From 2e9cbf3b84823f24bed28cafe6ff7dbc80f4dcb6 Mon Sep 17 00:00:00 2001 From: Louis-Guillaume MORAND Date: Sun, 11 Feb 2024 17:14:00 +0100 Subject: [PATCH 1/3] Fix build with pandoc --- .github/workflows/generate-offline.yml | 1 + markdown/00-title.md | 3 --- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/generate-offline.yml b/.github/workflows/generate-offline.yml index 351cc96..19a4993 100644 --- a/.github/workflows/generate-offline.yml +++ b/.github/workflows/generate-offline.yml @@ -43,6 +43,7 @@ jobs: sudo apt-get install texlive-fonts-recommended sudo apt-get install texlive-latex-extra sudo apt-get install texlive-xetex + sudo apt-get install -y cm-super - name: Build TXT result run: pandoc -V documentclass=memoir -s $(cat _includes.txt) --toc -o ../output/result.txt diff --git a/markdown/00-title.md b/markdown/00-title.md index ebcee01..138441e 100644 --- a/markdown/00-title.md +++ b/markdown/00-title.md @@ -15,9 +15,6 @@ geometry: - margin=1in fontfamily: - charter -header-includes: -- \usepackage[T1]{fontenc} -- \usepackage{lmodern} page-background: "background5.pdf" titlepage: true titlepage-color: "1b82af" From 4c00f6e36d292f4b33a52d5a88de73a5e5ea74f7 Mon Sep 17 00:00:00 2001 From: Louis-Guillaume MORAND Date: Sun, 11 Feb 2024 17:26:16 +0100 Subject: [PATCH 2/3] adding best practices for ACR + karpenter --- data/en/items/bc_dr.json | 58 ++++++++++++++++++++++++++++++++++- data/en/items/operations.json | 4 +++ 2 files changed, 61 insertions(+), 1 deletion(-) diff --git a/data/en/items/bc_dr.json b/data/en/items/bc_dr.json index b57a359..fadc6ec 100644 --- a/data/en/items/bc_dr.json +++ b/data/en/items/bc_dr.json @@ -183,7 +183,7 @@ } }, { - "title": "If using a private registry, configure region replication to store images in multiple regions", + "title": "If using a private registry (ACR), configure region replication to store images in multiple regions", "guid": "b0803aed-1ca6-4330-816c-92677c6e9935", "priority": "Medium", "description": "Companies that want a local presence, or a hot backup, choose to run services from multiple Azure regions.", @@ -201,5 +201,61 @@ "optionalFields": { "score": {} } + }, + { + "title": "Configure your registry to use zone reduncancy", + "guid": "a4cefd60-f24f-4907-9723-b927300b4c42", + "priority": "Medium", + "description": "Use Azure availability zones to create a resilient and high availability Azure container registry within an Azure region.", + "documentation": [ + { + "title": "Enable zone redundancy in Azure Container Registry for resiliency and high availability", + "url": "https://review.learn.microsoft.com/en-us/azure/container-registry/zone-redundancy" + } + ], + "tags": [ + "all", + "resiliency" + ], + "optionalFields": { + "score": {} + } + }, + { + "title": "Move Container Registry to a dedicated resource group ", + "guid": "7b0bb400-deb6-4914-82da-2e914c9aaa72", + "priority": "Low", + "description": "Because container registries are resources that are used across multiple container hosts, a registry should reside in its own resource group.", + "detail": "Although you might experiment with a specific host type, such as Azure Container Instances, you’ll likely want to delete the container instance when you’re done. However, you might also want to keep the collection of images you pushed to Azure Container Registry. By placing your registry in its own resource group, you minimize the risk of accidentally deleting the collection of images in the registry when you delete the container instance resource group.", + "documentation": [ + { + "title": "Registry best practices - Use dedicated resource group", + "url": "https://learn.microsoft.com/en-us/azure/container-registry/container-registry-best-practices#dedicated-resource-group" + } + ], + "tags": [ + "all" + ], + "optionalFields": { + "score": {} + } + }, + { + "title": "Enable soft delete policy", + "guid": "49919955-fd6c-40f5-9c5c-5a7273c7a935", + "priority": "Low", + "description": "Once you enable the soft delete policy, ACR manages the deleted artifacts as the soft deleted artifacts with a set retention period. Thereby you have ability to list, filter, and restore the soft deleted artifacts. Once the retention period is complete, all the soft deleted artifacts are auto-purged.", + "documentation": [ + { + "title": "Enable soft delete policy", + "url": "https://learn.microsoft.com/en-us/azure/container-registry/container-registry-soft-delete-policy" + } + ], + "tags": [ + "all" + ], + "optionalFields": { + "score": {} + } } ] \ No newline at end of file diff --git a/data/en/items/operations.json b/data/en/items/operations.json index f9b9c85..62d7e88 100644 --- a/data/en/items/operations.json +++ b/data/en/items/operations.json @@ -264,6 +264,10 @@ "title": "AKS Autoscaler", "url": "https://docs.microsoft.com/azure/aks/cluster-autoscaler" }, + { + "title": "Node autoprovisioning (karpenter)", + "url": "https://learn.microsoft.com/en-us/azure/aks/node-autoprovision" + }, { "title": "Cluster autoscaler", "url": "https://learn.microsoft.com/en-us/azure/aks/concepts-scale#cluster-autoscaler" From 915d5a446f43c522202aefc5d3a570d59a5161d2 Mon Sep 17 00:00:00 2001 From: William Le Pommelet <10053686+William-LP@users.noreply.github.com> Date: Wed, 13 Mar 2024 10:55:26 +0100 Subject: [PATCH 3/3] Typo in networking.json --- data/en/items/networking.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/en/items/networking.json b/data/en/items/networking.json index 69bc29e..4445920 100644 --- a/data/en/items/networking.json +++ b/data/en/items/networking.json @@ -264,7 +264,7 @@ } }, { - "title": "Bloc Pod access to VMSS IMDS", + "title": "Block Pod access to VMSS IMDS", "guid": "4fb072a7-0303-46d8-9ecf-d8aa4d69ff83", "priority": "Medium", "description": "By default, Pods have access to VMSS IMDS and can request access token from the attached Managed Identity. This access should be restriced by using Network Policy.",