We're using prometheus/grafana for monitoring.
We receive high node cpu usage with over 80% from node exporter, but using kubectl top nodes shows a much smaller value (around 20%). Which is frustrating!
First thing is: which one is true ? and how do we correctly monitor our cpu usage ?
MinIO native audit logs streams all events (both 2xx and non-2xx), it does not provide filtering options, also the webhook is synchronous.
What is the production recommended practice to enable tracing in production for MiniO ? Doesn't logging all events would load servers with logs?
There is ` mc admin trace --errors` that filters events but it gives live events, not historical for tracing.
We use nextjs for frontend services, currently we need two branches to build image with its env variables for preprod and production environments (same codebase, different .env).
Is there a workaround for this, it seems a bit redundant to have two images with only env differences?
I recently joined a startup as a DevSecOps engineer. They run their workloads on k3s multi node clusters, but they miss so much on the security side.
Basic security isn’t applied: firewall is disabled on servers, no network policies, no RBAC ,access is allowed from anywhere to everywhere.
What is the best way to reconfigure our systems without destroying things? (we’re talking production clusters)