kubernetes

When a Kubernetes manifest is applied, the request goes through has various stops along the way. Part of the requests life cycle is the admission controllers. The purpose of the admission controller is to intercept the requests and process them. The admission controllers occur after the request has been authorization and authenticated, but before the request object has been persisted. There are two types of admission controllers: Mutating will allow you to mutate the request based on certain criteria you set Validating will either allow or deny a request based on your criteria....

What is a service in Kubernetes In a Kubernetes environment, you can have hundreds if not thousands of pods that are ephemeral. Whether it is because nodes are being scaled down, pod replicas being scaled down, or pods being rescheduled to a new node, the IP address of a pod is never guaranteed. The pods IP address is assigned after it has been scheduled to a specific node and before it has been booted....

This guide will walk you through how to configure Vault running on a Kubernetes cluster to exchange service accounts for a scoped client vault token. This can be useful when you want your services running on a kubernetes cluster to self auth against vault and not require the need to pass around vault credentials. Auth Delgators The first thing we want to setup is a ClusterRoleBinding that has a roleRef which uses system:auth-delagator...

Kubernetes has become the de facto way to maintain and deploy containers. However, there are still some portions of our application that we manage by hand. The two I have noticed are maintaining DNS records and TLS certificates. Shouldn’t we be able to define our desired DNS and TLS alongside our application manifests? Actually we can! Two open-source Kubernetes plugins accomplish that. We have external dns that allows DNS management within your manifests and cert-manager that handles certificate management....

When you think of Kubernetes you think of containers. When you think of containers you think Docker. So it was a big surprise when, in December 2020, the Kubernetes maintainers announced that it would be deprecating Docker support for Kubernetes v1.20+. This caused quite a bit of concern and confusion. Deprecating Docker support in Kubernetes? This sounded like a very topical piece of information in 2020. While the term Docker is synonymous with containers, many do not realize that as a product, Docker is composed of multiple components and is a tech stack for containers....