In this post, I will share my idea of how you can implement self service capability for provisioning EKS cluster using ServiceNow Self Service Portal, Lambda and Boto3 framework.

Note: This is not a step-by-step guide. However if you need more details, please reach out to me.

Idea ( the easy part )

For most of us who have been working in Software industry for quite sometime, its very unlikely that one wouldn’t have heard about Service Now. Most of the organizations use Service Now for incident, change and request management.

Among the many functionalities provided by SNOW, I found the Self Service Portal functionality to…

In this post we will see how to setup cri-o as a container runtime for Kubernetes.

What’s a container runtime?

Container Runtime is a software that is responsible for running and managing containers on a node. Docker is the most widely known container runtime but there are few others in the market like containerd, rkt and cri-o.

After version 1.20, Kubernetes will deprecate docker as its container runtime. For docker this isn’t a big deal because docker is not just a container runtime but its a suite of products that can be still used to build and run containers. …

In this Byte size post we will uncover the code that is executed in the background when we execute kubeadm init command.

If you had ever setup a self hosted kubernetes cluster then most probably you would have followed any one of the below:

1. kubeadm way ( kubeadm cli provided by kubernetes)
2. other tools ( tools like kops that are available in the market)
3. The hard way ( most of us would have followed the excellent doc written by Kelsey Hightower )

When I started working on kubernetes I followed the kubeadm way which I felt was the most easiest…

In this KB sized post we will understand internals of Kubernetes Controller with the help of a tiny custom controller - Chronos that I wrote to watch changes to Pods deployed in all the namespaces.

What is a Controller?

In simple terms, a controller is a endless loop that continuously checks the state of every object inside a system . Whenever the state of an object changes, a dedicated handler is invoked that is responsible for performing an action.

When you create an object in Kubernetes you define the state of the object which is then persisted to the data store. Kubernetes runs many…

In this Byte size post, we will explore few important files and directories of K8’s source code that serve as a good starting point to understand all the magic that Kubernetes does!

Kubernetes source code is a treasure chest for golang developers. But when I first started browsing the source code, it felt more like a Pandora’s Box to me. With lots of components that constitute a Kubernetes ecosystem and mind boggling lines of code for each component, it is one of the toughest code base to understand. …

In my earlier post, I have outlined what is an admission controller, types of controllers shipped with Kubernetes and how to enable these controllers.

In this post we will see how to write a basic version of admission controller that will help us to understand the concepts. It does require a fair amount of knowledge of how REST endpoints work and how to create a minimal REST API server (preferably in Golang). You should also be familiar with Golang or at least know how to read the docs of a Kubernetes go packages and understand the code. …

A Kubernetes Control plane consists of several components.One such component is kube-apiserver or simply an API server. It exposes a REST endpoint through which users, cluster components or any client application can communicate with the cluster. In simple words it does the following:

1. Receives a standard HTTP request from a client application like kubectl.
2. Authenticates the incoming request and applies Authorization policies.
3. On a successful authentication, it performs an action based on the endpoint object (Pod,Deployments, Namespace etc) and the http verb (Create, Put, Get, Delete etc) .
4. Makes changes to etcd data store to persist the data.
5. Once the…