Welcome to YAUB - Yet Another Useless Blog
The articles in this blog shall help to easily tests and understand specific issues so they can be reproduced and tested on local environments.
You can find the most recent posts on this site or walk through the different categories via the left navigation.
Recent Posts
Author: Thomas Jungbauer
Published: 2021-07-19
( Lastmod: 2021-08-14 )
OpenShift comes out of the box with a highly secure operating system, called Red Hat CoreOS. This OS is immutable, which means that no direct changes are done inside the OS, instead any configuration is managed by OpenShift itself using MachineConfig objects. Nevertheless, hardening certain settings must still be considered. Red Hat released a hardening guide (CIS Benchmark) which can be downloaded at https://www.cisecurity.org/.
Read More Author: Thomas Jungbauer
Published: 2021-02-27
( Lastmod: 2021-08-14 )
In this blog post we would like to explore OpenShift / Kubernetes
block device handling. We try to answer the following questions:
Read More Author: Thomas Jungbauer
Published: 2021-01-27
( Lastmod: 2021-08-14 )
This quick post shall explain, without any fancy details, how to write an Operator based on Ansible. It is assumed that you know what purpose an Operator has.
As a short summary: Operators are a way to create custom controllers in OpenShift or Kubernetes. It watches for custom resource objects and creates the application based on the parameters in such custom resource object.
Often written in Go, the SDK supports Ansible, Helm and (new) Java as well.
Read More Author: Thomas Jungbauer
Published: 2020-12-10
( Lastmod: 2021-08-14 )
OpenShift comes per default with a static Grafana dashboard, which will present cluster metrics to cluster administrators. It is not possible to customize this Grafana instance.
However, many customers would like to create their own dashboards, their own monitoring and their own alerting while leveraging the possibilities of OpenShift at the same time and without installing a completely separated monitoring stack.
Read More Author: Thomas Jungbauer
Published: 2020-08-06
( Lastmod: 2021-08-14 )
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. GitOps itself uses Git pull request to manager infrastructure and application configuration.
Read More Author: Thomas Jungbauer
Published: 2020-05-13
( Lastmod: 2021-08-14 )
Red Hat Service Mesh 1.1 allows you to enable a "Automatic Route Creation" which will take care about the routes for a specific Gateway. Instead of defining * for hosts, a list of domains can be defined. The Istio OpenShift Routing (ior) synchronizes the routes and creates them inside the Istio namespace. If a Gateway is deleted, the routes will also be removed again.
Read More Author: Thomas Jungbauer
Published: 2020-05-13
( Lastmod: 2022-08-27 )
Red Hat Quay is an enterprise-quality container registry, which is responsible to build, scan, store and deploy containers.
The main features of Quay include:
Read More Author: Thomas Jungbauer
Published: 2020-05-12
( Lastmod: 2021-08-14 )
Per default all requests inside a Service Mesh are allowed, which can be a problem security-wise.
To solve this, authorization, which verifies if the user is allowed to perform a certain action, is required.
Istio’s authorization provides access control on mesh-level, namespace-level and workload-level.
Read More