----- Kubernetes -----Run Kubernetes On Your MachineCreate Pods With Imperative CommandsK3s Cluster Made Easy With Multipassk0s: Kubernetes in a Single BinaryUsing a ServiceAccountGive Access To Your Cluster With A Client CertificateEtcd: The Brain Of A Kubernetes ClusterBackup and Restore Etcd----- Docker -----About /var/run/docker.sockRunning a Container With a Non Root UserAbout <none> imagesClean Up Your Local Machine
Scroll down to see the latest ones…
If you are a developer, chances are you have already been asked to deploy your applications on a Kubernetes cluster. You have probably figured out this is not an easy task, especially if you don’t know Kubernetes that much. Kubernetes is a huge beast, and knowing how to define (YAML all the way) and manipulate the basic resources it offers (Pod, Deployment, Service, ConfigMap, Secret, …) is not straightforward, left alone the more advanced resources (NetworkPolicies, RBAC related ones, …).
Today there is no doubt Kubernetes is the solution of choice to run containerized applications. But, as a developer, most…
In this article we will use the VotingApp, a sample microservices application, to illustrate several of the ways an application can be deployed in a Kubernetes cluster:
The VotingApp is an application created by Docker, it is mainly used to illustrate Docker and Kubernetes functionalities. This application follows a microservices architecture, it is made of five services as illustrated in the schema below.
In a previous article, we presented Rook and used it to set up a HA Ceph cluster. In this new article, we will install Rook on a single node K3s cluster as it’s a good way to get started with this great CNCF project.
Cilium, the eBPF-based networking solution, just released a web editor to facilitate the creation of Kubernetes network policies. In this article, we will demo the tool and use it to define a sample network policy.
“Cilium is an open source project that has been designed on top of eBPF to address the networking, security, and visibility requirements of container workloads. It provides a high-level abstraction on top of eBPF.” — Cilium blog
Cilium has a wide application domain and is commonly used as a CNI plugin in Kubernetes, as illustrated in the following schema:
As not all pods can be trusted, this article will show different options to enhance process isolation through the usage of container runtimes other than the default one (runc). We will use Kubernetes k0s distribution to illustrate all of this. If you do not know k0s, you can find a quick introduction in this article.
This article offers a back-to-basics approach to help you understand several actions that can be done on a cluster’s nodes.
Let’s consider a newly created
kubeadm cluster containing one master and two worker nodes:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-1 Ready control-plane,master 18m v1.20.0
k8s-2 Ready <none> 18m v1.20.0
k8s-3 Ready <none> 18m v1.20.0
First, we will install Kubernetes Operational View (aka kube-ops-view). This application is very handy for seeing all the pods running in a cluster at a glance. There are currently 14 pods running:
The Kubernetes network proxy (aka kube-proxy) is a daemon running on each node. It basically reflects the services defined in the cluster and manages the rules to load-balance requests to a service’s backend pods.
When setting up a Kubernetes cluster, the installation of a network plugin is mandatory for the cluster to be operational. To keep things simple, the role of a network plugin is to set up the network connectivity so Pods running on different nodes in the cluster can communicate with each other. Depending upon the plugin, different network solutions can be provided: overlay (vxlan, IP-in-IP) or non-overlay.
To simplify the usage of a network plugin, Kubernetes exposes the Container Network Interface (aka CNI) so any network plugin that implements this interface can be used.
Kubernetes also allows the usage of kubenet…
A couple of weeks ago, I stumbled upon the Vanilla Stack, a technology stack based on Kubernetes and embedding many great open source components. In this article, which is mainly a presentation of the stack, we will quickly go through the installation process showing the different options available.
Among the different solutions provided out of the box are:
Docker & Kubernetes trainer (CKA / CKAD), 中文学生, Learning&Sharing