In a previous series of blog posts, we discussed the Kubernetes objects typically used to run a web application. We covered, Namespace, Pod, ConfigMap, Secret, Service, Deployment, ServiceAccount, Ingress, PDB, HPA, PV, PVC, Job and CronJob. In this post, we will discuss some fundamental building blocks for the Kubernetes cluster administration: RBAC objects. In most situations, Kubernetes API server is started with the flag --authorization-mode=RBAC which enables RBAC in the cluster.

Purpose Of Having Naming Conventions For An Ansible Project Consistency: Adopting a naming convention standardizes naming across the project and organization. This makes it easier for developers to switch between projects. Typically, an organization with an infrastructure team will have several Ansible projects and source code repositories. A developer working on one such Ansible project can seamlessly switch to another given a standard naming convention. Error Reduction: With improper naming there can be pitfalls.

Architecture 1: Kubernetes Control Plane Without HA Create three Virtual Machine guests on your laptop or workstation. VM 01 - Kubernetes Control Plane VM 02, VM 03 - Kubernetes Worker nodes Architecture 2: Kubernetes Control Plane With HA Create five Virtual Machine guests on your laptop or workstation. VM 01, VM 02, VM 03 - Kubernetes Control Plane with HA VM 04, VM 05 - Kubernetes Worker nodes Use the Kubeadm tool to create the cluster.

In the Kubernetes Objects Required For A Typical Web Application post we talked about few Kubernetes objects that a web application developer should get accustomed to. In this post, we will extend the series and talk about more objects that can help web developers scale their applications. As we delve deeper into Kubernetes topics, the demarcation of roles and skill sets start to reveal. In larger organizations, a dedicated team of infrastructure engineers design and make choices of network topology, IAC tooling and orchestration of the Kubernetes clusters and CI/CD pipelines.

In a previous post, we discussed using age to manage secrets in Git repositories. In this post, let’s improve our secrets management workflow in Git repositories using SOPS. sops is an editor of encrypted files that supports popular configuration formats such as YAML and various encryption techniques such as age. Read the blog post about age to install the package and creating the key file. This time, we will use sops to perform encryption and decryption operations instead of the age command.

There are many applications and technologies enabled by VPN. We will focus on one of them in this post: client VPN. Connecting To A Private Network If the server you are trying to access is on a private network, you can use a VPN to connect to the network as if you were physically present on the same network. This can be useful if you need to access resources or devices that are only available on the private network.

Once upon a time, Apache was the de-facto web server solution. Later, Nginx became popular. If you are getting started with DevOps and Linux system administration, I would recommend you to start with Nginx. Start With A Static Website What is a static website? A website made from HTML and CSS. And maybe some JavaScript, images, videos, fonts, etc. The key takeaway is that there is no server side application involved.

Are you storing secrets such as database credentials, API keys, etc. unencrypted in Git repositories? Stop. To protect your secrets, do not store them anywhere unencrypted. Especially in Git repositories. Ideally, your organization must have some vault solution where secrets can be stored and securely shared with people on a need-to-know basis. In many small organizations, having such a central secrets management solution is still a luxury. The need to store such secret information in Git repositories is obvious.

Introduction If you have chosen the DevOps engineering path for your career, Linux system administration skills are a must. Companies run their workloads on Linux on-premise as well as in the cloud. Many developers write software on their Linux laptops and workstations. In this post, I will lay out a plan to master Linux system administration skills. The journey begins with you becoming a Linux desktop user. Gradually, you start using your laptop as a Linux server.