CronJob in Kubernetes is good for handling Deployment like Cron, but it is difficult to understand because there are many API fields. So I would like to organized it, next, show how it works.

CronJobSpec API fields

All information about API fields we can find in link below:

The is a little difficult to understand, so I added it.


If a job takes 2 minutes to execute, but cron is set to be executed every minute, jobs will occur at the same time.

⚠️ Allow is an option that allows it, Forbid prohibits it, and Replace gives priority to new jobs.


What exactly is git flow???

It is a git development method that utilizes the branch that is a function of git. When developing with multiple people, if you adopt git without deciding the operation rule, conflicts will occur frequently and merge mistakes will occur.
It is git flow that can avoid such problems and make the most of git.


  • : Branch to store released data.
  • : Branch for development.
  • : Branch that prepares and fine-tunes before release .
  • : branch for feature development. Implement individual functions and resolve bugs.
  • : Branch for urgent corrections to released data.

More detail and explanation of each branch


Often the master branch and the published production…


Even if you are not an infrastructure engineer that you want to keep this knowledge :)


Recently, the use of servers on the cloud has increased. The infrastructure department handles the preparation of the server and the settings around the network, but since the developers often deploy the apps, even engineers who are mainly involved in development need at least SSH knowledge.

Also, since VMs are sometimes created in the local environment with Vagrant etc., there are increasing cases where SSH is used in the local environment.

That’s why even if you’re not an infrastructure engineer, knowledge of SSH clients is becoming essential, so I decided to relearn SSH again.

What exactly is SSH ???

This is a protocol for securely…

The official Docker documentation has a description of Docker security.

Docker Bench for Security is provided as a tool to check this automatically, ok so let’s take advantage of this and try to realize a more secure container execution environment.


  • Ubuntu 18.04 (Vagrant)
  • Docker 20.10.3-ce

Let’s start with Docker Bench for Security

The Github repository we have explains how to run using a Docker image.
but, due to the mechanism of docker, there are some parts where some tests do not work specifically, part regarding audit system, so instead of using the docker image, execute the script directly.

root@vagrant:/home/vagrant# git clone Cloning into 'docker-bench-security'... remote: Enumerating…


What is Azure CLI?

It is a tool that can operate Azure that can be used cross-platform such as Windows, MacOS, Linux from the command line. We can download from the following page:

After installation we can login to azure:

Azure login process:

  • Type , when you log in, information such as your subscription ID will be displayed.

⚠️ If in your environment with a proxy server, please set the proxy in the environment variable if necessary.


Application Gateway v2

Application Gateway v2 allows for automatic scale-out, which allows you to scale out with the Azure CLI…

Image source:


What is OpenStack?

One of the software for realizing cloud computing.

Why cloud computing is important ?

Since the speed of business is very fast these days, the speed of business development and flexibility to change are required. In order to meet these requirements, cloud computing technology that can build, deploy, and update services with a sense of speed is drawing attention.

What is cloud computing?

A server, storage, network, application, service, or other resource that can be easily accessed from anywhere. There are three types of cloud computing: public cloud, private cloud, and hybrid cloud.

How to avoid business risks by utilizing the cloud

When launching a new service, we analyze whether the service is profitable and what risks it poses…

Image source:

How to find out the apiVersion

Sometimes we don’t know what should I write in the of the resource like Deployment, Service etc. All Kubernetes resource APIs are written differently depending on which API APIGROUP they belong to .


  1. If you belong to a particular API GROUP then we use
  2. If it does not belong to a specific API GROUP it means that belongs to Core group so we use

Check the correspondence between resources and API GROUP

We can check this with using command . This is not implemented in the old for example v1.12, We must remember that running this command will show us…

What exactly is asymmetric routing?

Communication in which outbound packets and return packets take different routes L3 devices. Firewall manages communication sessions and is incompatible with asymmetric routing.

For example, even if there is no outgoing packet, even if only the returning packet comes, the communication consistency will not match and it cannot be determined whether the communication should be permitted. In addition, the UTM function that checks the security by looking at the contents of communication is also disabled. In some cases, PING can be passed but TCP communication cannot be performed. This is because TCP is more rigorous in checking because it performs…

What is Azure Private Link? This is a service for securely connecting (linking) to Azure PaaS services outside VNET from inside VNET, and this article is a supplement to the official Microsoft documentation .

Few words about features

Compared to traditional VNET service endpoints, Azure Private Link offers the following advantages:

  • Permission to access only specific resources from VNET, prevent threat of data leakage: Traditional service endpoints have network access to all SQL Databases in the same region as the allowed SQL Database due to permission restrictions by NSG tags. Private Endpoint allows you to access only specific linked resources.
  • Remotely accessible on-premises or…

Kubernetes Shortcuts

  • : Pods
  • : ReplicaSets
  • : Deployments
  • : Services
  • : Namespaces
  • : Network policies
  • : Persistent Volumes
  • : PersistentVolumeClaims
  • : Service Accounts


root@vagrant:/home/vagrant# kubectl get all -A -o yaml > backup.yaml


root@vagrant:/home/vagrant# kubectl explain sc --recursive | less


#List Pod
root@vagrant:/home/vagrant# kubectl get pods
root@vagrant:/home/vagrant# kubectl get pods -o wide
root@vagrant:/home/vagrant# kubectl get pods -n kube-system
root@vagrant:/home/vagrant# kubectl get pods --selector app=test-application,env=develop
root@vagrant:/home/vagrant# kubectl get pods -l app=test-application,env=develop
root@vagrant:/home/vagrant# kubectl get pods --all-namespaces
root@vagrant:/home/vagrant# kubectl get pods --show-labels
#Pod Status
root@vagrant:/home/vagrant# kubectl describe pod mypod
#Create Pod
root@vagrant:/home/vagrant# kubectl run mypod --image…


DevOps Consultant. I’m strongly focused on automation, security, and reliability.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store