Suggested Reads

KubeVPN, A vpn tools which can connect to kubernetes cluster network, you can access remote kubernetes cluster network, remote kubernetes cluster service can also access your local service - GitHub...

In this video, I detail all of the steps on how I have built a four-node Kubernetes cluster with microk8s, using Raspberry Pis The hardware used 💾 - Charging station https://www.amazon.de/-/en/gp/product/B00VUGOSWY/ref=ppx_yo_dt_b_search_asin_title - USB-C charging cables -- the ones I bought don't exist anymore on Amazon - 4 Raspberry Pi 4s https://www.amazon.de/-/en/gp/product/B07TC2BK1X/ref=ppx_yo_dt_b_search_asin_title - Raspberry Pi case with fans https://www.amazon.de/-/en/gp/product/B07Z4GRQGH/ref=ppx_yo_dt_b_search_asin_title When I bought all the components, I definitely did not spend more than 100 EUR on each pi. The guides used 📖 - How to build a microk8s raspberry pi cluster https://ubuntu.com/tutorials/how-to-kubernetes-cluster-on-raspberry-pi#1-overview - Installing Ubuntu Server on a raspberry pi cluster https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi#1-overview ⏱️Timestamps⏱️ 00:00 - Explaining the hardware setup of the Pis 04:18 - Walking through the Ubuntu tutorials linked in the description 12:56 - Outro

The tractor maker is accused of blocking farmers from fixing their own equipment. A new agreement offers concessions—but campaigners say it’s not enough.

If you have your own web sites or apps that you maintain, it's helpful to know when they're not working. One tool I've been using for a long time is a site called Uptime Robot. Of course, with just a little bit of code you can easily write your own small application that can periodically check the status of one or more sites and alert you to a problem.

DirecTV notified employees it will cut 10% of its workers, many of whom are managers.

Threema has downplayed the real-world significance of the multiple security flaws disclosed by ETH Zurich researchers.

Swiss company Climeworks says it's making good on future removals Microsoft, Shopify and Stripe have paid for.

Ubisoft shares slumped as low as 18.80 euros apiece Thursday morning, hitting their lowest level in more than seven years.

The latest updates to the PCIe specification are essential for devices that require the movement of large amounts of data.

by the CFA Enterprise Restaurant Compute Team

One common question I see on Mastodon and Reddit is "I've inherited a cluster, how do I safely upgrade it". It's surprising that this still isn't a better understood process given the widespread adoption of k8s, but I've had to take over legacy clusters a few times and figured I

Researchers are studying how the internet was used to stoke anger and to organize far-right groups ahead of the Brazilian riots.

British postal carrier Royal Mail announced on Wednesday it was "experiencing severe service disruption" following a "cyber incident."

Industry sources say TSMC is considering lowering 3nm prices to stimulate interest from chip designers

The features announced on Wednesday are free and Apple isn't selling ad units in Maps.

Three weeks after The Guardian newspaper was hit by a ransomware attack, it warns staff members that their personal data was accessed.

Consoles will boot slower but use far less energy in standby.

The new policy starts on January 16th.

I don’t usually write about business deals, much less about rumors about business deals, but this one has me scratching my head, and and is actually super relevant to how people on the inside - both at Microsoft and OpenAI are viewing the future of AI.

Stay secure at any budget.

