diff --git a/manuscript/ha-docker-swarm/authelia.md b/manuscript/ha-docker-swarm/authelia.md index 8895e58..3e8c0c9 100644 --- a/manuscript/ha-docker-swarm/authelia.md +++ b/manuscript/ha-docker-swarm/authelia.md @@ -1,3 +1,8 @@ +--- +title: Using Authelia to secure services in Docker +description: Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. +--- + # Authelia [Authelia](https://github.com/authelia/authelia) is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion of reverse proxies like Nginx, Traefik, or HAProxy to let them know whether queries should pass through. Unauthenticated users are redirected to Authelia Sign-in portal instead. diff --git a/manuscript/ha-docker-swarm/design.md b/manuscript/ha-docker-swarm/design.md index fb71b4a..a7a5b01 100644 --- a/manuscript/ha-docker-swarm/design.md +++ b/manuscript/ha-docker-swarm/design.md @@ -1,4 +1,9 @@ -# Design +--- +title: Launch your secure, scalable Docker Swarm +description: Using Docker Swarm to build your own container-hosting platform which is highly-available, scalable, portable, secure and automated! 💪 +--- + +# Highly Available Docker Swarm Design In the design described below, our "private cloud" platform is: diff --git a/manuscript/ha-docker-swarm/docker-swarm-mode.md b/manuscript/ha-docker-swarm/docker-swarm-mode.md index 3312666..df89051 100644 --- a/manuscript/ha-docker-swarm/docker-swarm-mode.md +++ b/manuscript/ha-docker-swarm/docker-swarm-mode.md @@ -1,3 +1,8 @@ +--- +title: Enable Docker Swarm mode +description: For truly highly-available services with Docker containers, Docker Swarm is the simplest way to achieve redundancy, such that a single docker host could be turned off, and none of our services will be interrupted. +--- + # Docker Swarm Mode For truly highly-available services with Docker containers, we need an orchestration system. Docker Swarm (*as defined at 1.13*) is the simplest way to achieve redundancy, such that a single docker host could be turned off, and none of our services will be interrupted. diff --git a/manuscript/ha-docker-swarm/keepalived.md b/manuscript/ha-docker-swarm/keepalived.md index 59ea4b0..dee5b75 100644 --- a/manuscript/ha-docker-swarm/keepalived.md +++ b/manuscript/ha-docker-swarm/keepalived.md @@ -1,4 +1,5 @@ --- +title: Make docker swarm HA with keepalived description: While having a self-healing, scalable docker swarm is great for availability and scalability, none of that is worth a sausage if nobody can connect to your cluster! --- diff --git a/manuscript/ha-docker-swarm/traefik-forward-auth/dex-static.md b/manuscript/ha-docker-swarm/traefik-forward-auth/dex-static.md index 8e3334f..f2a33fe 100644 --- a/manuscript/ha-docker-swarm/traefik-forward-auth/dex-static.md +++ b/manuscript/ha-docker-swarm/traefik-forward-auth/dex-static.md @@ -1,6 +1,6 @@ --- -title: Using dex for simple, static authentication with traefik-forward-auth -description: Traefik-forward-auth needs an authentication backend, but if you don't want to use a cloud provider (like Google), you can setup your own simple backend, using Dex +title: Secure Traefik using Dex +description: Traefik forward auth needs an authentication backend, but if you don't want to use a cloud provider, you can setup your own simple backend, using Dex. --- # Using Traefik Forward Auth with Dex (Static) diff --git a/manuscript/ha-docker-swarm/traefik-forward-auth/google.md b/manuscript/ha-docker-swarm/traefik-forward-auth/google.md index 1b8eb0c..2876e62 100644 --- a/manuscript/ha-docker-swarm/traefik-forward-auth/google.md +++ b/manuscript/ha-docker-swarm/traefik-forward-auth/google.md @@ -1,6 +1,6 @@ --- -title: Log into traefik forward auth with Google