Change statefulset spec without downtime Paid Members Public
Altering statefulsets on kubernetes can be tricky - as statefulsets are very common used for persistent applications like databases recreation is no option. This guide shows a path around some of these limitations.
Linux kernel keyrings, container isolation and maybe some kerberos Paid Members Public
On a recent project I've been stumbling on the case that kerberos tickets have been inadvertently shared across containers on a node - which obviously caught my attention as I'm not keen on sharing such secrets across workloads. This post describes why this happens and what to do to prevent this.
Kubernetes 1.26 on Ubuntu 22.04 LTS Paid Members Public
Ubuntu is a very suitable distribution to run kubernetes because we have an up to date kernel with up to date features and packages are available widely. Running kubernetes on Ubuntu is straight forward - except it requires packages that are newer than the upstream provides. This is the case
openvpn 2.6.0 released Paid Members Public
The new openvpn 2.6.0 has some very nice and shiny features you might want to starting using soon. This post highlights some of them.
Create a TPM backed certificate request (on windows) Paid Members Public
Certificates are everywhere - sometimes you want to keep them even more secure than just on the filesystem (or operating system store). This guide shows how to create TPM backed certificates on windows.
Windows 11 22H2 - stuck RDP session establishment when using UDP transport Paid Members Public
Windows 11 22H2 currently has an issue when connecting using the Remote Desktop gateway or Remote Desktop Connection Broker. This article gives some information and possible workarounds.
"Identity not found" when using Azure pod-managed identities Paid Members Public
One type of incident that arised on several customer environments within the last weeks has been the result of an issue with Azure pod-managed identities. What is managed podidentity? The idea behind podidentity is that you can assign an identity (mostly a managed service identity [MSI]) to a pod running
What happens if you ask kubernetes for 1254051 replicas Paid Members Public
One of our playgrounds recently had an incident which caused control-plane to go out-of-memory. This article shows how to diagnose and especially how to fix or event prevent this.
