Suraj Deshmukh

Blog

containers, programming, golang, hacks, kubernetes, productivity, books

Suraj Deshmukh

5-Minute Read

Golang and Kubernetes

The client libraries that Kubernetes ships are meant to be imported, and you definitely don’t need this post explaining how to import them in your Golang based project. A simple go get ... should do the trick. But, what about the packages that are not meant to be imported? Or the ones that cannot be imported because of “technical reasons” ? Could you simply add them to your import statements in the .go file, and the go binary will do the right thing when you build the code?…

Suraj Deshmukh

2-Minute Read

cert

If you are writing a webhook server for Kubernetes Admission Controllers like ValidatingAdmissionWebhooks or MutatingAdmissionWebhooks, you must expose it over HTTPS. To run these servers on HTTPS, you need TLS certificates. There are solutions available which you can use to solve this problem, first and foremost that comes to my mind is cert-manager. It is a great project and automates this problem. But it is an added dependency that you might have to keep running in your cluster.

Mitigation of: Access Any Kubernetes Secret

A Validating Admission Webhook Server to deny anyone accessing forbidden Kubernetes Secrets!

Suraj Deshmukh

4-Minute Read

Config

In the previous blog, we discussed how any user without RBAC access to a Kubernetes secret can use a trick to access that secret. To mitigate that problem, we will use a validating admission webhook. But before looking at what sorcery this validating admission webhook server is, let us understand how Kubernetes handles the API requests.

Monitor your PC with Prometheus Grafana stack

Get a fine grained view of the happenings on your system!

Suraj Deshmukh

2-Minute Read

Node Exporter

How do you monitor your own computer? Of course, using Prometheus, node-exporter and Grafana. You might ask why would you wanna do that when you can simply use the operating system provided, “System Monitor”. Well, yes, you can use that. But the data you get from the OS System Monitor is coarse-grained. OS system monitor is not configurable, but this stack is.

Kubernetes The Hard Way in "Vagrant"?

The first step in your CKA preparation!

Suraj Deshmukh

2-Minute Read

CKA logo

If you are studying for the Certified Kubernetes Administrator (CKA) exam, you might have come across folks recommending Kelsey Hightower’s Kubernetes the Hard Way. It is an excellent first step for someone who has no idea about the components that form a Kubernetes cluster. As the name suggests, it is created so that you learn the Kubernetes building blocks the “hard way”.

How we manage Kubernetes Bangalore Meetup?

The method of stress-free event management!

Suraj Deshmukh

3-Minute Read

Kubernetes Bangalore Meetup

I took the reins of the Kubernetes Bangalore Meetup back in 2017. I have been organising the meetup since then. Earlier with Suraj Narwade, Aditya Konarde and now with Prakash Mishra. Over time the meetup has grown a lot, now it boasts about 5000 members. Organising meetup earlier was a straightforward affair, especially with Narwade and Konarde being my colleagues and friends. We could chat about the upcoming meetup at any time we would like, and it was all spontaneous. Once they left in 2019,…

On Compounder Skills

The foundational skills which improves everything else.

Suraj Deshmukh

9-Minute Read

Compounding Chart

There are specific skills which you should acquire early on in your life. These skills are the foundational skills. Everything you do after developing these skills becomes better, faster and easier. I call these skills Compounder Skills. Derived from the term “Compound Interest”. The idea is that once you are laced with a particular compounder skill, you can apply it in various fields of your life. An example of a compounder skill that most humans get exposed to is “school…

Recent Posts

Categories

About

I am a Senior Software Engineer at Microsoft, working on various tooling around container technology like Docker, Kubernetes, etc.