• bestby: Refresh Pods based on it's lifetime using a label on it's definition

    3 min read

    Kubernetes Pod lifetime bestby

    For Kubernetes a Deployment is an object to define a Pod that is intended to permanently run on the cluster, so there's no native way to refresh it's Pods. To do so we can install the bestby controller.


  • Setting up the Vertical Pod Autoscaler

    3 min read

    Kubernetes vpa Pod cluster autoscaler Karpenter

    To be able take advantage of using a Cluster Autoscaler (same applies to AWS Karpenter) we need make sure we properly set the resources any scheduled Pod is requesting to Kubernetes:

    • If we are requesting too much resources, we will be wasting resources
    • If we are requesting too few, the application might end up on a node where it needs to constantly share resources with other Pods

    When we are not use the resources a given Pod or container is going to use, we can use the Vertical Pod Autoscaler to help us define them


  • Expose Pod information using an volume

    2 min read

    kubernetes pod data volume fieldPath

    We can choose to expose some of the Pod's information as volumes or environment variables using DownwardAPIVolumeFile. It can expose both Pod fields and Container fields


  • Expose Pod information using an environment variable

    2 min read

    kubernetes pod data environment variable fieldPath

    Some applications might need to retrieve (or at least know) some of the Pod's metadata, for example, it's namespace. We can push this information using fieldPath without having to grant access to the Kubernetes API or using any template engine (such as Helm) to set it's value (at the end of the day it would be hardcoding the value on the Pod's definition)


  • How risky it really is to run a Pod with privileged: true?

    3 min read

    kubernetes privileged pod

    When running containers, by default we will have an isolation between the host and the running container: you cannot access the host’s resources. But when you run a Pod with the privileged flag, you are effectively disabling this isolation making it equivalent to running that process as root on the host server.



More recent...

Older content...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets