What is a service in Kubernetes In a Kubernetes environment, you can have hundreds if not thousands of pods that are ephemeral. Whether it is because nodes are being scaled down, pod replicas being scaled down, or pods being rescheduled to a new node, the IP address of a pod is never guaranteed. The pods IP address is assigned after it has been scheduled to a specific node and before it has been booted....
Have you ever wanted to dig deeper for explanations as to why your applications are bulking up on memory or the CPU spikes up? While monitoring tools tell that it is happening, you don’t know why. This is when profiling is fantastic. Profiling offers better insight into how your application interacts with CPU or memory. It allows for easier access for making optimizations to how your code behaves. Go comes with a native profiling tool called pprof....
This guide will walk you through how to configure Vault running on a Kubernetes cluster to exchange service accounts for a scoped client vault token. This can be useful when you want your services running on a kubernetes cluster to self auth against vault and not require the need to pass around vault credentials. Auth Delgators The first thing we want to setup is a ClusterRoleBinding that has a roleRef which uses system:auth-delagator...
Kubernetes has become the de facto way to maintain and deploy containers. However, there are still some portions of our application that we manage by hand. The two I have noticed are maintaining DNS records and TLS certificates. Shouldn’t we be able to define our desired DNS and TLS alongside our application manifests? Actually we can! Two open-source Kubernetes plugins accomplish that. We have external dns that allows DNS management within your manifests and cert-manager that handles certificate management....
As I thought about the question and prepared my answer, I noticed something about the response I was going to give. If you had asked me this question earlier in my career I would have said something such as testing your code, building applications in a specific architecture, or building a highly scalable fault-tolerant widget. While these still hold true, they aren’t the first things that come to my mind when I think about software now....