Very helpful video that explains how network namespaces works in linux kernel https://www.youtube.com/watch?v=j_UUnlVC2Ss
YouTube
Network Namespaces Basics Explained in 15 Minutes
Get introduced to the basics of Network Namespaces in Linux.
💻Access full course here: https://kodekloud.com/p/certified-kubernetes-administrator-with-practice-tests/?coupon_code=YTNETNAM50
Network Namespaces are used by containerization technologies…
💻Access full course here: https://kodekloud.com/p/certified-kubernetes-administrator-with-practice-tests/?coupon_code=YTNETNAM50
Network Namespaces are used by containerization technologies…
Envio is a command-line tool that simplifies the management of environment variables across multiple profiles. It allows users to easily switch between different configurations and apply them to their current environment
https://github.com/humblepenguinn/envio
https://github.com/humblepenguinn/envio
GitHub
GitHub - envio-cli/envio: Envio is a modern and secure command-line tool that simplifies the management of environment variables
Envio is a modern and secure command-line tool that simplifies the management of environment variables - envio-cli/envio
Good start point for starting to work with loki and promtail https://akyriako.medium.com/kubernetes-logging-with-grafana-loki-promtail-in-under-10-minutes-d2847d526f9e
Medium
Kubernetes Logging with Grafana Loki & Promtail in under 10 minutes
Consolidate all your Kubernetes logs in a intuitive Grafana dashboard.
A case of migration from OpenShift to k8s https://blog.palark.com/migrating-from-openshift-to-vanilla-kubernetes/
Palark
Migrating an application running in OpenShift to vanilla Kubernetes
This guide demonstrates how to move a basic web app from the OpenShift platform to vanilla Kubernetes. It includes all related listings for this specific example and a cheatsheet for a general migration approach.
This will help you to check a default alerts when you just init a monitoring from groud https://awesome-prometheus-alerts.grep.to/rules.html
Spin up ready-to-code, disposable dev environments on your own servers. Self-hosted alternative to Gitpod and Github Codespaces.
https://github.com/hocus-dev/hocus
https://github.com/hocus-dev/hocus
GitHub
GitHub - hocus-dev/hocus: 🪄 Spin up ready-to-code, disposable dev environments on your own servers. Self-hosted alternative to…
🪄 Spin up ready-to-code, disposable dev environments on your own servers. Self-hosted alternative to Gitpod and Github Codespaces. - hocus-dev/hocus
A new alternative to DockerDesktop was released by RedHat https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#local_kubernetes_with_kind
Red Hat Developer
Podman Desktop 1.0: Local container development made easy | Red Hat Developer
As containerization continues to gain popularity in the world of enterprise software development, there is also growing demand for tools and technologies that make container management more accessible
A web-based UI for deploying and managing applications in Kubernetes clusters
https://github.com/vmware-tanzu/kubeapps
https://github.com/vmware-tanzu/kubeapps
GitHub
GitHub - vmware-tanzu/kubeapps: A web-based UI for deploying and managing applications in Kubernetes clusters
A web-based UI for deploying and managing applications in Kubernetes clusters - vmware-tanzu/kubeapps
In this blog post, Ahmet Alp Balkan explains the peculiar and undocumented behavior of file changes in Kubernetes Secret and ConfigMap volumes when using the inotify(7) syscall. He highlights that typical file watch events like IN_MODIFY or IN_CLOSE_WRITE don't occur for files in these volumes. Instead, only the IN_DELETE_SELF event is received, requiring code to handle re-establishing the monitor each time a file is updated.
Balkan discusses the resilient file reloads from disk and the AtomicWriter algorithm used by kubelet for atomic and consistent updates to Secret/ConfigMap volumes. He explains the file structure in a mounted Secret/ConfigMap volume and the reason behind receiving only the IN_DELETE_SELF event.
To handle this behavior, Balkan suggests mounting ConfigMaps/Secrets as directories, starting inotify watches on individual files, avoiding the use of IN_DONT_FOLLOW option, handling inotify deletion events, re-establishing inotify watches when receiving deletion events, and testing the file reloading logic on Kubernetes. He also mentions opening an issue to document this behavior in the official Kubernetes documentation.
https://ahmet.im/blog/kubernetes-inotify/index.html
Balkan discusses the resilient file reloads from disk and the AtomicWriter algorithm used by kubelet for atomic and consistent updates to Secret/ConfigMap volumes. He explains the file structure in a mounted Secret/ConfigMap volume and the reason behind receiving only the IN_DELETE_SELF event.
