This guide walks you through enabling user namespaces in Kubernetes, allowing containers to run as root inside the pod while being mapped to a non-root user on the host. This enhances isolation and security, and makes it possible to allow…
In this blog post, I have summarized how I have set up a single-node Kubernetes cluster version 1.32 on a fresh Ubuntu 24.04 with dual-stack IPv4/IPv6 support. Tested with: Ubuntu 24.04 Kubeadm 1.32.3 CRI-O 1.32 Calico 3.29.3 Part 1: Prepare…
Why Replace Containerd with CRI-O in Kubernetes? Switching container runtimes again might seem unnecessary after the recent move from Docker to containerd. However, CRI-O offers unique features like enhanced Kubernetes compatibility and improved security. For example, I used CRI-O to test…
In Kubernetes v1.27, the InPlacePodVerticalScaling feature was introduced as an alpha capability, allowing you to adjust CPU and memory resources of running pods without restarting them. This feature can reduce downtime and make resource scaling more efficient. In this guide,…
ChatGPT helped in this task, but some commands did not work immediately, so I had to ask ChatCPT how to fix the errors I encountered. The command presented here leads through the process of installing Kubernetes using kubeadm on a…
For a quick test of horizontal autoscaling of an NginX deployment, we need the following ingredients: a metrics server installation to be able to measure the POD’s CPU an nginx deployment with a CPU reservation an auto scaler configuration a…
What is the CKA? The Certified Kubernetes Administrator (CKA) certification proves you have hands-on experience managing Kubernetes clusters. How did I learn Kubernetes? Three years ago, I purchased a 4-day classroom Kubernetes Administration course (LFS458) from FastLane. It was not…
Here, we show as shortly as possible how we can place a POD on the controlplane node on killerkoda CKA playground: Task: place a POD on the controlplane POD using Affinity Find documentation: kubernetes.io –> Documentation –> Search „affinity“ –>…
This is a cheat sheet on how to perform backup&restore of the etcd server in kubernetes quickly. Test this on Killercoda Play with Kubernetes tl;dr Find reference: https://kubernetes.io –> Documentation –> Search „etcd backup restore“ –> you will find: Operating etcd…
This is a cheat sheet created during the last upgrade of a CentOS-based Kubernetes cluster serving Developer’s Cloud Desktops to our customers. TLDR; style. The commands are tested on CentOS 7. For Ubuntu, replace sudo yum install -y kubeadm-1.25.4-00 –disableexcludes=kubernetes…
Migration of the kubeadm-based Kubernetes from Docker to containerd should be easy. In my case, it wasn’t. Wrong information found on the Internet combined with the incompatibility of the used Kubernetes and containerd versions has caused major problems. Fortunately, I…
In this article, we will have a look at Kubernetes logging. We will look, how Kubernetes logging is related to Docker logging. References: kubernetes.io: Logging Architecture Docker Logging: A Complete Guide by sematext.com Docker’s official documentation on Logging Step 0:…
In this article, we will learn how Kubernetes Liveness Probes and Kubernetes Readiness Probes help us improve the continuity and availability of Kubernetes Services. For that, we will learn how Kubernetes uses probes to decide, whether an application is up…
Install and explore the Kubernetes Metrics Server in a hands-on lab. View the CPU and Memory consumption of cluster nodes, applications, and containers.
In this article, we will create Kubernetes Persistent Volumes, change access modes, and add Kubernetes Persistent Volume Claims. Moreover, we will gain some understanding of Kubernetes Storage Objects.
We use NginX-based Kubernetes Ingress Controllers to make Kubernetes Services available to the outside world. In our example, three separate applications share the same IP address and port. We show, how to retrieve the NginX configuration from the Ingress Controller. Moreover, we show how to install a newer NginX version provided by NginX INC.
How to get hands-on experience with Kubernetes affinity and anti-affinity for both, node affinity as well as POD affinity for „soft“ and „hard“ rules.
In this blog post, we will get hands-on experience on Kubernetes taints and tolerations. Taints are used to repel PODs from running on a certain set of nodes, while tolerations in the POD’s specification allows the POD to ignore the corresponding matching taint.
Tutorial with a hands-on lab on Kubernetes Labels and Node Selectors, which are used to control, which PODs are scheduled on which set of Kubernetes Nodes.
Kubernetes Services provide us with a means to load-balance between many instances of an application running on a data center. Moreover, they help make accessible the service from the Internet. Here, we will show, how PODs, endpoints, container-ports, and node ports are bound together by means of Kubwernetes Services.