[Terraform / EKS] Build EKS and Karpenter by Terraform.
![[Terraform / EKS] Build EKS and Karpenter by Terraform.](https://nimtechnology.com/wp-content/uploads/2023/09/image-29.png?v=1695356502)
Thấy bài này hay nên mình lưu lại:https://itnext.io/terraform-building-eks-part-3-karpenter-installation-124b4ced729f
Category: Kubernetes & Container
[EKS] Adjusting things to migrate EKS legacy to new versions.
![[EKS] Adjusting things to migrate EKS legacy to new versions.](https://nimtechnology.com/wp-content/uploads/2023/09/Untitled4.png?v=1695114311)
Nếu anh em đã có provison eks windows trước đó thì anh có thể thấy 2 thành phần: vpc-admission-webhook and vpc-resource-controller trong eks cluster của anh em. Nhưng ở các version mới của eks từ 1.23 + thì aws ko còn sử dụng chúng nữahttps://docs.aws.amazon.com/eks/latest/userguide/windows-support.html#enable-windows-support Và chúng ta cần remove vpc-admission-webhook and vpc-resource-controller ra khỏi cluster nếu bạn đang…
Read More “[EKS] Adjusting things to migrate EKS legacy to new versions.” »
[Tetragon] Security Observability and Runtime Enforcement
![[Tetragon] Security Observability and Runtime Enforcement](https://nimtechnology.com/wp-content/uploads/2023/09/image-22.png?v=1694944948)
Tetragon is a flexible Kubernetes-aware security observability and runtime enforcement tool that applies policy and filtering directly with eBPF, allowing for reduced observation overhead, tracking of any process, and real-time enforcement of policies. https://isovalent.com/blog/post/can-i-use-tetragon-without-cilium-yes/
[Docker] Setup Docker for Windows Containers (NO Docker Desktop Needed!)
![[Docker] Setup Docker for Windows Containers (NO Docker Desktop Needed!)](https://nimtechnology.com/wp-content/uploads/2023/09/image-15.png?v=1694796262)
Setting up Docker for Windows Containers manually is not really that hard to do. You can use Docker for Desktop, but if you don’t want to pay for a license, you can easily set up the Docker Daemon and CLI utilities to work with all your favorite development tools like Visual Studio or VS Code….
Read More “[Docker] Setup Docker for Windows Containers (NO Docker Desktop Needed!)” »
[Windows Docker] How to run the Windows Container on Local.
![[Windows Docker] How to run the Windows Container on Local.](https://nimtechnology.com/wp-content/uploads/2023/08/image-35.png?v=1693206492)
Your Docker host is configured to run Linux containers inside of a VM. To run Windows containers, you need to right click on the Docker icon in the system tray, and select “Switch to Windows containers…” in the Docker menu. This option is not available in “Home” versions of Windows. Documentation is available here.
[coroot] Metrics, logs, and traces by Coroot
![[coroot] Metrics, logs, and traces by Coroot](https://nimtechnology.com/wp-content/uploads/2023/08/image-31.png?v=1693193067)
Coroot is an open-source eBPF-based observability tool that turns telemetry data into actionable insights, helping you identify and resolve application issues quickly. You can look into the Coroot at: https://github.com/coroot/coroot
[K8s] Signals and the “kubectl delete” command
![[K8s] Signals and the “kubectl delete” command](https://nimtechnology.com/wp-content/uploads/2023/08/2023-08-16_08-27.png?v=1692149369)
Copy at: https://www.acritelli.com/blog/kubectl-delete-sigkill/ Some colleagues and I were recently implementing a Chaos Monkey style test against a Kubernetes deployment. The goal was to forcibly kill an application to understand how it behaved. Specifically, we were looking to see if the application engaged in some atomic I/O operations that were safe, even if they ungracefully terminated while data…
Read More “[K8s] Signals and the “kubectl delete” command” »
[K8s] Auto-Restarts your k8s apps on Config Changes with Reloader
![[K8s] Auto-Restarts your k8s apps on Config Changes with Reloader](https://nimtechnology.com/wp-content/uploads/2023/08/image-18.png?v=1691685978)
Mình clone bài từ link này: https://www.linkedin.com/pulse/auto-restarts-your-k8s-apps-config-changes-reloader-cuong-nguyen-duc/?utm_source=share&utm_medium=member_android&utm_campaign=share_via Cá nhân mình thì thấy tool này vừa hay và vừa thừaNên thôi cứ lưu lại Keeping your applications up-to-date with the latest configuration changes can be challenging. Reloader, an open-source Kubernetes operator, detects changes to ConfigMaps and Secrets and automatically restarts your deployments to ensure a smooth…
Read More “[K8s] Auto-Restarts your k8s apps on Config Changes with Reloader” »
[HPA] How does HPA scale down Pod on Kubernetes?
![[HPA] How does HPA scale down Pod on Kubernetes?](https://nimtechnology.com/wp-content/uploads/2023/08/image-3.png?v=1691140317)
Bạn có thắc mặc HPA sẽ scale download như thế nào không? Here are some additional details on how the Horizontal Pod Autoscaler (HPA) handles pod terminations when scaling down: So in summary, the HPA adjusts replica counts, the pod controllers gracefully terminate pods to reach desired counts, using configurable delays and grace periods to…
Read More “[HPA] How does HPA scale down Pod on Kubernetes?” »
[DevSecOps] Anonymous Authentication in Kubernetes
![[DevSecOps] Anonymous Authentication in Kubernetes](https://nimtechnology.com/wp-content/uploads/2023/07/image-19.png?v=1689218719)
Nguồn: https://krolcloud.com/blog/anonymous-authentication-in-kubernetes/?fbclid=IwAR1U9U6yzxJoF6tKwUQgkHAyqpB-mL8RMJ_ot8SLaXzseHKPEfZEMfDKHi4 Kubernetes Anonymous Users Let’s uncover the details of Kubernetes 💥anonymous users and how 💥RBAC tooling works with anonymous access. By default, every request to the Kubernetes API that isn’t otherwise associated with a specific user is treated as coming from an anonymous user. This can be startling at first glance, with some wondering…
Read More “[DevSecOps] Anonymous Authentication in Kubernetes” »