"Now, here, you see, it takes all the running you can do, to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that!"
The Red Queen's race incident, Lewis Carroll's Through the Looking-Glass
Securing the cluster with Role-Based Access Control (RBAC) In Kubernetes version 1.8.0, the RBAC authorization plugin graduated to GA (General Availability) and is now enabled by default on many clusters. RBAC prevents unauthorized users from viewing or modifying the cluster state. The default Service-Account…
Continue reading...About the API server The Kubernetes API server is the central component used by all other components and by clients, like kubectl. It provides a CRUD (Create, Read, Update, Delete) interface for querying and modifying the cluster state over a RESTful API. It stores…
Continue reading...AWS Approach It’s a big change—and in business, big changes don’t stick unless they’re backed by firm commitments from leadership. So, before cloud migration can begin in earnest, you’ll need to ensure that you establish buy-in across all key stakeholders. Failing to do so…
Continue reading...Kubernetes Pod Networking Traditional Docker networking allows all containers on a host to reach one another over private IP addresses on a virtual bridge on each host. Port forwarding can also be configured on the host to provide external access to containers on an…
Continue reading...Regarding networking, Kubernetes impose only three simple but powerful rules: 1. All nodes in the cluster must be able to talk to each other. 2. All pods on the network can communicate with each other without NAT. 3. Every…
Continue reading...