Kubernetes

Cilium is an advanced, eBPF-based CNI plugin for Kubernetes which offers direct routing, eliminates the needs of kube-proxy & iptables, network policies, load balancing, and observability (real-time network traffic monitoring and tracing with Hubble). One of the notable feature of Cilium is its deep integration of eBPF, which facilitates advanced networking capabilities, such as direct routing, without the performance penalties associated with overlay networks. This results in better scalability and improved resource usage, especially for large-scale clusters....

So you just deployed your kubernetes cluster and got the kubeconfig file to interact with it. What if you lose that file or want to share it only with trusted individuals? In this case, we can protect the kubeconfig file against OIDC authentication. Authentik is an open-source identity provider that can be integrated with an existing environment to enhance security through various authentication protocols. In this guide, we will see how to integrate Authentik OIDC with Google Kubernetes Engine (GKE) to add an extra layer of security for interacting with the cluster....

If you are running PHP-FPM applications in Kubernetes, you have likely hit by the following warning: WARNING: [pool www] server reached pm.max_children setting, consider raising it. When this happens, applications load very slowly. So what you need to do is configure the pm.max_children accordingly. We can adjust the FPM configuration and add more pods horizontally in order to deal with the max_children issue. Prerequisite: Make sure you have the Prometheus/VictoriaMetrics stack with Grafana installed....

In this tutorial we will see how to setup K3s cluster on oracle cloud. We also configure load balancer and ingress controller which is a bit tricky to setup on bare-metal cluster. Oracle gives free ARM compute resources (24GB RAM & 4 vCPUs) which is enough for running Kubernetes cluster on cloud without any penny. You can launch two ARM VMs (dividing the resources between two, like 12+12GB ram and 2+2 vCPUs) for making one node as master and another for worker....

Centralized logging is one of the essential part in Kubernetes environment. In this tutorial, we will deploy Elasticsearch, Fluend and Kibana with Helm chart for logging. Elasticsearch is a scalable search engine which is mainly used to index and search within the vast volumes of log data. Fluentd collects the data from pods and nodes (deployed in each nodes via daemonsets) and transform and ship the logs to the Elasticsearch....

GlusterFS is a network attached distributed storage solution that connects multiple storage pool from different machines and act as a simple unified storage. It’s a high available, durable storage solution that can scale out and able to store petabyte of data. In this tutorial, we will see how to setup GlusterFS volume for Kubernetes cluster. Prerequisite First, you need a working multi-node Kubernetes cluster. You can follow my other tutorial on Deploy multi-node Kubernetes Cluster locally with Rancher....

Rancher is a complete Kubernetes management tool which simplifies the Kubernetes cluster management. It is an open-source multi-cluster orchestration platform which addresses operational and security challenges. In this tutorial, we will use Rancher to deploy our Kubernetes cluster locally. Prerequisite: Before starting, we need to setup a static private IP to our host machine. In my case it is 192.168.1.185. It might be different on your side. So grab your private IP address from the network interface....

Kubernetes is a very dynamic environment. In order to monitor this, we need a tool like Prometheus which can monitor such dynamic environment. In this tutorial, we will setup Prometheus which will collect the data from Kubernetes cluster and visualize it in Grafana. We will use Helm chart to setup Prometheus and Grafana easily 😎 Prerequisite A dynamic persistent provisioner. You can check my other guide on Setting up dynamic NFS provisioning in Kubernetes with Helm 3....

(updated: 2-Oct-2022) In this tutorial, we will setup dynamic NFS provisioning so that whenever a user needs the storage, the storage will be provisioned automatically without the interference of the cluster administrators. Without the dynamic NFS provisioning, the cluster admin needed to pre-provision the storage manually for the users. There are several ways of setting up dynamic NFS provisioning. However, by using a Helm chart, we can easily set this up in a minute 😉...