This blog will showcase my productivity tips with
kubectl . This does not venture into any plugins per se. But only using bash aliases to achieve it.
This blog will show you how to take a backup from a running Prometheus and restore it in some other Prometheus instance. You might ask why would you even want to do something like that? Well, sometimes you want the Prometheus metrics because they were collected for some particular purpose and you want to do some analysis later.
For the reasons of security, many container deployments nowadays run their workloads in a scratch based image. This form of implementation helps reduce the attack surface since there is no shell to gain access to, especially if someone were to break out of the application.
Seccomp helps us limit the system calls the process inside container can make. And
PodSecurityPolicy is the way to enable it on pods in Kubernetes.
Watch from 55m59s
The Kubernetes Bangalore Meetup was organized at Arvind Internet on Feb 16th 2019. The agenda for the meetup was to teach Kubernetes to the beginners.
If you want to provide extra flags to the
kube-apiserver that runs inside minikube how do you do it? You can use the minikube’s
--extra-config flag with
apiserver.<apiserver flag>=<value>, for e.g. if you want to enable
RBAC authorization mode you do it as follows:
A volume mount CVE was discovered in Kubernetes 1.9 and older which allowed access to node file system using
emptyDir volume mount using subpath. The official description goes as follows:
Few days back I wrote a blog about adding new node to the cluster using the static token file. The problem with that approach is that you need to restart
kube-apiserver providing it the path to the token file. Here we will see how to use the bootstrap token, which is very dynamic in nature and can be controlled by using Kubernetes resources like
I enabled PodSecurityPolicy on a minikube cluster by appending
PodSecurityPolicy to the apiserver flag in minikube like this: