linux, devops, sre, cloud, virtualization, containers, performance tunning, golang…
Kubernetes and CronJobs
Recently I was doing a recap of what was hidden in the managed version of Kubernetes.
Kubernetes and resolv.conf
Recently I was writing about Tailscale and what surprised me a little bit was handling the /etc/resolv.
Tailscale met Kubernetes
In my previous blog entry, I mentioned Tailscale support in Kubernetes.
Tailscale - first met
I was looking for a VPN solution to make connectivity between my devices and my self-hosted Kubernetes cluster running in the cloud.
Terraform and Kubernetes YAML manifests
From time to time I need to use Terraform to deploy resources in the Kubernetes cluster.
SSH Jump Server once again
The previously presented idea of the jump server was ok, but it doesn’t scale well.
SSH Jump Server
One of the simplest solutions to get access to services behind the NAT gateway is to go through the jump/bastion ssh server.
kbld - digest reference to container image
Let’s imagine the situation when the deployment Kubernetes manifest is referencing the latest image tag of third-party software like this:
KeePassXC - CLI version
Recently I was wondering how to protect some sensitive files that are being used to get access to production services.
kube-rbac-proxy - how to protect access to your app in the Kubernetes environment
Whenever you want to expose some endpoints even to the inside world like in Kubernetes, you think twice about the security impact especially when you’re not using service mesh or simple network policy for protection.