-on-pending


metallb external ip pending

https://github.com/metallb/metallb/issues?q=pending



How To Deploy Logstash and Filebeat On Kubernetes With ECK and SSL

https://raphaeldelio.com/deploy-logstash-and-filebeat-on-kubernetes-with-eck-ssl-and-filebeat-d9f616737390


Can change clusterip to nodeport command line without editor?

https://stackoverflow.com/questions/51113399/can-change-clusterip-to-nodeport-command-line-without-editor


我如何為 elasticsearch 生成註冊令牌以連接 kibana?

https://stackoverflow.com/questions/71204472/how-can-i-generate-enrollment-token-for-elasticsearch-to-connect-with-kibana


2022年12月10日 星期六

脅威ハンティング手順 (Threat Hunting Steps)

 Threat Hunting には次のようなステップが含まれます。


1. 目標を定義する:Threat Hunting の計画の目標を明確にする。

2. 検知ルールを設定する:異常な活動を検知するためのルールを設定する。

3. データを収集して分析する:関連するデータを収集して分析する。

4. 脅威を調査して識別する:潜在的な脅威を調査して識別する。

5. 結果を評価して報告する:Threat Hunting の活動の効果を評価し、結果を報告する。


これらのステップは人工知能や機械学習の技術、専門知識や経験を組み合わせる必要があります。有効な Threat Hunting の計画を作成するには、適切なツールやリソース、専門的なチームメンバーが必要です。


人工知能や機械学習は、データの収集と分析を自動化し、異常な活動を検知するのに役立ちます。専門知識や経験は、脅威を特定し、目的や動機を推測し、脅威を阻止するための有効な行動をとるのに役立ちます。


有効な Threat Hunting の計画を作成するには、専門的なチームメンバーと適切なツールやリソースが必要です。これらのツールやリソースには、情報収集プラットフォーム、データ分析ソフトウェア、脅威検知システムなどが含まれます。これらのツールやリソースは、大量のデータを収集し分析し、潜在的な脅威を検知するのに役立ちます。




Popular