20. #everyonecancontribute cafe: Securing Kubernetes with Kyverno
Highlights We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series:
cafe: Provisioned the server and agent VMs with Terraform and Ansible in the first session with Max. cafe: Deployed k3s as Kubernetes distribution with Max. cafe: Learned about pods and the Hetzner load balancer with Max. cafe: Ingress controller for load balancer cost savings with Max.
Read More…
Written by: Michael Friedrich
19. cafe: Break into Kubernetes Security
Highlights We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series:
cafe: Provisioned the server and agent VMs with Terraform and Ansible in the first session with Max. cafe: Deployed k3s as Kubernetes distribution with Max. cafe: Learned about pods and the Hetzner load balancer with Max. cafe: Ingress controller for load balancer cost savings with Max.
Read More…
Written by: Michael Friedrich
18. Cafe: Kubernetes authentication and authorization with user management and RBAC
Highlights We are learning how to deploy Kubernetes into Hetzner cloud in this series:
Provisioned the server and agent VMs with Terraform and Ansible in the first session Deployed k3s last week Learned about pods and the Hetzner load balancer Ingress controller for load balancer cost savings We’ll take a break from deploying a Kubernetes cluster this week, and get to know Kubernetes user authentication and authorization from Niclas Mietz.
Read More…
Written by: Michael Friedrich
17. Cafe: Kubernetes deployments to Hetzner Cloud, step 4: Ingress controller for load balancer cost savings
Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you!
This session covers the fourth step, after having provisioned the server and agent VMs with Terraform and Ansible in the first session, deployed k3s last week and learned about pods and the Hetzner load balancer.
This week we’ll use a single load balancer for multiple websites to save costs - with an Ingress Controller.
Read More…
Written by: Michael Friedrich
16. Cafe: Kubernetes deployments to Hetzner Cloud, step 3: k3s load balancer & pod resources
Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you!
This session covers the third step, after having provisioned the server and agent VMs with Terraform and Ansible in the first session and deployed k3s last week:
Fix the cluster IPs with deploying the config with Ansible Inspect pod resources on error Learn about taint and tolerate error patterns Use Hetzner resources to manage the load balancer Encrypted secrets: at rest or HashiCorp Vault Pods as group of containers, in a Deployment or ReplicaSet (which maintains a stable set of running pods) Deployments are the recommended way to manage Pods as they are a higher-level concept that manages ReplicaSets and provides declarative updates to Pods along with a lot of other useful features like rollout history and rollbacks.
Read More…
Written by: Michael Friedrich
15. Cafe: Kubernetes deployments to Hetzner Cloud, step 2: k3s with Ansible
Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you!
This session covers the second step, after having provisioned the server and agent VMs with Terraform and Ansible last week:
Install wireguard to use with Flannel and encrypt the network traffic Install the k3s binary and deploy a systemd unit using Ansible Jinja templates k3s agent setups requires an auth token on the master.
Read More…
Written by: Michael Friedrich