Kubernetes works on the principle of assigning IP addresses to pods, called as “IP-per-pod” model. The IPAM (IP address management) task is left to third party solutions. Some of these solutions include Docker networking, Flannel, IPvlan, contive, OpenVswitch, GCE and others.
The Kubernetes architecture consists of master node, replication controller in addition (or conjunction) to nodes used to host the pods. Before we go ahead, here is a review of Kubernetes terms.
So, finally decided to secure your Helm installation? That`s great! Sounds easy enough, right? And as an extra, all sources seem to be telling the exact same story: “All you have to do is follow these steps, and you are good to go”. Right? Wrong. Well, not really wrong, it is a fairly simple procedure, but brace yourself for more typing. Much more. A bit more. There you are. But have no fear, the solution is here (in this post, if that was unclear).
Vitess is a database solution for deploying, scaling and managing large clusters of MySQL instances. It's architected to run as effectively in a public or private cloud architecture as it does on dedicated hardware. It combines and extends many important MySQL features with the scalability of a NoSQL database. Vitess can help you with the following problems:
Rook is designed to run as a native Kubernetes service – it scales along side your apps.
Rook offers storage for your Kubernetes app through persistent volumes.
Rook takes advantage of many benefits of the platform, such as streamlined resource management, health checks, failover, upgrades, and networking, to name just a few.
According to the docs, in Kubernetes, ConfigMap resources “allow you to decouple configuration artifacts from image content to keep containerized applications portable.” Used with Kubernetes pods, configmaps can be used to dynamically add or change files used by containers.
In Kubernetes, pods are the smallest deployable units of computing that can be created and managed. A pod is a group of one or more containers (Docker, rocket, etc), with shared storage/network, and a specification for how to run the containers.
Amazon Elastic Container Service for Kubernetes (Amazon EKS) provides a container orchestration platform for building and deploying modern cloud applications using Kubernetes. Jenkins X is built on Kubernetes to provide automated CI/CD for such applications. Together, Amazon EKS and Jenkins X provide a continuous delivery platform that allows developers to focus on their applications. This blog post by Henryk Konsek explains how to automate your CI/CD needs following GitOps principles, allowing you to be more productive.
Kubernetes liveness and readiness probes can be used to make a service more robust and more resilient, by reducing operational issues and improving the quality of service. However, if these probes are not implemented carefully, they can severely degrade the overall operation of a service, to a point where you would be better off without them.
Get ready for our next Online Meetup in November. This time Neependra Khare from CloudYuga will talk about "User Authentication and Authorization in Kubernetes".
Date: 8th November 2018
7pm CEST (Central European Summer Time)
10am PST (Pacific Standard Time)
via Zoom: https://zoom.us/j/392277556
Kubernetes is the world’s most popular container orchestration tool. This open-source system provides a common platform for deploying containerized applications across hybrid-cloud environments. And if you choose a managed version like Google Kubernetes Engine (GKE), you don’t even need to configure the cluster itself—the cloud provider does it for you
When learning a new technology like Istio, it’s always a good idea to take a look at sample apps. Istio repo has a few sample apps but they fall short in various ways. BookInfo is covered in the docs and it is a good first step. However, it is too verbose with too many services for me and the docs seem to focus on managing the BookInfo app, rather than building it from ground up. There’s a smaller helloworld sample but it’s more about autoscaling than anything else.
Pods can have priority. Priority indicates the importance of a Pod relative to other Pods. If a Pod cannot be scheduled, the scheduler tries to preempt (evict) lower priority Pods to make scheduling of the pending Pod possible.