Klock

Problem In an event-driven system like Kubernetes, access to a resource can be restricted with RBAC. RBAC is not designed to execute a mandatory or exclusive lock on a particular resource. It is not impossible, but I found it complicated and error-prone. Sometimes I want: The CronJob named daily-report is constant. No one can DELETE or UPDATE it. A workload payroll can be modified only by the actor with UID aa-dd-f445-d-55-d and no one else....

September 7, 2022 · 2 min · rnemet

Pod

..is the smallest deployable unit one can create and manage inside Kubernetes(K8s). A Pod can have one or more running containers, so it is a set of running containers. What is a container? A container image is a binary containing an application you created and all that needs for its running like system and application libraries, configuration files, etc. When you run a container image it becomes container. You can imagine a container image as a software-package but when you run it becomes container....

March 21, 2021 · 6 min · rnemet

Kubernetes in the bottle: k3d and k3s

Everyone wants to play with the Kubernetes(K8s). There are many options from Google, AWS, Heroku, etc. They offer free tiers that anyone can play with. But what if you want to have your K8s. On your laptop, for fun or to learn something new, without any restrictions. What is k3s The K3s is lightweight k8s by the rancher for Linux. K3s is intended to work with low resources and IoT devices....

March 11, 2021 · 5 min · rnemet