Reminder to self to check out how this move went: [WayBack] Why and how GitLab abandoned Microsoft Azure for Google Cloud | VentureBeat.
Via [WayBack] Kristian Köhntopp – Google+
–jeroen
Archive for the ‘Kubernetes (k8n)’ Category
Why and how GitLab abandoned Microsoft Azure for Google Cloud | VentureBeat
Posted by jpluimers on 2020/07/22
Posted in Azure Cloud, Cloud, Containers, Development, DevOps, Docker, GCP Google Cloud Platform, Google Kubernetes Engine, Infrastructure, Kubernetes (k8n), Software Development | Leave a Comment »
Update NOW! CVE-2018-1002105, with root access. Kubernetes’ first major security hole discovered | ZDNet
Posted by jpluimers on 2018/12/04
From [WayBack] Kubernetes’ first major security hole discovered | ZDNet in reverse order:
Fortunately, there is a fix, but some of you aren’t going to like it. You must upgrade Kubernetes. Now. Specifically, there are patched version of Kubernetes [WayBack] v1.10.11, [WayBack] v1.11.5, [WayBack] v1.12.3, and [WayBack] v1.13.0-rc.1.
…
[WayBack] Red Hat said, “The privilege escalation flaw makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes pod. [WayBack] This is a big deal. Not only can this actor steal sensitive data or inject malicious code, but they can also bring down production applications and services from within an organization’s firewall.”
…
And the bug, [WayBack] CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It’s a [WayBack] CVSS 9.8 critical security hole.
Via [WayBack] Kubernetes’ first major security hole discovered | ZDNet – Ondrej Kelle – Google+
–jeroen
Share this:
Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User, Security | Leave a Comment »
The Illustrated Guide to Kubernetes – The Isoblog.
Posted by jpluimers on 2018/07/23
One day you will do containers.
If you want to know how k8n (Kubernetes) can help you with Docker containers, then read [WayBack] The Illustrated Guide to Kubernetes – The Isoblog. and watch the video below.
Very well explained!
Via: [WayBack] The Illustrated Children’s Guide to Kubernetes http://blog.koehntopp.info/index.php/1450-the-illustrated-guide-to-kubernetes/ You can now stop recommending it to me. – Kristian Köhntopp – Google+
–jeroen
Share this:
Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User | Leave a Comment »
Scott Hanselman on Witter: “Why should I care about Kubernetes, Docker, and Container Orchestration?”
Posted by jpluimers on 2018/02/08
An important question for many people, so if you want to know more or get started: [WayBack] Scott Hanselman on Twitter: “Why should I care about Kubernetes, Docker, and Container Orchestration?” followed by:
- [WayBack] Why should I care about Kubernetes, Docker, and Container Orchestration? – Scott Hanselman
- [WayBack] How to Build a Kubernetes Cluster with ARM Raspberry Pi then run .NET Core on OpenFaas – Scott Hanselman
- [WayBack] K8s on Raspbian · GitHub
- [Archive.is] Index of /raspbian_lite/images
- [Archive.is] Index of /raspbian_lite/images/raspbian_lite-2017-07-05 (the version Scott used)
- [Archive.is] Index of /raspbian_lite/images/raspbian_lite-2017-12-01 (the version I will try to use)
- [WayBack] Quickstart – Azure Kubernetes cluster for Linux | Microsoft Docs Quickly learn to create a Kubernetes cluster for Linux containers in AKS with the Azure CLI.
- [WayBack] Reasons Kubernetes is cool – Julia Evans
- [WayBack] Setting up a managed container cluster with AKS and Kubernetes in the Azure Cloud running .NET Core in minutes – Scott Hanselman
Yes, AKS is Azure Container Services (go figure!).
Notes
- For burning, Scott recommends [WayBack] Etcher: Burn images to SD cards & USB drives, safely and easily (which is now also available as experimental [WayBack] Etcher CLI), I tended to use a script like below since I’m a command-line person, but since Etcher does write and verify in one run, I’m considering switching:
- find where the SD card is mounted on your Mac:
diskutil list sudo su -- execute this from the directory where you downloaded filling in
targetDevicewith the value fromdiskutil list
targetDevice="disk9"
imageName="2017-11-29-raspbian-stretch-lite"
unzip -o ${imageName}.zip
diskutil umount "/dev/${targetDevice}s1"; \
dd bs=1m of="/dev/r${targetDevice}" if=${imageName}; \
sync; \
diskutil list; \
diskutil eject "/dev/${targetDevice}"
- find where the SD card is mounted on your Mac:
–jeroen
Share this:
Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User | Leave a Comment »
jessie frazelle on Twitter: “Hire the people who will automate themselves out of a job, then just keep giving them jobs.”
Posted by jpluimers on 2017/12/31
This is what DevOps is all about: [WayBack] jessie frazelle on Twitter: “Hire the people who will automate themselves out of a job, then just keep giving them jobs.”
I had seen the tweet before, but forgot to save it. Jonas Bandi reminded me of it at [WayBack] Weekend Reader: End of Year Edition – reality-loop.
Jessie is doing great work. For instance, she developed and published contained.af, and nobody captured the flag yet: [WayBack] jessie frazelle on Twitter: «A year ago I made contained.af and it’s launched over 128,000 containers & no one has retrieved the flag».
The game runs in a container, gives you console access and has a bunch of questions. Still need to dig deeper in it, as it is a fascinating set-up. If you like to try it:
- [WayBack] contained.af
- [WayBack] GitHub – jessfraz/contained.af: A stupid game for learning about containers, capabilities, and syscalls.
- [WayBack] jessfraz (Jess Frazelle) · GitHub
- [WayBack] Jessie Frazelle’s Blog: Home The blog of Jessie Frazelle, hacker of all things Linux & Containers
- Build user trust: running containers securely with Google Container Engine (Google Cloud Next ’17)
- [WayBack] Capturing all the flags in BSidesSF CTF by pwning our infrastructure
Wishing you a year where nobody captures your flags (:
–jeroen
via [WayBack] I just published my “Weekend Reader: End of Year Edition” – Jonas Bandi – Google+
Share this:
Posted in Agile, Cloud, Containers, Development, DevOps, Docker, Infrastructure, Kubernetes (k8n), LifeHacker, Power User, Software Development | Leave a Comment »
