CronJob in Kubernetes is good for handling Deployment like Cron, but it is difficult to understand because there are many API fields. So I would like to organized it, next, show how it works.
All information about API fields we can find in link below:
concurrencyPolicy is a little difficult to understand, so I added it.
If a job takes 2 minutes to execute, but cron is set to be executed every minute, jobs will occur at the same time.
⚠️ Allow is an option that allows it, Forbid prohibits it, and Replace gives priority to new jobs.
It is a git development method that utilizes the branch that is a function of git. When developing with multiple people, if you adopt git without deciding the operation rule, conflicts will occur frequently and merge mistakes will occur.
It is git flow that can avoid such problems and make the most of git.
master: Branch to store released data.
develop: Branch for development.
release: Branch that prepares and fine-tunes before release .
feature: branch for feature development. Implement individual functions and resolve bugs.
hotfix: Branch for urgent corrections to released data.
Often the master branch and the published production…
Recently, the use of servers on the cloud has increased. The infrastructure department handles the preparation of the server and the settings around the network, but since the developers often deploy the apps, even engineers who are mainly involved in development need at least SSH knowledge.
Also, since VMs are sometimes created in the local environment with Vagrant etc., there are increasing cases where SSH is used in the local environment.
That’s why even if you’re not an infrastructure engineer, knowledge of SSH clients is becoming essential, so I decided to relearn SSH again.
This is a protocol for securely…
The official Docker documentation has a description of Docker security.
Docker Bench for Security is provided as a tool to check this automatically, ok so let’s take advantage of this and try to realize a more secure container execution environment.
The Github repository we have explains how to run using a Docker image.
but, due to the mechanism of docker, there are some parts where some tests do not work specifically, part regarding audit system, so instead of using the docker image, execute the script directly.
root@vagrant:/home/vagrant# git clone https://github.com/docker/docker-bench-security.git Cloning into 'docker-bench-security'... remote: Enumerating…
It is a tool that can operate Azure that can be used cross-platform such as Windows, MacOS, Linux from the command line. We can download from the following page:
After installation we can login to azure:
Azure login process:
az login, when you log in, information such as your subscription ID will be displayed.
⚠️ If in your environment with a proxy server, please set the proxy in the environment variable if necessary.
set HTTP_PROXY = http://username:firstname.lastname@example.org:9000
set HTTPS_PROXY = http://username:email@example.com:9000
Application Gateway v2 allows for automatic scale-out, which allows you to scale out with the Azure CLI…
One of the software for realizing cloud computing.
Since the speed of business is very fast these days, the speed of business development and flexibility to change are required. In order to meet these requirements, cloud computing technology that can build, deploy, and update services with a sense of speed is drawing attention.
A server, storage, network, application, service, or other resource that can be easily accessed from anywhere. There are three types of cloud computing: public cloud, private cloud, and hybrid cloud.
When launching a new service, we analyze whether the service is profitable and what risks it poses…
Sometimes we don’t know what should I write in the
apiVersion of the resource like Deployment, Service etc. All Kubernetes resource APIs are written differently depending on which API APIGROUP they belong to
We can check this with using command
kubectl api-resources. This is not implemented in the old
kubectl for example v1.12, We must remember that running this command will show us…
Communication in which outbound packets and return packets take different routes L3 devices. Firewall manages communication sessions and is incompatible with asymmetric routing.
For example, even if there is no outgoing packet, even if only the returning packet comes, the communication consistency will not match and it cannot be determined whether the communication should be permitted. In addition, the UTM function that checks the security by looking at the contents of communication is also disabled. In some cases, PING can be passed but TCP communication cannot be performed. This is because TCP is more rigorous in checking because it performs…
What is Azure Private Link? This is a service for securely connecting (linking) to Azure PaaS services outside VNET from inside VNET, and this article is a supplement to the official Microsoft documentation .
Compared to traditional VNET service endpoints, Azure Private Link offers the following advantages:
netpol: Network policies
pv: Persistent Volumes
in: Service Accounts
root@vagrant:/home/vagrant# kubectl get all -A -o yaml > backup.yaml
root@vagrant:/home/vagrant# kubectl explain sc --recursive | less
root@vagrant:/home/vagrant# kubectl get pods
root@vagrant:/home/vagrant# kubectl get pods -o wide
root@vagrant:/home/vagrant# kubectl get pods -n kube-system
root@vagrant:/home/vagrant# kubectl get pods --selector app=test-application,env=develop
root@vagrant:/home/vagrant# kubectl get pods -l app=test-application,env=develop
root@vagrant:/home/vagrant# kubectl get pods --all-namespaces
root@vagrant:/home/vagrant# kubectl get pods --show-labels#Pod Status
root@vagrant:/home/vagrant# kubectl describe pod mypod#Create Pod
root@vagrant:/home/vagrant# kubectl run mypod --image…
DevOps Consultant. I’m strongly focused on automation, security, and reliability.