Skip to main content

Kubernetes Tips and Tricks (WIP)

Sharing some of the tips and tricks, that will be helpful while operating on kubernetes clusters.

* If you are working on multiple kubernetes clusters running with different versions, its hard to remember apiVersion for kubernetes objects.This can be sorted out by using following commands

  kubectl api-resources : This will show kubernetes objects, their short names, kind and whether they can be namespaced. Here we can get apiGroup of the object we are looking for. If apiGroup is empty, it means object belongs to core api group(v1)

 


  We can look for versions available for given api group by using kubectl api-versions command 

  kubectl api-versions
  admissionregistration.k8s.io/v1beta1
  apiextensions.k8s.io/v1beta1
  apiregistration.k8s.io/v1
  apiregistration.k8s.io/v1beta1
  apps/v1
  apps/v1beta1
  apps/v1beta2
  extensions/v1beta1
  
  Order of kubernetes feature maturity:  v1alpha1 - v1alpha2..v1alphaN - v1beta1 - v1beta2..v1betaN - v1, we should always take latest version available.

  Looking at above, we can say deployment object apiVersion is  apiVersion: apps/v1

  

 

Labels:

Comments

Post a Comment

Popular posts from this blog

Insights about Certified Kubernetes Administrator(CKA)

Attending certification exams is one of the way to test our skills and to check whether we are moving in right direction towards understanding technology properly. I have taken CKA exam in December 2018 and passed it with 92%. Overall it was very good experience, it's not that tough if you are already working on kubernetes clusters. Major advantage of taking up CKA is we will be able to cover almost all kubernetes concepts, core components and features etc during preparation. Normally in day to day work, we do not get opportunity to cover everything. Experiences: As a first step, I have read CKA experiences in Internet, it certainly gave me an idea how to prepare and how exam pattern looks like. Sharing some of the links. https://linuxacademy.com/community/posts/show/topic/25094-cka-exam-experience-and-some-useful-tips https://suraj.pro/post/journey-to-cka/ https://suraj.io/post/road-to-cka/ https://medium.com/@walidshaari/kubernetes-certified-administrator-cka-43a25ca4c61...
3 comments
Read more

Generate and configure TLS certs for an application in Kubernetes at Ingress level

TLS basic working model:  Secure communication between the two entities is paramount in today's digital world. TLS provides the secure end to end communication between two machines over a network. Classic example of TLS model is accessing www.google.com(server) via browser(client). Following basic steps are involved * Client makes a call, when URL was entered in browser * Server sends its certificate * Browser will check any Root CA present for server certificate, if its present it will validate via digital sign. If not it asks user to trust the certificate, happens when we use self signed certificates. *  Client sends its certificates, will be verified at server, its optional * Once verification is done, it starts exchanging encrypting messages, which will be only decrypted using certs and keys at their end. Generating TLS certs: There are many tools in market through which we can generate certs. Openssl is one of the widely used opensource tool, we will ...
Post a Comment
Read more

Mutual authentication between microservices in kubernetes cluster

Earlier in this post, we have talked about TLS Working model and configuring it for application in kubernetes . Basically any HTTPS server open for client connections, will present a server certificate to client to verify against its trusted certificate authorities and if success, it does basic TLS handshake. Its more of a validating whether sever domain is authentic, using server certificate. What if there is a security requirement where client needs a valid certificate before it access server content, this is where mutual authentication fits in. Its basically establishing secure encrypted communication between two parties and authenticity of each party will be verified at other party end with presented certificate against certificate authority. The following diagram demonstrates steps involved in mutual authentication 1. Client requests sever for its content 2. Server replies back by presenting its server certificate 3. Server's identity will be tested by client using...
1 comment
Read more