authentication -description: Traefik forward auth needs an authentication backend, and one of the simplest to setup, allows users to login with their Google account +title: Secure Traefik with Google Auth +description: Using Traefik Forward Auth, you can selectively secure your Docker services, using Google as your authentication backend! --- # Traefik Forward Auth using Google diff --git a/manuscript/ha-docker-swarm/traefik-forward-auth/index.md b/manuscript/ha-docker-swarm/traefik-forward-auth/index.md index 34a85bf..540014b 100644 --- a/manuscript/ha-docker-swarm/traefik-forward-auth/index.md +++ b/manuscript/ha-docker-swarm/traefik-forward-auth/index.md @@ -1,6 +1,6 @@ --- -title: Add oauth2 and oidc SSO to Docker with Traefik Forward Auth -description: Traefik Forward Auth protects services running in Docker Swarm with an additional layer of authentication, and can be integrated into Google, GitHub, even Active Directory auth! +title: Add SSO to Traefik with Forward Auth +description: Traefik Forward Auth protects services running in Docker with an additional layer of authentication, and can be integrated into Keycloak, Google, GitHub, etc. --- # Traefik Forward Auth diff --git a/manuscript/ha-docker-swarm/traefik-forward-auth/keycloak.md b/manuscript/ha-docker-swarm/traefik-forward-auth/keycloak.md index c0278eb..d237d6d 100644 --- a/manuscript/ha-docker-swarm/traefik-forward-auth/keycloak.md +++ b/manuscript/ha-docker-swarm/traefik-forward-auth/keycloak.md @@ -1,6 +1,6 @@ --- -title: Authenticate traefik forward auth with Keycloak -description: Traefik forward auth needs an authentication backend, and a perfect match for the self-hosted enthusiast is Keycloak +title: Secure Traefik using Keycloak +description: Traefik forward auth can selectively secure your Docker services against an authentication backend, and Keycloak is a perfect, self-hosted match. --- # Using Traefik Forward Auth with KeyCloak diff --git a/manuscript/kubernetes/index.md b/manuscript/kubernetes/index.md index eba98d3..403064d 100644 --- a/manuscript/kubernetes/index.md +++ b/manuscript/kubernetes/index.md @@ -1,5 +1,7 @@ -# Why Kubernetes? - +--- +title: Docker Swarm vs Kubernetes (the winner) +description: I cut my cloud-teeth on Docker swarm, but since swarm is all-but-abandoned by Docker/Mirantis, I'm a happy convert to Kubernetes. Here's why... +--- My first introduction to Kubernetes was a children's story: @@ -7,7 +9,7 @@ My first introduction to Kubernetes was a children's story: ## Why Kubernetes? -Why would you want to Kubernetes for your self-hosted recipes, over simple Docker Swarm? Here's my personal take.. +Why would you want to Kubernetes for your self-hosted recipes, over simple [Docker Swarm](/ha-docker-swarm/)? Here's my personal take.. ### Docker Swarm is dead @@ -39,8 +41,8 @@ So let's get on with learning how to use the tool... Primarily you need 2 things: -1. A cluster -2. A way to deploy workloads into the cluster +1. A [cluster](/kubernetes/cluster/) +2. A way to [deploy workloads](/kubernetes/deployment/) into the cluster Practically, you need some extras too, but you can mix-and-match these. diff --git a/manuscript/kubernetes/ingress/traefik/dashboard.md b/manuscript/kubernetes/ingress/traefik/dashboard.md index 26bbdec..4d4f5c2 100644 --- a/manuscript/kubernetes/ingress/traefik/dashboard.md +++ b/manuscript/kubernetes/ingress/traefik/dashboard.md @@ -1,3 +1,7 @@ +--- +title: Traefik Ingress Controller's Dashboard +description: Unlike competing ingresses (*cough* nginx *cough*), the beautiful Traefik dashboard UI is free for all. +--- # Traefik Dashboard One of the advantages [Traefik](/kubernetes/ingress/traefik/) offers