Author: Sunny Bhambhani (InfraCloud Technologies) Kubernetes has been widely adopted, and many organizations use it as their de-facto orchestration engine for running workloads that need to be created and deleted frequently. Therefore, proper scheduling of the pods is key to ensuring that application pods are up and running within the Kubernetes cluster without any issues. This article delves into the use cases around resource management by leveraging the PriorityClass object to protect mission-critical or high-priority pods from getting evicted and making sure that the application pods are up, running, and serving traffic. Resource management in Kubernetes The control plane consists of multiple components, out of which the scheduler (usually the built-in kube-scheduler ) is one of the components which is responsible for assigning a node to a pod. Whenever a pod is created, it enters a "pending" state, after which the scheduler determines which node is best suited for the placement of the new pod. In the background, the scheduler runs as an infinite loop looking for pods without a nodeName set that are ready for scheduling . For each Pod that needs scheduling, the scheduler tries to decide which node should run that Pod. If the scheduler cannot find any node, the pod remains in the pending state, which is not ideal. Note: To name a few, nodeSelector , taints and tolerations , nodeAffinity , the rank of nodes based on available resources (for example, CPU and memory), and several other criteria are used to determine the pod's placement. The below diagram, from point number 1 through 4, explains the request flow: Scheduling in Kubernetes Typical use cases Below are some real-life scenarios where control over the scheduling and eviction of pods may be required. Let's say the pod you plan to deploy is critical, and you have some resource constraints. An example would be the DaemonSet of an infrastructure component like Grafana Loki. The Loki pods must run before other pods can on every node. In such cases, you could ensure resource availability by manually identifying and deleting the pods that are not required or by adding a new node to the cluster. Both these approaches are unsuitable since the former would be tedious to execute, and the latter could involve an expenditure of time and money. Another use case could be a single cluster that holds the pods for the below environments with associated priorities: Production (prod ): top priority Preproduction (preprod ): intermediate priority Development (dev ): least priority In the event of high resource consumption in the cluster, there is competition for CPU and memory resources on the nodes. While cluster-level autoscaling may add more nodes, it takes time. In the interim, if there are no further nodes to scale the cluster, some Pods could remain in a Pending state, or the service could be degraded as they compete for resources. If the kubelet does evict a Pod from the node, that eviction would be random because the kubelet doesn’t have any special information about which Pods to evict and which to keep. A third example could be a microservice backed by a queuing application or a database running into a resource crunch and the queue or database getting evicted. In such a case, all the other services would be rendered useless until the database can serve traffic again. There can also be other scenarios where you want to control the order of scheduling or order of eviction of pods. PriorityClasses in Kubernetes PriorityClass is a cluster-wide API object in Kubernetes and part of the scheduling.k8s.io/v1 API group. It contains a mapping of the PriorityClass name (defined in .metadata.name ) and an integer value (defined in .value ). This represents the value that the scheduler uses to determine Pod's relative priority. Additionally, when you create a cluster using kubeadm or a managed Kubernetes service (for example, Azure Kubernetes Service), Kubernetes uses PriorityClasses to safeguard the pods that are hosted on the control plane nodes. This ensures that critical cluster components such as CoreDNS and kube-proxy can run even if resources are constrained. This availability of pods is achieved through the use of a special PriorityClass that ensures the pods are up and running and that the overall cluster is not affected. $ kubectl get priorityclass NAME VALUE GLOBAL-DEFAULT AGE system-cluster-critical 2000000000 false 82m system-node-critical 2000001000 false 82m The diagram below shows exactly how it works with the help of an example, which will be detailed in the upcoming section. Pod scheduling and preemption Pod priority and preemption Pod preemption is a Kubernetes feature that allows the cluster to preempt pods (removing an existing Pod in favor of a new Pod) on the basis of priority. Pod priority indicates the importance of a pod relative to other pods while scheduling. If there aren't enough resources to run all the current pods, the scheduler tries to evict lower-priority pods over high-priority ones. Also, when a healthy cluster experiences a node failure, typically, lower-priority