Posts for: #K8s

Kustomize

Kustomize is built into kubectl with -k. Great samples on kubernetes.io/docs Kustomize provides a template-free way to customize kubernetes manifest Contents: Generating resources Setting cross cutting fields Composing and customizing resources Composing Customizing Patches Images Replacements Reference In a nutshell provides 3 key features: generating resources from other sources setting cross-cutting fields for resources composing and customizing collections of resources Generating resources To generate a ConfigMap from an .env file, add an entry to the envs list in configMapGenerator.
Read more →

Kubernetes Certified Administrator (CKA) 2024

CKA topics Kubernetes in a nutshell Lab environment kubeadm init sample output Buliding kubernetes clusters Networking kubeadm kubectl Contexts Resources CKA topics Cluster Architecture, Installation & Configuration: How to set up and configure a Kubernetes cluster, including how to install and configure a Kubernetes cluster using kubeadm, how to upgrade your cluster version, how to backup and restore an etcd cluster, and how to configure a pod to use secrets Workloads & Scheduling: How to deploy a Kubernetes application, create daemonsets, scale the application, configure health checks, use multi-container pods, and use config maps and secrets in a pod.
Read more →

dotnet worker kubernetes health probe

The Problem You have a (headless) background worker process that needs to communicate its readiness to kubernetes. The Solution ASP.NET Core provides a decent approach to performing a series of agnostic health checks. There are hundreds of health probes available such as Network, Elasticsearch, Kafka and NpgSql. However being part of ASP.NET Core, does mean that some of these dependencies, such as Microsoft.AspNetCore.Diagnostics.HealthChecks package, will bleed into the worker as a needed dependency.
Read more →

OpenShift NginX 13: permission denied /var/cache/nginx/client_temp

Trying to deploy an NGINX container to an OpenShift cluster today, ran into: nginx: [emerg] mkdir() "/var/cache/nginx/client_temp" failed (13: Permission denied) To do some investigating spun up a new Pod an attached an interactive shell using oc: oc run --rm -i -t frontend --image=artifactory.evilcorp.com/frontend:1.0.0 --restart=Never --command -- /bin/sh Indeed a quick ls -la /var/cache revealed that the nginx subdirectory is writtable by root. No good for OpenShift, which by default is non-root:
Read more →

Kubernetes Secrets encoding gotcha

Kubernetes provides a neat concept for managing sensitive pieces of data, the Secret A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. Such information might otherwise be put in a Pod specification or in a container image. Using a Secret means that you don’t need to include confidential data in your application code. Secret text is by default base64 encoded.
Read more →

React environment variables in an nginx container

Your React app is ready to ship. Congratulations! Packaging for production is (and should) be different from your development configuration. In the case of Create React App the toolchain is rich, includes development productivity conveniences such as hot reloading, source maps and custom environment variables. This toolchain is mind blowingly productive as you develop the app, npm start and watch the magic unfold. At this point, its possible to put the React app one big (~1.
Read more →

Kubernetes

The name Kubernetes originates from Greek, meaning helmsman or pilot. Terminology Essentials Help Bash kubectl completion Web UI dashboard Pods Creating a pod Option 1: Imperatively with the CLI Option 2: Declaratively with YAML Port forwarding Managing pods Pod Health Deployments and ReplicaSets ReplicaSet Deployment Deployments with kubectl Deployment Options Rolling updates Blue Green Canary Rollbacks StatefulSets Services Service Types Port forwarding take 2 Services YAML NodePort example ExternalName example Testing Service and Pod with curl Storage Volumes Volume Types Viewing a Pods volumes emptyDir volume example PeristentVolumes and PeristentVolumesClaims StorageClasses Managing configuration with ConfigMaps and Secrets Defining ConfigMaps Consuming ConfigMaps Secrets Secret best practices Storing Secrets Using Secrets Secrets as environment variables Secrets as files Troubleshooting Logs Configuration verification Shell into Pod container The API General kubectl Waaay cool Samples node.
Read more →