Articles Today I Learnt FM

kubernetes

A few things about Cilium and DNS on

Some learnings from the webinar I attended yesterday:

FQDN, PQDN, hostnames and root zones

You can tell the DNS resolver to not traverse the search path if you explicitly put a full stop …

Kubernetes UI to run the homelab
Something I have put together with Django and K3s
homelab kubernetes hex
Building a Kubernetes operator - Laying the foundations
Demistifying operators by building a basic one that interacts with AWS IAM
operator kubernetes
Trying KEDA HTTP addon
Exploring how it builds on top of KEDA and testing how it performs
keda kubernetes
Container ports do not have to be exposed explicitly in Kubernetes pods on

All containers that are part of a pod have the same network namespace, and (can) bind to all IPs in that namespace. Kubernetes does not offer any implicit filtering between pod network namespace and …

AWS throttles DNS requests to the VPC resolver on

At work we use CoreDNS to forward queries to the VPC resolver, as we run most of our services in Kubernetes. What that means is that we are routing all DNS queries through a few machines, and we …

Minimal Helm resource generator
Using for loops to generate lightly customized resources
helm kubernetes
Cluster autoscaler does not scale down nodes when pods have in-memory storage attached on

In some of our pods we use a temporary storage, to exchange data between the containers that belong to the same pod.


> k describe pod customersite
.......
Volumes:
...
  sockets:
    Type: …
You cannot restrict pod/exec permission to subsets of pods in a namespace on

While it is possible to craft a role using wildcards in the resource names, it will not work to restrict pod/exec permissions. Let’s test this:

Let’s start with some basic RBAC rules and …

Common operations on Bottlerocket
Some of the things that we routinely do on our EKS nodes
kubernetes eks
Page 1