In the last blog on K8s: Volumes & Claims — Part2 we looked into the details about the concepts around PersistentVolume, PersistentVolumeClaim. In the last blog, we also learnt how PODs uses PersistentVolumeClaim. In this blog, we will learn a practical example that brings together all these concepts using the following structure:
- Bring up a K8s cluster on local machine from scratch- Remove one node from the cluster and configure it as an NFS-Server- Use the NFS-Server to create a PersistentVolume- Create a PersistentVolumeClaim from the PersistentVolume- Have the POD use this PersistentVolumeClaim
- What are Replicasets & why exactly do we need them?- Practical example with Replicasets- What are Deployments & why exactly do we need them?- Practical example with Deployments
K8s consists of multiple components on both the Controller and Worker Nodes. Imagine you as a K8s administrator who has built a cluster, and you get a confirmation from users that they could deploy and test applications through this cluster successfully.
However, there is no guarantee that the cluster will run as a healthy cluster all the time without running into any issues. Things might break anytime; services might stop working, K8s components might break, etc. Hence it’s important to have a reliable monitoring solution in place for a reliable K8s cluster.
In this blog post, let’s try to understanding
In this blog post, let’s try understanding “K8s Network Policy”. We will be following the structure as below.
- Some network communication fundamentals- What is a NetworkPolicy- What are NetworkPolicy agents- Concluding thoughts
To start with, let’s lay out some fundamentals for K8s Networking for Pods for a given cluster by default.
Extending the idea above, a Pod in namespaceA can also talk with a Pod in namespaceB, so the…
In the blog post, let’s try to understand what the K8s job object is and why do we need the same.
Running jobs mostly for the specific instance of invocation without a schedule.
2. Scheduled (CronJob)
Running jobs at a scheduled instance of time
Why jobs? Why can't we just use a deployment to get our work done?
K8s Jobs are like a person on a mission, they do their work and return back to base. They can either do this one-off time or do this on a scheduled basis. More details here. Deployments try to…
I recently gave the Certified Jenkins Engineer Exam. This blog post will be sharing my experience on it.
The high-level flow would be
Jenkins is a fairly commonly used tool for CI/CD and related activities. In addition, my day-to-day work involves using Jenkins on and off. Therefore, I wanted to learn best practices for Jenkins & its ecosystem for some of the recent projects I worked on. …
We saw an introduction to labels in our article here. In this article, let’s try to understand the differences between labels and annotation & when to use one over another.
Let’s quickly summarize what we learned about labels
Why use Labels in K8s?
Labels allow K8s to group a set of related resources(example:- all prod resources). Selectors are used to querying those labels(example:- get me all prod resources). Official Docs here. Something to note, at the time of writing of this article, below are the restrictions on how a label must be defined in K8s
Valid label value:
In K8s, pods are the fundamental basic units that get deployed in a cluster. K8s deployment is an abstraction layer for the pods. The deployment K8s object's primary purpose is to help maintain the desired state resources as declared in the deployment configuration.
But wait, didn’t you just say Replicaset does the same thing, then why do we need another K8s object deployment?
Let’s assume in the production environment; we are running an…
Eight months back I was a stranger to security & specifically PenTesting. Felt awesome today passing the eCPPTv2 exam, after finishing certifications like eCXD, eCRE & eJPT previously. In all honesty, being new to PenTesting this course was not an easy one for me, but I learned a lot. I got a lot of support from eLearnSecurity forums & also their unofficial discord channel.
I will have a detailed write-up on my journey here soon. Till then ciao!