over [Nginx](/kubernetes/ingress/nginx/), is a native dashboard available in the open-source version (*Nginx+, the commercially-supported version, also includes a dashboard*). diff --git a/manuscript/kubernetes/ingress/traefik/index.md b/manuscript/kubernetes/ingress/traefik/index.md index 2daf3b8..b0e8733 100644 --- a/manuscript/kubernetes/ingress/traefik/index.md +++ b/manuscript/kubernetes/ingress/traefik/index.md @@ -1,3 +1,7 @@ +--- +title: Why I use Traefik Ingress Controller +description: Among other advantages, I no longer need to replicate SSL certificate secrets for nginx-ingress-controller to consume, once-per-namespace! +--- # Traefik Ingress Controller Unlike grumpy ol' man [Nginx](/kubernetes/ingress/ngnix/) :older_man:, Traefik, a microservice-friendly reverse proxy, is relatively fresh in the "cloud-native" space, having been "born" :baby_bottle: [in the same year that Kubernetes was launched](https://techcrunch.com/2020/09/23/five-years-after-creating-traefik-application-proxy-open-source-project-hits-2b-downloads/). diff --git a/manuscript/sections/README.md b/manuscript/sections/README.md deleted file mode 100644 index 65d4937..0000000 --- a/manuscript/sections/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# What is this? - -This directory exists to allow me to pull in markdown docs into the LeanPub book structure, which won't show up in the online version. diff --git a/manuscript/sections/chefs-favorites-docker.md b/manuscript/sections/chefs-favorites-docker.md deleted file mode 100644 index f3e6a409..0000000 --- a/manuscript/sections/chefs-favorites-docker.md +++ /dev/null @@ -1,3 +0,0 @@ -# Chef's Favorites (Docker) # - -The following recipes are the chef's current favorites - these are recipes actively in use and updated by @funkypenguin diff --git a/manuscript/sections/chefs-favorites-kubernetes.md b/manuscript/sections/chefs-favorites-kubernetes.md deleted file mode 100644 index f3e6a409..0000000 --- a/manuscript/sections/chefs-favorites-kubernetes.md +++ /dev/null @@ -1,3 +0,0 @@ -# Chef's Favorites (Docker) # - -The following recipes are the chef's current favorites - these are recipes actively in use and updated by @funkypenguin diff --git a/manuscript/sections/ha-docker-swarm.md b/manuscript/sections/ha-docker-swarm.md deleted file mode 100644 index b5d7348..0000000 --- a/manuscript/sections/ha-docker-swarm.md +++ /dev/null @@ -1,3 +0,0 @@ -# HA Docker Swarm # - -This section introduces the HA Docker Swarm, which will be the basis for all the recipes discussed. diff --git a/manuscript/sections/kubernetes.md b/manuscript/sections/kubernetes.md deleted file mode 100644 index f1c2c38..0000000 --- a/manuscript/sections/kubernetes.md +++ /dev/null @@ -1,3 +0,0 @@ -# Kubernetes # - -This section introduces the Kubernetes design, which will be the basis for all the recipes discussed further. diff --git a/manuscript/sections/menu-docker.md b/manuscript/sections/menu-docker.md deleted file mode 100644 index a674baa..0000000 --- a/manuscript/sections/menu-docker.md +++ /dev/null @@ -1,3 +0,0 @@ -# Recipies (Docker) # - -Now follows individual recipes. diff --git a/manuscript/sections/menu-kubernetes.md b/manuscript/sections/menu-kubernetes.md deleted file mode 100644 index 4149de0..0000000 --- a/manuscript/sections/menu-kubernetes.md +++ /dev/null @@ -1,3 +0,0 @@ -# Recipies (Kubernetes) # - -Now follows individual recipes. diff --git a/manuscript/sections/reference.md b/manuscript/sections/reference.md deleted file mode 100644 index 18fcf66..0000000 --- a/manuscript/sections/reference.md +++ /dev/null @@ -1,3 +0,0 @@ -# Reference # - -Now follows useful elements which are not full recipes.