Tag: kubernetes

Total 23 Posts
kubernetes, oauth, authentication

Protect Kubernetes External Endpoints with OAuth2 Proxy

Sometimes you just want to expose some services that don't have any authentication mechanism. Many users have this issue, especially with Kubernetes, because it is damn easy to expose any service over ingress and also to have HTTPS by default with Let's Encrypt. The missing piece could be authentication in the application you want to expose. In this case, we can always leverage external authentication from GitHub, Google, and many others via OAuth. This is where OAuth2 Proxy comes into ...

https, letsencrypt, kubernetes, ingress

Get Automatic HTTPS with Let's Encrypt and Kubernetes Ingress

A few days ago I read a great post from Troy Hunt about HTTPS. The title  "HTTPS is easy" is there for a good reason! HTTPS is easy, especially with the platforms like Kubernetes. Unfortunately, not all people agree with this. I understand that for some huge organizations moving all traffic to HTTPS is not trivial, but for all others saying how Google is evil with forcing it is just nonsense. You should use HTTPS for every external endpoint and ...

kubernetes, ingress, aws

AWS Cost Savings by Utilizing Kubernetes Ingress with Classic ELB

A few months ago I wrote an article about Kubernetes Nginx Ingress Controller. That article is actually the second most popular post on this blog. It's focused on using Kubernetes ingress for on-premises deployments. But, most of the users run Kubernetes on AWS and other public cloud providers. The problem is that for each service with LoadBalancer type, AWS will create the new ELB. And that can be pricey. With Kubernetes ingress you will need only one. How Does it ...

kubernetes, autoscaling, aws

Kubernetes Cluster Autoscaling on AWS

Make no mistake, running a production Kubernetes cluster is not that easy. And, unless you use cloud resources smart you will be spending a lot of money. You only want to use resources that are really needed. When you deploy Kubernetes cluster on AWS, you define min and max number of instances per autoscaling group. You want to watch Kubernetes cluster and on insufficient resources to scale up. Also to scale down when you have underutilized nodes. The piece of ...

kubernetes, descheduler

Meet a Kubernetes Descheduler

The kube-scheduler is a component responsible for scheduling in Kubernetes. But, sometimes pods can end up on the wrong node due to Kubernetes dynamic nature. You could be editing existing resources, to add node affinity or (anti) pod affinity, or you have more load on some servers and some are running almost on idle. Once the pod is running kube-scheduler will not try to reschedule it again. Depending on the environment you might have a lot of moving parts. In ...

kubernetes, efk, monitoring, logs

Get Kubernetes Logs with EFK Stack in 5 Minutes

Last week I wrote about getting Kubernetes cluster metrics with Prometheus. Metrics are only one part of the story. Logs are important and luckily we have a great set of tools that will help you to create simple and easy logging solution. In this post, I will show you how to start monitoring Kubernetes logs in 5 minutes with EFK stack (Elasticsearch, Fluent Bit, and Kibana) deployed with Helm and operators. Previous post Just blogged: Get #Kubernetes Cluster Metrics with ...