One topic that is of interest to me is ensuring the uptime of a web application. The kubernetes scheduler has many valid reasons where it needs to terminate a healthy container. Some such events are — version updates, auto-scaling and cluster bin-packing (where pods could be moved around worker nodes). This makes it paramount to ensure that the pods can indeed, exit with grace! While a rolling update deployment strategy provides the framework for zero downtime deployments, there are some subtleties in even the most popular reverse proxies & WSGI frameworks out there, that, if not fine tuned, could cause…
Kernel parameters (see the full list by running
sudo sysctl -a) can be categorized as “safe” and “unsafe” in the context of running in a containerized workload orchestration environment such as Kubernetes.
A “safe” sysctl simply means that the said kernel parameter is “namespaced”. i.e., the value within one kernel namespace (container) does not necessarily reflect the value within another kernel namespace (container) and hence does not interfere with the way the underlying containerization machinery operates. An example of a safe sysctl would be the local ip port range (
An “unsafe” sysctl by contrast is not namespaced and can…
Sharing what I learn. And some random musings. Kubernetes + Cloud + DevOps + Travel