In the last blog on K8s: Volumes & Claims — Part2 we looked into the details about the concepts around PersistentVolume, PersistentVolumeClaim. In the last blog, we also learnt how PODs uses PersistentVolumeClaim. In this blog, we will learn a practical example that brings together all these concepts using the following structure:
- Bring up a K8s cluster on local machine from scratch- Remove one node from the cluster and configure it as an NFS-Server- Use the NFS-Server to create a PersistentVolume- Create a PersistentVolumeClaim from the PersistentVolume- Have the POD use this PersistentVolumeClaim
- What are Replicasets & why exactly do we need them?- Practical example with Replicasets- What are Deployments & why exactly do we need them?- Practical example with Deployments
We saw an introduction to labels in our article here. In this article let’s try to understand the differences between labels and annotation & when to use one over another.
Let’s quickly summarize what we learned about labels
Why use Labels in K8s?
Labels allow K8s to group a set of related resources(example:- all prod resources). Selectors are used to querying those labels(example:- get me all prod resources). Official Docs here. Something to note, at the time of writing of this article, below are the restrictions on how a label must be defined in K8s
Valid label value:
In K8s, pods are the fundamental basic units that get deployed in a cluster. K8s deployment is an abstraction layer for the pods. The deployment K8s object's primary purpose is to help maintain the desired state resources as declared in the deployment configuration.
But wait, didn’t you just say Replicaset does the same thing, then why do we need another K8s object deployment?
Let’s assume in the production environment; we are running an…
Eight months back I was a stranger to security & specifically PenTesting. Felt awesome today passing the eCPPTv2 exam, after finishing certifications like eCXD, eCRE & eJPT previously. In all honesty, being new to PenTesting this course was not an easy one for me, but I learned a lot. I got a lot of support from eLearnSecurity forums & also their unofficial discord channel.
I will have a detailed write-up on my journey here soon. Till then ciao!
Terraform is the infrastructure as a Code (IaC) offering from HashiCorp. It is a tool for building, changing and managing infrastructure in a safe, repeatable way.
It is based on similar IaC philosophy as Aws’s CloudFormation. Operators and Infrastructure teams can use Terraform to manage environments with a configuration language called the HashiCorp Configuration Language (HCL) for human-readable, automated deployments.
The Terraform Associate certification is either for those cloud engineers that specialize in operations/IT, or for those developers who know or would like to know the basic concepts, and skills associated with open source HashiCorp Terraform.
I have used infrastructure…
Intro to K8s services with examples
In this post, we will look at the K8s(Kubernetes) services. This blog post covers the following:
- What are services & examples
- Types of services
- Look into each service type with practical examples
In Kubernetes, a Service is an abstraction which defines a logical set of Pods and a policy by which to access them (sometimes this pattern is called a micro-service).
Cool yay! we now know the definition, but why do we need a service?
Why can’t users just talk directly with the pods that host the applications? …
In this post, we will look at
Let’s try to understand the concept with an analogy. If you ever have looked at different types of homes, one can see townhomes, condos, Single Family Homes, apartments, etc.
Let’s say we would like to categorize these homes by
- Size(sqft area)- Type(condo, apartment, sfh, townhome)- Number of people(2,4,6,8+)
These are nothing but Labels. Selectors help filter out things like gives all homes which are of type SFH and greater than 500sqft in size. …
Continuing from our Part1 of the series, let’s now take a look at Persistent Volumes
With this type of volume, we are instructing through a YAML file to connect to one of the cloud providers(EBS/persistent disk/SSD, etc. with Google/Amazon/Azure, etc.) for volumes.
Wait a minute, since we are directly connecting with the volume on the cloud(no layer which is helping us manage the volume), don't we need to have the backend knowledge. Yes, we certainly need to have backend knowledge to manage these volumes.
Let’s try creating a volume using GKE, using the documentation from here
Started with creating a…
A quick intro to docker containers
This is a short & simple tutorial on Docker.
Learn Docker concepts quickly without getting lost in minute details. Provide tools one would need to create and run your first containerized application using Docker, enabling one to be able to look for more by yourself when needed.
Nothing as such. Just install Docker from here
A container is what we eventually want to run and host with the Docker engine.
From a conceptual point of view, a container runs inside the Docker host isolated from the other containers and even the host OS. …
whoami >> Slack, Prev — Springpath (Acquired by Cisco), VMware, Test Automation, Devops and Cybersecurity Enthusiast