Latest News

Read all latest blog posts

post image
author image
:date_long

Learn AWS EKS Kubernetes cluster and devops in AWS (Part 1)

Learn AWS EKS Kubernetes cluster and devops in AWS (Part 1) Starting AWS EKS cluster manually in AWS web console

Read More
post image
author image
:date_long

CKS run kubernetes with cri-o

How to run Kubernetes with cri-o https://computingforgeeks.com/install-cri-o-container-runtime-on-ubuntu-linux/ OS=xUbuntu_20.04 CRIO_VERSION=1.23 echo "deb https://download.

Read More
post image
author image
:date_long

CKS simulator

k get pods -A -o jsonpath='{range .items[*]}{.spec.nodeName}{"\t\t\t\t"}{.spec.containers[*].image}{"\t"}{"\n"}{end}' | sort | grep cluster1-worker1

Read More
post image
author image
:date_long

CKS Reduce Attack Surface

Overview only purpose (remove unneceassary services) node recycling (should be ephemeral, created from images) ubuntu, centos systemctl list-units | grep <service-name> systemctl list-units --type=service | grep <service-name> systemctl list-units --type=service --state=running | grep <service-name>

Read More
post image
author image
:date_long

CKS Kernel Hardening Tools

Requirements for Apparmor container runtime needs to support Apparmor Apparmor needs to be installed on every node Apparmor profiles need to be available on every node Apparmor profiles are specified per container (done via annotations) not per pod!

Read More
post image
author image
:date_long

CKS Audit logging via kube-api server

Important Kubernetes request stages What events should be recorded Audit log from Mushad course

Read More
post image
author image
:date_long

CKS Immutability of containers at runtime

advanced deployment methods easy rollback more reliability better security (on container level) Interesting example of how ‘‘startupProbe’’ can be used to make container a bit more secure root@cks-master:~# cat immutable.

Read More