This article describes a set of best practices for building containers. These practices cover a wide range of goals, from shortening the build time, to creating smaller and more resilient images, with the aim of making containers easier to build (for example, with Cloud Build), and easier to run in Google Kubernetes Engine (GKE).
These best practices are not of equal importance. For example, you might successfully run a production workload without some of them, but others are fundamental. In particular, the importance of the security-related best practices is subjective. Whether you implement them depends on your environment and constraints.
This page shows how to configure process namespace sharing for a pod. When process namespace sharing is enabled, processes in a container are visible to all other containers in the same pod.
You can use this feature to configure cooperating containers, such as a log handler sidecar container, or to troubleshoot container images that don't include debugging utilities like a shell.
Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster.
THREAD: Isolating a pod for troubleshooting This technique helps you with debugging running Pods in production The Pod is detached from the Service (no traffic), and you can troubleshoot it live Let's get started!
This post is based on a webinar i've previously given where I go through some of my favourite tips for working with Kubernetes clusters all day long. The goal of all of these techniques is to make my life easier and (hopefully) less error prone. I start off with the first 5 tips being applicable to anyone working with Kubernetes and can be picked up right away. From there I move on to a couple that would benefit from having some old-skool Linux sys-admin experience. Finally I finish of with some more advanced techniques that require some previous programming experience.
Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases in one shot - GitHub - helmfile/helmfile: Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases in one shot
Hello, we shall run the OWASP juice shop as a deployment, and expose it as a service in a local kubernetes cluster launched with kind. Hence, familiarity with kubernetes deployment and service is essential to follow along. You can try this with any cluster, though I am using a cluster that was launched with kind. For those not aware, kind is a tool that makes launching k8s clusters on your local machine easy.
kubectl plugin to browse Kubernetes object hierarchies as a tree 🎄 (star the repo if you are using) - GitHub - ahmetb/kubectl-tree: kubectl plugin to browse Kubernetes object hierarchies as a tree 🎄 (star the repo if you are using)
FoldFold allExpandExpand allAre you sure you want to delete this link?Are you sure you want to delete this tag?
The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community