4 min read
If you try to install minikube on an Apple Sillicon (such as Apple M1, M2...) you will face that some hypervisors doesn't support arm64 yet. Using Docker Destop, on the other hand, has recently changed it's license so it might not be suitable to you
$ minikube start
😄 minikube v1.26.1 on Darwin 12.5.1 (arm64)
✨ Automatically selected the parallels driver. Other choices: ssh, qemu2 (experimental)
❌ Exiting due to DRV_UNSUPPORTED_OS: The driver 'parallels' is not supported on darwin/arm64
$ minikube start --driver docker
😄 minikube v1.26.1 on Darwin 12.5.1 (arm64)
✨ Using the docker driver based on user configuration
💣 Exiting due to PROVIDER_DOCKER_NOT_RUNNING: "docker version --format -" exit status 1: Cannot connect to the Docker daemon at unix:///Users/jordiprats/.rd/docker.sock. Is the docker daemon running?
💡 Suggestion: Start the Docker service
📘 Documentation: https://minikube.sigs.k8s.io/docs/drivers/docker/
There are several alternatives to Docker Desktop but the one that I found more convenient and easier to install is Colima
14/09/2022
Read more...3 min read
With the EKS connector you are going to be able to connect any Kubernetes cluster to the AWS EKS console to visualize it's status, configuration, nodes and workloads but not much else. Let's take a look what's needed:
12/09/2022
Read more...3 min read
If you try to create a pod with some privileges using the securityContext you are going to find out that it's not going to work on OpenShift as it would on a vanilla Kubernetes:
$ kubectl describe sts example-no-scc
Name: example-no-scc
(...)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedCreate 18s (x13 over 38s) statefulset-controller create Pod example-no-scc-0 in StatefulSet example-no-scc failed error: pods "example-no-scc-0" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, spec.initContainers[0].securityContext.capabilities.add: Invalid value: "DAC_OVERRIDE": capability may not be added, spec.containers[0].securityContext.capabilities.add: Invalid value: "DAC_OVERRIDE": capability may not be added, spec.containers[1].securityContext.capabilities.add: Invalid value: "DAC_OVERRIDE": capability may not be added, provider "nonroot": Forbidden: not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "machine-api-termination-handler": Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden: not usable by user or serviceaccount, provider "hostaccess": Forbidden: not usable by user or serviceaccount, provider "node-exporter": Forbidden: not usable by user or serviceaccount, provider "privileged": Forbidden: not usable by user or serviceaccount]
08/09/2022
Read more...2 min read
The Kubernetes External Secrets have evolved into an Operator: External Secrets Operator What does it bring to the table?
05/09/2022
Read more...3 min read
In OpenShift instead of working with Namespaces it uses Projects, but by creating a Project it going to create a Namespace under the hood. What's the difference?
$ oc get project
NAME DISPLAY NAME STATUS
(...)
demo Active
$ oc get ns
NAME STATUS AGE
(...)
demo Active 29d
02/09/2022
Read more...