Suraj Deshmukh

Blog

containers, packaging, programming, hacks, kubernetes, openshift, fedora, centos

Exec in container environment

The correct way to use exec and the signal passing.

Suraj Deshmukh

3-Minute Read

If you use exec in your container script, then the container or Kubernetes pod might exit after the command that is exec-ed into has exited. But if that’s what you wanted, then it’s okay. This blog tries to explain how to pass the signals to the applications, how they work differently when invoked uniquely and what to do if the application does handle them.

Suraj Deshmukh

6-Minute Read

PodSecurityPolicy (PSP) is hard to get right in the first attempt. There has never been a situation when I haven’t banged my head to get it working on the cluster. It is a frustrating experience, but it is one of the essential security features of Kubernetes. Some applications have started shipping the PSP configs with their helm charts, but if a helm chart does not ship a PSP config, it must be handcrafted by the cluster-admin to make the application work reliably in the cluster.

How to gracefully kill Kubernetes Jobs with a sidecar?

A sidecar in a Kubernetes Job, what? Yeah you might need one and here is how to shut it.

Suraj Deshmukh

6-Minute Read

Have you ever had a sidecar in your Kubernetes Job? If no, then trust me that you are lucky. If yes, then you will have the frustration of your life. The thing is Kubernetes Jobs are meant to exit on completion. But if you have a long-running sidecar, then that might twist things for Kubernetes and in turn of you.

Use Configmap for Scripts

A new way to ship scripts to container images.

Suraj Deshmukh

6-Minute Read

We generally use some sort of scripts in application container images. They serve various purposes. Some scripts might do an initial setup before the application starts, others may have the whole logic of the container image, etc. Whatever the goal may be the general pattern is to copy the script into the container image, build the image and then the script is available when you consume the image.

How to backup and restore Prometheus?

Backing up Prometheus??!!

Suraj Deshmukh

2-Minute Read

This blog will show you how to take a backup from a running Prometheus and restore it in some other Prometheus instance. You might ask why would you even want to do something like that? Well, sometimes you want the Prometheus metrics because they were collected for some particular purpose and you want to do some analysis later.

Watch Container Traffic Without Exec

How to watch the traffic of a container or a pod without execing into the pod/contaienr?

Suraj Deshmukh

4-Minute Read

For the reasons of security, many container deployments nowadays run their workloads in a scratch based image. This form of implementation helps reduce the attack surface since there is no shell to gain access to, especially if someone were to break out of the application.

Recent Posts

Categories

About

I am a Software Engineer at Kinvolk, working on various tooling around container technology like Docker, Kubernetes.