đź“š Tom's Notes

Search

SearchSearch

Cloud - Kubernetes

Apr 14, 20251 min read

Intro

https://iximiuz.com/en/posts/kubernetes-vs-age-old-infra-patterns/

  • Why K8s is needed
  • How we deployed and scaled web apps before K8s
  • K8s concepts

Managed vs own ?

https://news.ycombinator.com/item?id=32403746

Installation

BEWARE: catastrophic misconfigurations

https://blog.aquasec.com/kubernetes-exposed-one-yaml-away-from-disaster

K8s on Hetzner

https://bilbof.com/posts/kubernetes-on-hetzner

  • self-managed
  • Terraform + Puppet
  • Tailscale VPN
  • Nginx ingress controller
  • Hetzner cloud volumes
  • Local Persistence Volume storage provisioner
  • CrunchyData’s Postgres operator
  • Velero and pgBackRest for backups
  • SealedSecrets

K3s - lightweight Kubernetes

https://github.com/k3s-io/k3s

Inexpensive K3s on Hetzner

https://github.com/vitobotta/hetzner-k3s

Day-to-day management

best tools

https://marcusnoble.co.uk/2022-07-04-managing-kubernetes-without-losing-your-cool/

kubectl quick ref

https://kubernetes.io/docs/reference/kubectl/cheatsheet/

k9s - Ncurses-based CLi

https://k9scli.io/

Ops - upgrade cluster

https://t.co/16yxmcMcAe

Service deployments & configuration

Kustomize

https://kustomize.io/

Helm

https://helm.sh/

Shortcomings

https://leebriggs.co.uk/blog/2019/02/07/why-are-we-templating-yaml.html

https://glasskube.eu/en/r/knowledge/5-helm-shortcomings/

PaaS based on Kubernetes

https://reclaim-the-stack.com/

  • Heroku dev experience
  • BEWARE: non-scalable ingress
  • BEWARE: lots of moving parts

Internals

K8s APIs

https://iximiuz.com/en/series/working-with-kubernetes-api/

Controllers and operators

https://iximiuz.com/en/series/writing-kubernetes-controllers-operators/

Caveats when developing controllers

https://ahmet.im/blog/controller-pitfalls/

Resources

Books

https://kubernetesinpractice.com/

Graph View

Backlinks