If you need to inspect kubectl
network traffic, you can add verbose logging
options (-v=8
or higher) to any kubectl
command and you can see the URLs,
request and response body/headers (except authorization). These headers usually
are not complete, because more headers are added after the request is logged. To
have a complete view, you need to intercept traffic using a local proxy like
mitmproxy.
If you are developing containers you must have heard the “single process per
container” mantra. Inherently, there’s nothing wrong1 with running multiple
processes in a container, as long as your ENTRYPOINT
is a proper
init process. Some use cases are having processes are aiding each other
(such as a sidecar proxy process) or porting legacy applications.
Recently, I had to spawn a sidecar process inside a container. Docker’s own
tutorial
for running multiple processes in a container is a good place to start, but not
production-ready. So I outsourced my quest on Twitter to find an
init
replacement that can:
init
process) responsibilities like zombie child
reaping and signal forwarding.In this article I explored pros and cons of some of the options like
supervisord, runit, monit, tini/dumb-init, s6 (audience favorite),
and tini+bash4.x combo (personal favorite).
If you’re using Google Kubernetes Engine and deploying to it from
headless environments like CI/CD, you’re probably installing the gcloud
command-line tool (perhaps every time) you run a build. There’s a way to
authenticate to GKE clusters without gcloud
CLI!
There is a
kubeconfig
file behind every working kubectl
command.1 This file typically lives at
$HOME/.kube/config
. Having written kubectx, I’ve interacted with
kubeconfigs long enough to write some tips about how to deal with them.
In my previous article on kubectl plugins, I explained how kubectl plugins work and how you can develop your own plugins. If “kubectl plugins” are new to you, read that article first.
In this article, I will explain why we have developed a kubectl plugin manager
at Google, and how it addresses some of the usability, discoverability and
packaging problems around kubectl plugins.
Did you know you can create and distribute your own kubectl
commands? As of
Kubernetes 1.12, kubectl now allows adding external executables as subcommands.
In this blog post, I’ll explain how kubectl plugin mechanism works, why plugins
are useful, how you can write your own plugins, and current challenges in the
plugin ecosystem.
Kubernetes keeps applications running while you’re asleep: This is mostly thanks to the “Readiness and Liveness Probes”. If you don’t know about them, read this cool article.
This article is about some health check patterns I have seen in the wild for
applications that are not natively supporting Kubernetes-native probes.
I’ve given a talk with @yoshiat (PM, Google Kubernetes Engine) at Google Cloud Next'18 about Kubernetes Multi-Tenancy Best Practices in San Francisco last month!
You can watch the recording and look at the slides.
Skaffold is my top
Kubernetes developer tool of the year so far. Since its accidental
reveal about 3 months ago, it
already got 3,700 stars on GitHub. Clearly the community is lovin’ it.
If you are using Minikube or Docker for Mac/Windows to run your
Kubernetes deployments locally, I have developed a tool to restart containers
automatically when their images are rebuilt: Check out freshpod on GitHub!