You've successfully subscribed to Nuvotex Blog
Great! Next, complete checkout for full access to Nuvotex Blog
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.
Daniel Nachtrub

Daniel Nachtrub

Kind of likes computers. Linux foundation certified: LFCS / CKA / CKAD / CKS. Microsoft certified: Cybersecurity Architect Expert & Azure Solutions Architect Expert.

Kubernetes, blockDevices & denied permissions

Kubernetes, blockDevices & denied permissions

Mounting (block)devices on containers might result in permission errors (Permission denied) if pods have applied a securityContext. It's possible to configure this on containerd and get both of best worlds - fast device access and reduced permissions on containers.

Daniel Nachtrub
Daniel Nachtrub
Container
Enable SR-IOV on Broadcom NICs and configure VF count

Enable SR-IOV on Broadcom NICs and configure VF count

Running broadcom network cards using SR-IOV might require configuration of the cards firmware. This also applies for example if you want to adjust the total number of virtual functions.

Daniel Nachtrub
Daniel Nachtrub
Linux
Multus - pod stuck in terminating state

Multus - pod stuck in terminating state

Having multus in place, pods might be stuck in starting or terminating state if you made a mistake in the config.

Daniel Nachtrub
Daniel Nachtrub
Kubernetes
Get filesystem access using an ephemeral container in kubernetes

Get filesystem access using an ephemeral container in kubernetes

Sometimes you need to access a containers filesystem but the container itself is eventually distroless or does not offer any shell. Here's how to access the filesystem anyway using ephemeral containers!

Daniel Nachtrub
Daniel Nachtrub
Cloud
Using AKS kubectl (kubelogin) on headless systems or pipelines

Using AKS kubectl (kubelogin) on headless systems or pipelines

Running kubectl on pipelines with interactive authentication is somewhat non-optimal :-) Let's make it better without using long-living tokens.

Daniel Nachtrub
Daniel Nachtrub
Azure
Choosing a postgres operator

Choosing a postgres operator

This post describes my journey on the selection of the postgres operator that matches our demand.

Daniel Nachtrub
Daniel Nachtrub
Kubernetes
SAML tokens and too much accuracy on clients

SAML tokens and too much accuracy on clients

Having multiple clients not being able to log in we discovered that our ADFS tokens NotBefore date is maybe too accurate for some very picky clients. Let's add some tolerance.

Daniel Nachtrub
Daniel Nachtrub
Windows
Manually remove a member from etcd

Manually remove a member from etcd

Recently, I needed to rollback a kubernetes control-plane node to an older snapshot. This cause (obviously) that etcd could not operate anymore in the etcd cluster. The approach in this scenario is to remove the etcd node from the cluster and add it again. The removal of it is rather

Daniel Nachtrub
Daniel Nachtrub