Kubernetes Features Enabled
Dec 18, 2025 · 1 min read · If you have Prometheus running and scraping metrics - You can find Kubernetes list of features enabled information for every feature using kubernetes_feature_enabled metric which gives build information kubernetes_feature_enabled{} The name of the f...
Join discussion
CKS Notes - TLS
Nov 27, 2025 · 2 min read · TLS # generate TLS cert and key openssl command [ options ... ] [ parameters ... ] 1. TLS config files About TLS we will mainly focus on 3 levels/types encryption in this article. inside cluster communication (/etc/kubernetes/pki/*) client (kubect...
Join discussionCKS Notes - ServiceAccount
Nov 24, 2025 · 3 min read · Previous Notes about the Apiserver request security we have shown two identities (node identity /etc/kubernetes/kubelet.conf and admin cluster identity ~/.kube/config ). Now we will talk about another identity, it is used for the Pods — ServiceAccoun...
Join discussionCKS Notes - Apiserver request security
Nov 23, 2025 · 3 min read · 1. Identity = kubeconfig Here the identity equals kubeconfig file Every kubeconfig file specifies: the certificate the client key the username (CN) the group (O) the cluster endpoint This determines: Who you are (identity) What you can do (R...
Join discussionkubectl proxy vs kubectl port-forward: Access Your Kubernetes Cluster Securely
Nov 13, 2025 · 7 min read · When working with Kubernetes, developers often need a way to access applications or services running inside the cluster — without exposing them to the public internet. 1. Why Do We Need Local Access to Cluster Resources? In a secure Kubernetes archit...
Join discussion
kubernets related logs & configurations
Jan 7, 2025 · 3 min read · 1. Logs Components level logs kubelet, kube-apiserver, kube-scheduler, kube-controller, etcd, kube-proxy ... Pod level logs generate by container 1.1 Log files The base path for logs is /var/log/ ComponentLog PathDescription kubelet/va...
Join discussionKubernetes From Zero to Hero – Part 2:
Jan 7, 2025 · 4 min read · Why Architecture Matters Understanding Kubernetes architecture is like understanding how a car works before you drive it. If you know what each part does, you’ll be able to troubleshoot, optimise, and scale more effectively. Let’s break it down into ...
Join discussion
Etcd Backup and Restore (4)
Dec 29, 2024 · 1 min read · Why Update etcd.yaml? In previous posts, we see we need to update the etcd.yaml file to make the restore work. And the reason for this step is related to kubelet working mechanism. Pod Reconciliation by kubelet: The etcd static pod is managed by the ...
Join discussionKubernetes 101 Security : Part 15
Dec 10, 2024 · 11 min read · Securing Kube-api server Kube-api is the center of everything with which we contact using kubectl. So, we need to ensure the security of kube-api server So, we have to ensure these 2 things: Who can access kube-api server? People who have correct u...
Join discussion