Kubernetes
Helm's Hidden Quirks: Merging boolean values Paid Members Public
Helm is a powerful tool for manageing Kubernetes applications. Despite its ubiquity in the kubernetes-world, there are some nuances to consider when working with boolean values—especially when merging complex objects.
Can't delete kubernetes namespace (NamespaceDeletionDiscoveryFailure) Paid Members Public
While trying to delete a namespace on a kubernetes cluster I learned that there is a resource type apiservice :-) This post shows how to unblock deletions due orphaned apiservice definitions.
Unexpected behavior of TUN devices in Kubernetes >= 1.31.3 Paid Members Public
Sometimes, security improvements in one project can cause problems in places nobody ever expected. In this case, we had to deal with one of these improvements.
Kubernetes, blockDevices & denied permissions Paid Members Public
Mounting (block)devices on containers might result in permission errors (Permission denied) if pods have applied a securityContext. It's possible to configure this on containerd and get both of best worlds - fast device access and reduced permissions on containers.
Multus - pod stuck in terminating state Paid Members Public
Having multus in place, pods might be stuck in starting or terminating state if you made a mistake in the config.
Get filesystem access using an ephemeral container in kubernetes Paid Members Public
Sometimes you need to access a containers filesystem but the container itself is eventually distroless or does not offer any shell. Here's how to access the filesystem anyway using ephemeral containers!
Using AKS kubectl (kubelogin) on headless systems or pipelines Paid Members Public
Running kubectl on pipelines with interactive authentication is somewhat non-optimal :-) Let's make it better without using long-living tokens.
Choosing a postgres operator Paid Members Public
This post describes my journey on the selection of the postgres operator that matches our demand.