pods get preempted to create room for higher-priority pods on the available node. This happens even if the cluster can bring up a new node automatically since pod creation is usually much faster than bringing up a new node. PriorityClass requirements Before you set up PriorityClasses, there are a few things to consider. Decide which PriorityClasses are needed. For instance, based on environment, type of pods, type of applications, etc. The default PriorityClass resource for your cluster. The pods without a priorityClassName will be treated as priority 0. Use a consistent naming convention for all PriorityClasses. Make sure that the pods for your workloads are running with the right PriorityClass. PriorityClass hands-on example Let’s say there are 3 application pods: one for prod, one for preprod, and one for development. Below are three sample YAML manifest files for each of those. --- # development apiVersion : v1 kind : Pod metadata : name : dev-nginx labels : env : dev spec : containers : - name : dev-nginx image : nginx resources : requests : memory : "256Mi" cpu : "0.2" limits : memory : ".5Gi" cpu : "0.5" --- # preproduction apiVersion : v1 kind : Pod metadata : name : preprod-nginx labels : env : preprod spec : containers : - name : preprod-nginx image : nginx resources : requests : memory : "1.5Gi" cpu : "1.5" limits : memory : "2Gi" cpu : "2" --- # production apiVersion : v1 kind : Pod metadata : name : prod-nginx labels : env : prod spec : containers : - name : prod-nginx image : nginx resources : requests : memory : "2Gi" cpu : "2" limits : memory : "2Gi" cpu : "2" You can create these pods with the kubectl create -f FILE.yaml command, and then check their status using the kubectl get pods command. You can see if they are up and look ready to serve traffic: $ kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS dev-nginx 1/1 Running 0 55s env=dev preprod-nginx 1/1 Running 0 55s env=preprod prod-nginx 0/1 Pending 0 55s env=prod Bad news. The pod for the Production environment is still Pending and isn't serving any traffic. Let's see why this is happening: $ kubectl get events ... ... 5s Warning FailedScheduling pod/prod-nginx 0/2 nodes are available: 1 Insufficient cpu, 2 Insufficient memory. In this example, there is only one worker node, and that node has a resource crunch. Now, let's look at how PriorityClass can help in this situation since prod should be given higher priority than the other environments. PriorityClass API Before creating PriorityClasses based on these requirements, let's see what a basic manifest for a PriorityClass looks like and outline some prerequisites: apiVersion : scheduling.k8s.io/v1 kind : PriorityClass metadata : name : PRIORITYCLASS_NAME value : 0 # any integer value between -1000000000 to 1000000000 description : - (Optional) description goes here! globalDefault : false # or true. Only one PriorityClass can be the global default. Below are some prerequisites for PriorityClasses: The name of a PriorityClass must be a valid DNS subdomain name. When you make your own PriorityClass, the name should not start with system- , as those names are reserved by Kubernetes itself (for example, they are used for two built-in PriorityClasses). Its absolute value should be between -1000000000 to 1000000000 (1 billion). Larger numbers are reserved by PriorityClasses such as system-cluster-critical (this Pod is critically important to the cluster) and system-node-critical (the node critically relies on this Pod). system-node-critical is a higher priority than system-cluster-critical , because a cluster-critical Pod can only work well if the node where it is running has all its node-level critical requirements met. There are two optional fields: globalDefault : When true, this PriorityClass is used for pods where a priorityClassName is not specified. Only one PriorityClass with globalDefault set to true can exist in a cluster. If there is no PriorityClass defined with globalDefault set to true, all the pods with no priorityClassName defined will be treated with 0 priority (i.e. the least priority). description : A string with a meaningful value so that people know when to use this PriorityClass. Note: Adding a PriorityClass with globalDefault set to true does not mean it will apply the same to the existing pods that are already running. This will be applicable only to the pods that came into existence after the PriorityClass was created. PriorityClass in action Here's an example. Next, create some environment-specific PriorityClasses: apiVersion : scheduling.k8s.io/v1 kind : PriorityClass metadata : name : dev-pc value : 1000000 globalDefault : false description : - (Optional) This prio...

The temperature inside the vehicle could reach the low 40s Celsius during Earth return.

James and I are working on a LinkedIn Learning course entitled “DevOps for Managers” and I wanted to share some of the books we love that we’ve found helpful in preparing it! We&#…

Advice on how to prepare for potential layoffs, how to support friends and colleagues who have been laid off, and how to find a new job after being laid off.