Kubernetes Cluster using Kubeadm on Flatcar Container Linux
Simple steps to install the cluster based on Flatcar Container Linux
containers, programming, golang, hacks, kubernetes, productivity, books
Simple steps to install the cluster based on Flatcar Container Linux
The correct way to use exec and the signal passing.
If you use exec
in your container script, then the container or Kubernetes pod might exit after the command that is exec-ed into has exited. But if that’s what you wanted, then it’s okay. This blog tries to explain how to pass the signals to the applications, how they work differently when invoked uniquely and what to do if the application does handle them.
How to watch the traffic of a container or a pod without execing into the pod/contaienr?
For the reasons of security, many container deployments nowadays run their workloads in a scratch based image. This form of implementation helps reduce the attack surface since there is no shell to gain access to, especially if someone were to break out of the application.
Note on Linux Kernel capabilities
File capabilities allow users to execute programs with higher privileges. Best example is network utility ping
.
The easiest way to prove that root inside the container is also root on the host
Here are simple steps that you can follow to prove that the root
user inside container is also root
on the host. And how to mitigate this.
No docker cp needed to copy files from host to your container
This blog shows you how you can copy stuff from your host machine to the running container without the docker cp
command that we usually use.
A guide to how would you download image from private container registry in minikube
I am doing Kubernetes native development using minikube. And for doing that I had to download a Container image that is available in internally hosted private container registry.