Tag : operations

Using Kubernetes ConfigMaps As Code

Photo by Ryan Moulton on Unsplash A ConfigMap is a set of named bits of data. They allow Kubernetes operators to supply additional runtime configuration to the images they are spinning. They can be the source of environment variables. They can even be the source of files on-disk. Consider the nginx image on Docker Hub.

James Hunt Profile Image

Posted by:
James Hunt

Read More ➝
Managing Your k8s Cluster via DaemonSets

This one goes out to all the cluster operators. It really isn’t fair. All those application folks get to play with cool stuff like automatic traffic routing based on label matches, process resurrection, and more. All services provided by the clusters we run. We’re still on the hook for figuring out how to spin those

James Hunt Profile Image

Posted by:
James Hunt

Read More ➝
Protecting Yourself with Pod Security Policies

I listen to a lot of folks talk about their Kubernetes strategy as a means of apportioning a finite, limited resource (compute) among a wide and varied set of people, usually application developers and operations nerds, with an eye toward isolation. I have bad news for you. Kubernetes isn’t about isolation, not in the security

James Hunt Profile Image

Posted by:
James Hunt

Read More ➝
Deployments, StatefulSets, and DaemonSets: A Field Guide

At the heart of any Kubernetes deployment strategy lies The Pod. The workhorse of distributed container solutions, the Kubernetes Pod glues together a bunch of containers to a single networking stack and process namespace. Pod processes can communicate with one another over loopback (127.0.0.1), and signal each other using POSIX signal(7) mechanics. Strange then, that

James Hunt Profile Image

Posted by:
James Hunt

Read More ➝
Standing up Vault using Genesis

A few of our recent posts related to standing up BOSH deployments using Genesis have all revolved around needing Vault to store your credentials safely. The vault-boshrelease makes this fairly straightforward, but there’s now a Genesis Vault template to make running Vault even easier! The procedure is similar to the other Genesis deployments: $ genesis

GeoffFranks Profile Image

Posted by:
GeoffFranks

Read More ➝
Managing Multiple BOSH Environments with Genesis

If you’ve ever deployed Cloud Foundry via BOSH, you know how complicated BOSH’s deployment manifests can be – thousands of lines, many properties, many of which are repeated. This problem gets compounded when you start to host multiple copies of your BOSH deployments, such as for a sandbox, preproduction, and prod environment. Many of these

GeoffFranks Profile Image

Posted by:
GeoffFranks

Read More ➝