DevOps Hunter Security Automation

 We as DevOps and DevSecOps Engineers working on many microservice based application architectures where we need to manage Kubernetes Cluster  Troubleshot at various levels. You cannot rely on single point of look for failures. While working on Kubernetes Troubleshooting we can make ourselves easy to understand the problem, if we could classify the problem belong to the following categories. Application Failure Master node/ControlPlane Failures Worker node Failures Application Failure - trobleshooting Here I'm listing out these with my understanding and experiance in practice tests provided by Munshad Mohammad on KodeKloud. You should know the architecture how it is deployed what all its dependents, where they have deployed with what endpoints, what names used. Check the service 'name' defined and referring service should match and also check the services 'Endpoints' are correctly defined and in referenceing used correctly. k -n dev-ns get all Better to check that t...

Hello Guys! in this post we are going to explore about the Kubeconfig. This is a special configuration that will be part of Kubernetes Security. We can configure multiple clusters and different users can access these Kubernetes cluster. We can also configure the users can have access to multiple clusters. When we started working on Kubernetes Cluster there is a config file automatically generated for us.  To access a Kube Cluster using the certificate files generated for admin user can be given as follows: kubectl get pods \ --server controlplane:6443 --clisent-key: admin.key --client-certificate admin.crt --certificate-authority ca.crt Every time passing all these TLS details(server,client-key,client-certificate, certificate-authority) including in the kubectl command is tedious process. Instead of this we can move TLS Certificate file set into a config file that is called kubeconfig file. The usage will be as follows kubectl get pods --kubeconfig config Usually this...