To handle this behavior, Balkan suggests mounting ConfigMaps/Secrets as directories, starting inotify watches on individual files, avoiding the use of IN_DONT_FOLLOW option, handling inotify deletion events, re-establishing inotify watches when receiving deletion events, and testing the file reloading logic on Kubernetes. He also mentions opening an issue to document this behavior in the official Kubernetes documentation.
https://ahmet.im/blog/kubernetes-inotify/index.html
Ahmet Alp Balkan
Pitfalls reloading files from Kubernetes Secret & ConfigMap volumes
Files on Kubernetes Secret and ConfigMap volumes work in peculiar and undocumented ways when it comes to watching changes to these files with the inotify(7) syscall. Your typical file watch that works outside Kubernetes might not work as you expect...
Interesting article about experience with linkerd https://tech.loveholidays.com/linkerd-at-loveholidays-our-journey-to-a-production-service-mesh-9a6cd478d395
Medium
Linkerd at loveholidays — Our journey to a production service mesh
Explore loveholidays’ journey to production with Linkerd to solve our uniform metrics challenge.
Kubernetes v1.25 has introduced the Container Checkpointing API as an alpha feature, allowing users to backup and restore containers without stopping them. This feature is primarily aimed at forensic analysis but can also be used for general backup and restore purposes. To set up the feature, a Kubernetes cluster (v1.25+) and container runtime supporting container checkpointing are required. Currently, only CRI-O supports checkpointing, with containerd support expected soon.
The checkpointing API is exposed on the kubelet of each cluster node. To create a checkpoint, you need to have a running Pod and make a request to the kubelet directly. Once the checkpoint has been created, you can analyze the contents of the archive or restore the container from the archive by creating an image from the checkpoint and deploying a new Pod using that image.
While the feature is usable, it lacks some essential functionality, such as native restore capabilities and support from all major container runtimes. Users are advised to be aware of its limitations before enabling it in production or development environments.
https://martinheinz.dev/blog/85
The checkpointing API is exposed on the kubelet of each cluster node. To create a checkpoint, you need to have a running Pod and make a request to the kubelet directly. Once the checkpoint has been created, you can analyze the contents of the archive or restore the container from the archive by creating an image from the checkpoint and deploying a new Pod using that image.
While the feature is usable, it lacks some essential functionality, such as native restore capabilities and support from all major container runtimes. Users are advised to be aware of its limitations before enabling it in production or development environments.
https://martinheinz.dev/blog/85
martinheinz.dev
Backup-and-Restore of Containers with Kubernetes Checkpointing API
<p>
Kubernetes v1.25 introduced Container Checkpointing API as an alpha feature. This provides a way to backup-and-restore containers running in Pods, wit...
Kubernetes v1.25 introduced Container Checkpointing API as an alpha feature. This provides a way to backup-and-restore containers running in Pods, wit...
modern full-featured open source secure mail server for low-maintenance self-hosted email
https://github.com/mjl-/mox
https://github.com/mjl-/mox
GitHub
GitHub - mjl-/mox: modern full-featured open source secure mail server for low-maintenance self-hosted email
modern full-featured open source secure mail server for low-maintenance self-hosted email - mjl-/mox
👍2
Interesting article describing how dns query works in k8s https://www.nslookup.io/learning/the-life-of-a-dns-query-in-kubernetes/
NsLookup.io
The life of a DNS query in Kubernetes
In Kubernetes, DNS queries follow a specific path to resolve the IP address of a hostname. Here are all the steps and components it goes through.
Within any organization, API producers and consumers need to stay in sync about the schemas that will be used for communication among them. Especially as the number of APIs and related producers and consumers grow in the organization, what may start with simply passing around schemas among teams will start to hit scaling challenges
An API/Schema registry - stores APIs and Schemas.
https://github.com/apicurio/apicurio-registry
An API/Schema registry - stores APIs and Schemas.
https://github.com/apicurio/apicurio-registry
GitHub
GitHub - Apicurio/apicurio-registry: An API/Schema registry - stores APIs and Schemas.
An API/Schema registry - stores APIs and Schemas. Contribute to Apicurio/apicurio-registry development by creating an account on GitHub.