-
Kubernetes: Configure privilege escalation using the escalate and bind verbs
2 min read
The RBAC API prevents privilege escalation at the API level when creating or updating ClusterRole, ClusterRoleBinding, Role and RoleBinding. However, we can configure it to allow privilege escalation using the escalate and bind verbs.
15/11/2022
Read more... -
Container with alpine failing to execute a file with not found
3 min read
While building a container using alpine as a base image we can get a not found error while trying to execute a file that doesn't make much sense:
$ docker run -it test /usr/local/bin/example-app exec /usr/local/bin/example-app: no such file or directory14/11/2022
Read more... -
External Secrets Operator: Generate secrets using a template
2 min read
We can use the External Secrets Operator to retrieve secrets from some backend and push it into a vanilla Kubernetes Secrets to be consumed as usual as a key-value. Not all applications work in the same way so we might need to format it in a way that the application is able to consume it.
08/11/2022
Read more... -
OPA gatekeeper: Create a rule to warn the users
2 min read
OPA gatekeeper is most commonly used to block retain objects from getting into the Kubernetes cluster, but we can use it to warn the user as well
07/11/2022
Read more... -
Openshift: Project object contains (some) immutable fields
2 min read
There are just slight differences between a Project and a Namespace in OpenShift, what can be shocking is the fact that Project's metadata is (with exceptions) immutable.
04/11/2022
Read more...