Gardener v1.13 Released

2020-11-23
Nov 20, 2020 Read Time: 5 min

Dear community, we’re happy to announce a new minor release of Gardener, in fact, the 16th in 2020! v1.13 came out just today after a couple of weeks of code improvements and feature …

Continue reading

Gardener v1.11 and v1.12 Released

2020-11-04
Nov 20, 2020 Read Time: 6 min

Two months after our last Gardener release update, we are happy again to present release v1.11 and v1.12 in this blog post. Control plane migration, load balancer consolidation, new security features …

Continue reading

Shoot Reconciliation Details

2020-10-19
Oct 20, 2020 Read Time: 5 min

Do you want to understand how Gardener creates and updates Kubernetes clusters (Shoots)? Well, it’s complicated, but if you are not afraid of large diagrams and are a visual learner like me, …

Continue reading

Gardener v1.8.0 Released

2020-08-06
Aug 20, 2020 Read Time: 6 min

Even if we are in the midst of the summer holidays, a new Gardener release came out yesterday: v1.8.0! It’s main themes are the large change of our logging stack to Loki (which was already …

Continue reading

Anti Patterns

2018-06-11
Jun 18, 2018 Read Time: 1 min

Running as root user

Whenever possible, do not run containers as root users. One could be tempted to say that Kubernetes Pods and Node are well separated. The host and the container share the same …

Continue reading

Cookies are dangerous...

2018-06-11
Jun 18, 2018 Read Time: 1 min

…they mess up the figure.

For a team event during the Christmas season we decided to completely reinterpret the topic cookies… since the vegetables have gone on a well-deserved …

Continue reading

Frontend HTTPS

2018-06-11
Jun 18, 2018 Read Time: 1 min

For encrypted communication between the client to the load balancer, you need to specify a TLS private key and certificate to be used by the ingress controller.

Create a secret in the namespace of …

Continue reading

Namespace Isolation

2018-06-11
Jun 18, 2018 Read Time: 1 min

…or DENY all traffic from other namespaces

You can configure a NetworkPolicy to deny all traffic from other namespaces while allowing all traffic coming from the same namespace the pod is …

Continue reading

Namespace Scope

2018-06-11
Jun 18, 2018 Read Time: 1 min

Should I use:

  • ❌ one namespace per user/developer?
  • ❌ one namespace per team?
  • ❌ one per service type?
  • ❌ one namespace per application type?
  • 😄 one namespace per running instance of …
Continue reading

Namespace Scope

2018-06-11
Jun 18, 2018 Read Time: 1 min

Should I use:

  • ❌ one namespace per user/developer?
  • ❌ one namespace per team?
  • ❌ one per service type?
  • ❌ one namespace per application type?
  • 😄 one namespace per running instance of …
Continue reading

Shared storage with S3 backend

2018-06-11
Jun 18, 2018 Read Time: 1 min

The storage is definitely the most complex and important part of an application setup, once this part is completed, one of the most problematic parts could be solved.

Mounting a S3 bucket into a pod …

Continue reading