Source

In the last blog on K8s: Volumes & Claims — Part2 we looked into the details about the concepts around PersistentVolume, PersistentVolumeClaim. In the last blog, we also learnt how PODs uses PersistentVolumeClaim. In this blog, we will learn a practical example that brings together all these concepts using the following structure:

- Bring up a K8s cluster on local machine from scratch- Remove one node from the cluster and configure it as an NFS-Server- Use the NFS-Server to create a PersistentVolume- Create a PersistentVolumeClaim from the PersistentVolume- Have the POD use this PersistentVolumeClaim

Would highly…


Source

In this blog post, we will cover Deployments & Replicaset K8s objects. To understand deployments, we will start with Replicasets(we will soon know why). Below would be the flow of this post.

- What are Replicasets & why exactly do we need them?- Practical example with Replicasets- What are Deployments & why exactly do we need them?- Practical example with Deployments


Source

In this blog post, let’s try understanding “K8s Network Policy”. We will be following the structure as below.

- Some network communication fundamentals- What is a NetworkPolicy- What are NetworkPolicy agents- Concluding thoughts

To start with, let’s lay out some fundamentals for K8s Networking for Pods for a given cluster by default.

  • Each Pod gets its own unique IP address.
  • All Pods can talk with any other Pod within the cluster(there is no NAT business, i.e., Network address translation)

Extending the idea above, a Pod in namespaceA can also talk with a Pod in namespaceB, so the…


Source

In the blog post, let’s try to understand what the K8s job object is and why do we need the same.

Types of Jobs

  1. Run to completion (Jobs)
Running jobs mostly for the specific instance of invocation without a schedule.

2. Scheduled (CronJob)

Running jobs at a scheduled instance of time

Why jobs? Why can't we just use a deployment to get our work done?

K8s Jobs are like a person on a mission, they do their work and return back to base. They can either do this one-off time or do this on a scheduled basis. More details here. Deployments try to…


I recently gave the Certified Jenkins Engineer Exam. This blog post will be sharing my experience on it.

The high-level flow would be

  1. Background
  2. Why take this certification
  3. Pre-requisites
  4. How to prepare & related resources?
  5. Exam structure
  6. How much time to prepare?
  7. Exam experience
  8. Concluding thoughts

Background

Jenkins is a fairly commonly used tool for CI/CD and related activities. In addition, my day-to-day work involves using Jenkins on and off. Therefore, I wanted to learn best practices for Jenkins & its ecosystem for some of the recent projects I worked on. …


In this post let’s try understanding

  • What is a service account in K8s
  • Why do we need it?
  • Example on the same

K8s applications run in Pods. Pods usually need access to resources from cloud vendors like aws, gcloud, azure, etc.


We saw an introduction to labels in our article here. In this article, let’s try to understand the differences between labels and annotation & when to use one over another.

Let’s quickly summarize what we learned about labels

Why use Labels in K8s?

Labels allow K8s to group a set of related resources(example:- all prod resources). Selectors are used to querying those labels(example:- get me all prod resources). Official Docs here. Something to note, at the time of writing of this article, below are the restrictions on how a label must be defined in K8s

Valid label value:

  • must be…


Source

In our previous post, we saw what Replicasets are; in this post, let’s try to understand what a K8s Deployment object is step-by-step with some practical examples.

In K8s, pods are the fundamental basic units that get deployed in a cluster. K8s deployment is an abstraction layer for the pods. The deployment K8s object's primary purpose is to help maintain the desired state resources as declared in the deployment configuration.

But wait, didn’t you just say Replicaset does the same thing, then why do we need another K8s object deployment?

Let’s assume in the production environment; we are running an…


Eight months back I was a stranger to security & specifically PenTesting. Felt awesome today passing the eCPPTv2 exam, after finishing certifications like eCXD, eCRE & eJPT previously. In all honesty, being new to PenTesting this course was not an easy one for me, but I learned a lot. I got a lot of support from eLearnSecurity forums & also their unofficial discord channel.

I will have a detailed write-up on my journey here soon. Till then ciao!


Background

Terraform is the infrastructure as a Code (IaC) offering from HashiCorp. It is a tool for building, changing and managing infrastructure in a safe, repeatable way.

It is based on similar IaC philosophy as Aws’s CloudFormation. Operators and Infrastructure teams can use Terraform to manage environments with a configuration language called the HashiCorp Configuration Language (HCL) for human-readable, automated deployments.

The Terraform Associate certification is either for those cloud engineers that specialize in operations/IT, or for those developers who know or would like to know the basic concepts, and skills associated with open source HashiCorp Terraform.

I have used infrastructure…

Sandeep Baldawa

whoami >> Slack, Prev — Springpath (Acquired by Cisco), VMware, Build & Release, Test-Infra, Test Automation, Devops and Cybersecurity Enthusiast

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store