(I Make Things Interesting) Architecting, Developing, nixCraft, DevOps, AI/ML, Blockchain

Kubernetes Team Access - RBAC for developers and QA

Role Based Access Control

RBAC (Role Based Access Control) allows our Kubernetes clusters to provide the development team better visibility and access into the development, staging and production environments than it has have ever had in the past. Developers using the command line tool kubectl, can explore the network topology of running microservices, tail live server logs, proxy local ports directly to services or even execute shells into running pods. Kubernetes and GitlabCI are the central components of our DevOps toolchain and have increased our productivity by many multiples over the traditional approaches of the past.

kubectl Context Multiple Clusters

Managing multiple clusters with kubectl.

I use a few Kubernetes clusters on a daily basis, and I use kubectl to access and configure them from my workstation. There are dozens of ways to configure kubectl however I find the following method the easiest for me to manage and not make a mess. I also set up test clusters from time-to-time, and so keeping my configs organized is, so I don’t confuse myself or make a mess.

Kubectl x509 Unable to Connect

Kubernetes remote access and TLS certs.

Just set up a brand new cluster? Changed the domain or IP of your admin node? Then you may have encountered the error Unable to connect to the server: x509: certificate is valid for …. The following is a fix for this common issue. However, there are often other reasons to rebuild your cluster cert, and it’s relatively easy. TL;DR: “I don’t care about the fix I need to remote control my cluster.

Kubernetes Remote Control

Using kubectl to Control a Remote Kubernetes Cluster

I use Minikube to run a local Kubernetes single node cluster (cluster?). However, I also work with a custom production cluster for work. This cluster consists of development and production nodes. I often need to switch between working on my local Minikube and the online Kubernetes cluster. TIP: Visit the kubectl Cheat Sheet often. Support this blog! Buy my new book: Advanced Platform Development with Kubernetes What You'll Learn Build data pipelines with MQTT, NiFi, Logstash, MinIO, Hive, Presto, Kafka and Elasticsearch Leverage Serverless ETL with OpenFaaS Explore Blockchain networking with Ethereum Support a multi-tenant Data Science platform with JupyterHub, MLflow and Seldon Core Build a Multi-cloud, Hybrid cluster, securely bridging on-premise and cloud-based Kubernetes nodes The default configuration kubectl is stored in ~/.