Category Ops

Stratégie de déploiement canary L’objectif est d’avoir 5% du trafic sur une autre version de l’application en utilisant la stratégie canary 1) Puisque nous avons 5 pod au total, donc on déploie 4 normalement 2) Ensuite on déploie un pod…

Installation Kong Installation de la base Postgres Soit l’installation est sur le cluster ou sur une VM Création des clés cluster openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp384r1) \ -keyout . -out . \ -days 1095 -subj…

Install Cert-Manager for details : Install cert manager kubectl apply -f Install issuer Let’s encrypt give you two environment, staging and production. Create a ClusterIssuer rather than Issuer because the Issuer have namespace scope only into staging environnement.…

Connexion SSH à distance Afin de se connecter à un serveur distant sans saisir le mot de passe sous Linux Générez les clés privée et publique avec la commande ci-dessous. Deux fichiers id_rsa.pub et id_rsa seront générés dans ~/.ssh ssh-keygen…

Architecture Single-node With a single-node deployment, all the components run on the same server. This is great for testing, learning, and developing around Kubernetes. Single head node, multiple workers Adding more workers, a single head node and multiple workers typically…

Tools for installation kubespray: : : : Kind is one of a few methods to run Kubernetes locally. It is currently written to work with Docker. Plugin networks

Network Summary Networking basics Network Namespaces CoreDns Cluster Networking Networking basics Internet The network view of internet : Backbon are big fiber cables between states or cities. the peering can be between two AS and the numerci logictic can be…

Security Summary Security Primitives Authentication and service Accounts TLS Basics and in Kubernetes Certificates API KubeConfig API Groups Authorization Role Based Access Controls (RBAC) Cluster Roles and Role Bindings Service Accounts Image Security Security Contexts Network Policy Kubectx and Kubens…