How would you debug a Docker container that has no shell, no tools, but a single
statically-compiled executable? Creating docker images FROM scratch
is a trend
on the rise, but is it really taking away our debugging capabilities?
Minikube is a great tool! Almost everybody begins Kubernetes with it and
continues to use it all the time. I figured out a way to use single-node
GKE clusters just like Minikube:
I gave a talk on Kubernetes Network Policies at
KubeCon 2017 in Austin, TX last week. It was in a lecture format: I described
how the feature works and how to configure network policies with some examples.
I run probably more than a hundred kubectl
commands on some days, as you can
tell I like to try out things. After a while I started to notice some
patterns
and realized I can pretty much condense 99% of all my kubectl
usage into
single-word bash aliases.
If I were to point out one reason why Kubernetes is taking off, I would probably
say because of its awesome community. The second reason would be the flexibility
of the Kubernetes API and how easy it
is to write custom extensions or plugins on top of it. In this article, I’ll dig
deep in a new concept: Initializers, which is a dynamic and pluggable way of
modifying Kubernetes resources before they are actually created.
Network Policies is a new Kubernetes feature to configure how groups of pods are
allowed to communicate with each other and other network endpoints. In other
words, it creates firewalls between pods running on a Kubernetes cluster. This
guide is meant to explain the unwritten parts of Kubernetes Network Policies.
With about 150 services and going strong authenticating to Google
APIs can sometimes seem intimidating to program against. In this blog post, I
will take Kubernetes Engine (GKE) as an example and show how to use its
REST API in Go and Python.