The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,651 other followers

Archive for the ‘Docker’ Category

Update NOW! CVE-2018-1002105, with root access. ​Kubernetes’ first major security hole discovered | ZDNet

Posted by jpluimers on 2018/12/04

From [WayBack] ​Kubernetes’ first major security hole discovered | ZDNet in reverse order:

Fortunately, there is a fix, but some of you aren’t going to like it. You must upgrade Kubernetes. Now. Specifically, there are patched version of Kubernetes [WayBackv1.10.11,  [WayBack] v1.11.5, [WayBackv1.12.3, and [WayBackv1.13.0-rc.1.

[WayBack] Red Hat said, “The privilege escalation flaw makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes pod. [WayBackThis is a big deal. Not only can this actor steal sensitive data or inject malicious code, but they can also bring down production applications and services from within an organization’s firewall.”

And the bug, [WayBackCVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It’s a [WayBackCVSS 9.8 critical security hole.

Via [WayBack] ​Kubernetes’ first major security hole discovered | ZDNet – Ondrej Kelle – Google+

–jeroen

Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User, Security | Leave a Comment »

The Illustrated Guide to Kubernetes – The Isoblog.

Posted by jpluimers on 2018/07/23

One day you will do containers.

If you want to know how k8n (Kubernetes) can help you with Docker containers, then read [WayBackThe Illustrated Guide to Kubernetes – The Isoblog. and watch the video below.

Very well explained!

Via: [WayBack] The Illustrated Children’s Guide to Kubernetes http://blog.koehntopp.info/index.php/1450-the-illustrated-guide-to-kubernetes/ You can now stop recommending it to me. – Kristian Köhntopp – Google+

 

–jeroen

Read the rest of this entry »

Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User | Leave a Comment »

Sometimes clouds vaporise: the Docker Cloud shuts down in ~8 weeks.

Posted by jpluimers on 2018/03/26

From [WayBackDocker – Docker Cloud Migration Notification and FAQs:

The services on Docker Cloud that provide application, node, and swarm cluster management will be shutting down on May 21.

If you do not migrate by May 21, your applications running on the Docker node cluster management service will cease to operate.

Swarms will continue to function; however, if you do not retrieve your SSH keys for the Swarms being managed by our swarm cluster management service, you will be unable to access your swarms using your Docker ID. For instructions on how to retrieve and access your Swarms with SSH keys, please refer to the Docker docs.

So soon, no more [WayBack] Docker Cloud – Build, Ship and Run any App, Anywhere.

Remember: still the cloud is other peoples computers, so be sure you can move when needed.

–jeroen

Posted in Cloud, Cloud Development, Containers, Development, Docker, Infrastructure, Power User | Leave a Comment »

Scott Hanselman on Witter: “Why should I care about Kubernetes, Docker, and Container Orchestration?”

Posted by jpluimers on 2018/02/08

An important question for many people, so if you want to know more or get started: [WayBack] Scott Hanselman on Twitter: “Why should I care about Kubernetes, Docker, and Container Orchestration?” followed by:

Yes, AKS is Azure Container Services (go figure!).

Notes

  • For burning, Scott recommends [WayBack] Etcher: Burn images to SD cards & USB drives, safely and easily (which is now also available as experimental [WayBackEtcher CLI), I tended to use a script like below since I’m a command-line person, but since Etcher does write and verify in one run, I’m considering switching:
    1. find where the SD card is mounted on your Mac: diskutil list
    2. sudo su -
    3. execute this from the directory where you downloaded filling in targetDevice with the value from diskutil list

    targetDevice="disk9"
    imageName="2017-11-29-raspbian-stretch-lite"
    unzip -o ${imageName}.zip
    diskutil umount "/dev/${targetDevice}s1"; \
    dd bs=1m of="/dev/r${targetDevice}" if=${imageName}; \
    sync; \
    diskutil list; \
    diskutil eject "/dev/${targetDevice}"

–jeroen

Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User | Leave a Comment »

jessie frazelle on Twitter: “Hire the people who will automate themselves out of a job, then just keep giving them jobs.”

Posted by jpluimers on 2017/12/31

This is what DevOps is all about: [WayBackjessie frazelle on Twitter: “Hire the people who will automate themselves out of a job, then just keep giving them jobs.”

I had seen the tweet before, but forgot to save it. Jonas Bandi reminded me of it at [WayBackWeekend Reader: End of Year Edition – reality-loop.

Jessie is doing great work. For instance, she developed and published contained.af, and nobody captured the flag yet: [WayBack] jessie frazelle on Twitter: «A year ago I made contained.af and it’s launched over 128,000 containers & no one has retrieved the flag».

The game runs in a container, gives you console access and has a bunch of questions. Still need to dig deeper in it, as it is a fascinating set-up. If you like to try it:

Wishing you a year where nobody captures your flags (:

–jeroen

via [WayBack] I just published my “Weekend Reader: End of Year Edition” – Jonas Bandi – Google+

Read the rest of this entry »

Posted in Agile, Cloud, Containers, Development, DevOps, Docker, Infrastructure, Kubernetes (k8n), LifeHacker, Power User, Software Development | Leave a Comment »

 
%d bloggers like this: