🚀 New on LearnKube: “User and workload identities in Kubernetes.” The Kubernetes API server must identify the caller before it can check permissions. The article follows that identity through the request path: external users, in-cluster workloads, service account tokens, projected volumes, JWT claims, TokenReview, and AWS IAM federation. You will learn: - how authentication differs from authorization - why human users usually come from OIDC, certificates, webhooks, proxies, or static token files - how pods authenticate with service accounts - why TokenRequest and projected volumes replaced automatic long-lived token secrets - what `sub`, `aud`, `iss`, and `exp` tell you inside a JWT - how EKS IRSA uses projected tokens to federate with AWS IAM - how TokenReview validates Kubernetes-issued tokens inside the cluster Read the full article: https://lnkd.in/gvhiN-DK
YAML Games
Entertainment Providers
Welcome to the only quiz series where knowing Kubernetes might actually work against you.
About us
- Website
-
https://yaml.games
External link for YAML Games
- Industry
- Entertainment Providers
Updates
-
We published a Kubernetes production-readiness checklist for teams preparing workloads for production. The checklist is designed to help platform and application teams review the Kubernetes-specific behavior that affects an application before it goes live. It includes: - An interactive checklist - Detailed explanations for each production-readiness check - A downloadable PDF worksheet It walks through five areas: - The contract between your application and Kubernetes - The manifests that define how Kubernetes should run it - The workload security posture - Scaling behavior under load - Operational checks after launch Open the checklist: https://lnkd.in/g2b4E2Qp If you want a guided review, LearnKube also offers a Kubernetes Production Readiness Review with one of our instructors: https://lnkd.in/g7SDB5hM
-
-
🚀 I created a map of the Kubernetes control plane. If you’ve ever wondered what happens after you run `kubectl apply`, this should help. For the past few months, I’ve been putting together a five-part series about the key parts of the control plane: - the API server - etcd - the scheduler - the controller manager and how they all work (and scale) together. While working on it, I made many diagrams. Rather than keeping them in separate articles, I combined them into one visual map. I hope you find it useful: https://lnkd.in/gPmvDUiC The map is sized for A4 paper, so you can print it out and put it on your wall if you like! 🌟 And if you want to level up your Kubernetes game, don’t miss our next 4-day Advanced Kubernetes workshop starting this Thursday! https://lnkd.in/gesTDVZK
-
-
The YAML Games are back. Thursday, March 26 · 11:00 CET Google Booth · Solutions Showcase · KubeCon Amsterdam The live quiz show where knowing Kubernetes might actually work against you. Last round, "Psyduck" walked away with €50 and eternal glory. Come find out if you're next - or just OOMKilled by laughter. 💀 yaml.games 💀
-
You may think you know YAML. You may think you know Kubernetes. 💀That confidence shall be your downfall.💀 TODAY at KubeCon: LearnKube is hosting the YAML Games a live, fast-paced quiz show where experts crash and burn and beginners take the lead. Your hosts: 🎙Bart Farrell, Salman Iqbal, Amin Astaneh Take on challenges like Impostor Pod. Kube Conundrum, and Guess That CNCF Project. Two chances: * 14:15 @ CloudBolt Software Booth 483 * TBD @ Google Booth. YAML dot GAMES. Be there.
-
YAML Games reposted this
You may think you know YAML. You may think you know Kubernetes. 𝗧𝗵𝗮𝘁 𝗰𝗼𝗻𝗳𝗶𝗱𝗲𝗻𝗰𝗲 𝘀𝗵𝗮𝗹𝗹 𝗯𝗲 𝘆𝗼𝘂𝗿 𝗱𝗼𝘄𝗻𝗳𝗮𝗹𝗹. TOMORROW, LearnKube is hosting the YAML Games - a live, fast-paced quiz show where experts crash and burn, and beginners take the lead. I'll be joining host 🎙Bart Farrell and Salman Iqbal to bring you the chaos. Take on challenges like: • Impostor Pod • Kube Conundrum • Guess That CNCF Project • Fill The Missing Information ⚡ Fast rounds 🎯 Real cloud native knowledge 🏆 Glory and bragging rights Thursday. 8AM Pacific. 5PM Central European. Free. Online. No kubeconfig required. Watch the video, then decide if you're brave enough to join us. Tag someone you want to see humbled in the comments. 𝗬𝗔𝗠𝗟.𝗚𝗔𝗠𝗘𝗦. 𝗕𝗲 𝘁𝗵𝗲𝗿𝗲.
-
YAML Games reposted this
The first rule of YAML Games is: you talk about YAML Games. The second rule? You show up ready to prove you actually understand your YAML. We did it at KubeCon. Now we’re bringing the chaos online. I’ll be hosting alongside the legendary Salman and Amin legion of OOM. ⚡ Fast rounds 🎯 Real Kubernetes knowledge 🏆 Cool prizes 🔥 Zero boring slides Rounds like: • Kube Konundrum • Imposter Pod • Guess That Project • Fill in the Missing Info Think you know Kubernetes? Or are you just dangerously confident with copy/paste? 📅 Thursday 🕗 8am PST / 5pm CET Watch the video. Then decide if you’re brave enough to join us. Tag someone you want to see win(or lose) in the comments- Sign up here- https://yaml.games/ Join us- https://lnkd.in/eGKiKiZq or https://lnkd.in/eHFj2qYv
-
The YAML Games are going online. Be wrong. Be loud. Win stickers. The only quiz show where overthinking Kubernetes is a competitive disadvantage. 📅 Feb 19 📍 Online · 5pm CET / 8am PT Free. Zero config required. Just a willingness to be wrong in public. → https://yaml.games
-
-
Someone just submitted a ticket saying “Kubernetes is slow.” I check the cluster. They are running: - 47 pods in a single namespace - No resource requests - No resource limits - 3 CrashLoopBackOffs "that are unrelated" - One Node doing all the work because reasons I delete half the pods, add basic requests/limits and restart the deployment. Everything stabilises. Latency disappears. Alerts go quiet. I write in the ticket: "Resolved, rebalanced workloads, enforced resource governance and optimised cluster scheduling." They reply: "Wow, thank you! What was the issue?" I reply: "Just some resource contention and scheduling inefficiencies. Should be good now." I didn’t lie. I just used technical language to describe "you deployed chaos and hoped Kubernetes would parent it." If I say "please set resource limits and stop deploying 47 replicas for a demo", they'll feel attacked. If I say "implemented proactive capacity management", they'll feel supported. Same fix. Better optics. Also, they’ll deploy another YAML with replicas: 20 and no limits next sprint. And I’ll "optimise the cluster" again. This is called cloud-native scalability.