Skip to main content

Kubernetes Tips and Tricks (WIP)

Sharing some of the tips and tricks, that will be helpful while operating on kubernetes clusters.

* If you are working on multiple kubernetes clusters running with different versions, its hard to remember apiVersion for kubernetes objects.This can be sorted out by using following commands

  kubectl api-resources : This will show kubernetes objects, their short names, kind and whether they can be namespaced. Here we can get apiGroup of the object we are looking for. If apiGroup is empty, it means object belongs to core api group(v1)

 


  We can look for versions available for given api group by using kubectl api-versions command 

  kubectl api-versions
  admissionregistration.k8s.io/v1beta1
  apiextensions.k8s.io/v1beta1
  apiregistration.k8s.io/v1
  apiregistration.k8s.io/v1beta1
  apps/v1
  apps/v1beta1
  apps/v1beta2
  extensions/v1beta1
  
  Order of kubernetes feature maturity:  v1alpha1 - v1alpha2..v1alphaN - v1beta1 - v1beta2..v1betaN - v1, we should always take latest version available.

  Looking at above, we can say deployment object apiVersion is  apiVersion: apps/v1

  

 

Labels:

Comments

Post a Comment

Popular posts from this blog

Release and Tagging strategy for Microservices running on Kubernetes

Releasing product is one of the critical phase of software development life cycle, so much brainstorming will go in to design versioning and release strategy for a product. In olden days, it was all different, applications were monolithic, build and release management teams used to build this, entirely as a package (.WAR or .EAR files) by creating one version and putting it in artifact repository, triggering a process to deploy package in application servers. Versioning is pretty straight forward because it is monolithic and treated as one application. Now things are changed, considering complexity and inflexibility of monolithic application, people has opted to build application as set of smaller and interconnected services called microservices. In effect of this, versioning and releasing of individual microservices and for overall application became complex. There are no straight forward principles which solves problem, it entirely depends on various factors like branching strateg...
Post a Comment
Read more

Insights about Certified Kubernetes Administrator(CKA)

Attending certification exams is one of the way to test our skills and to check whether we are moving in right direction towards understanding technology properly. I have taken CKA exam in December 2018 and passed it with 92%. Overall it was very good experience, it's not that tough if you are already working on kubernetes clusters. Major advantage of taking up CKA is we will be able to cover almost all kubernetes concepts, core components and features etc during preparation. Normally in day to day work, we do not get opportunity to cover everything. Experiences: As a first step, I have read CKA experiences in Internet, it certainly gave me an idea how to prepare and how exam pattern looks like. Sharing some of the links. https://linuxacademy.com/community/posts/show/topic/25094-cka-exam-experience-and-some-useful-tips https://suraj.pro/post/journey-to-cka/ https://suraj.io/post/road-to-cka/ https://medium.com/@walidshaari/kubernetes-certified-administrator-cka-43a25ca4c61...
3 comments
Read more

Mutual authentication between microservices in kubernetes cluster

Earlier in this post, we have talked about TLS Working model and configuring it for application in kubernetes . Basically any HTTPS server open for client connections, will present a server certificate to client to verify against its trusted certificate authorities and if success, it does basic TLS handshake. Its more of a validating whether sever domain is authentic, using server certificate. What if there is a security requirement where client needs a valid certificate before it access server content, this is where mutual authentication fits in. Its basically establishing secure encrypted communication between two parties and authenticity of each party will be verified at other party end with presented certificate against certificate authority. The following diagram demonstrates steps involved in mutual authentication 1. Client requests sever for its content 2. Server replies back by presenting its server certificate 3. Server's identity will be tested by client using...
1 comment
Read more