Articles Today I Learnt FM


You cannot restrict pod/exec permission to subsets of pods in a namespace on

While it is possible to craft a role using wildcards in the resource names, it will not work to restrict pod/exec permissions. Let’s test this:

Let’s start with some basic RBAC rules and …

That you can impersonate pods in K8s on

Useful feature when you are developing against a cluster API is to act as the pod where your feature will be deployed.

In Kubernetes every pod is automatically assigned a service account. This is …

How to include AWS-specific info when using kubectl get nodes on

The standard configuration when using kubectl get nodes is meant to be working for any cluster, therefore does not include any specific information about the K8s distribution you are using.

At work we …

Page 1