Suraj Deshmukh's talks at conferences
List of all the talks presented by me
Watch from 55m59s
containers, packaging, programming, hacks, kubernetes, openshift, fedora, centos
List of all the talks presented by me
Watch from 55m59s
Event Report for Kubernetes Bangalore Meetup
The Kubernetes Bangalore Meetup was organized at Arvind Internet on Feb 16th 2019. The agenda for the meetup was to teach Kubernetes to the beginners.
Dealing with apiserver in minikube can be tricky
If you want to provide extra flags to the kube-apiserver
that runs inside minikube how do you do it? You can use the minikube’s --extra-config
flag with apiserver.<apiserver flag>=<value>
, for e.g. if you want to enable RBAC
authorization mode you do it as follows:
Subpath Volume Mount could give you access to node
A volume mount CVE was discovered in Kubernetes 1.9 and older which allowed access to node file system using emptyDir
volume mount using subpath. The official description goes as follows:
Use this technique to add new node to the cluster without providing any certificates and without having to restart the kube-apiserver
NOTE: There is an updated version of this blog here.
Burnt by enabling PSPs on existing Kubernetes and wondering why everything still works
I enabled PodSecurityPolicy on a minikube cluster by appending PodSecurityPolicy
to the apiserver flag in minikube like this:
My experience with CKA exam preparation
I passed CKA exam with 92% marks on 19th October 2018.
Use this technique to add node to the cluster without providing any certificates
The setup here is created by following Kubernetes the Hard Way by Kelsey Hightower. So if you are following along in this then do all the setup till the step Bootstrapping the Kubernetes Worker Nodes. In this just don’t start the kubelet
, start other services like containerd
and kube-proxy
.
Step by step guide to add new node
To setup a multi-node Kubernetes cluster just run this script and you will have a cluster with 3 masters and 3 workers.
Kubeadm to install Single Node K8S with SELinux
Start a single node fedora machine, using whatever method but I have used this Vagrantfile to do it: