Mikhail Advani
Mikhail Advani
In a multi-tenant kubernetes cluster with tenant not having cluster-admin privileges, sharing the kubent output is not straightforward. Below is my proposal to tackle this: 1. Run kubent as webservice...
As discussed in #128 connectivity tests to remaining RDS databases needs to be implemented: - SQL Server - PostgreSQL - Oracle - Aurora - might already be covered with existing...
Fixes #485
Have the ability to have a PDB for the kiam-server. We can achieve fault tolerance by running the kiam-server on different nodes using podAntiAffinity but to prevent downtime during admin...
The manifests included in the [deploy](https://github.com/uswitch/kiam/blob/master/deploy/server.yaml) folder as well as the [stable/kiam](https://github.com/helm/charts/blob/master/stable/kiam/templates/server-daemonset.yaml) helm chart both run the kiam-server as a daemonset. While running the kiam-server pods on a dedicated set...
**What happened**: Configuration changes made in /etc/sysctl.conf override configurations made in 99-kubernetes-cri.conf. We had some legacy hardening configurations that set `net.ipv4.ip_forward = 0` in the /etc/sysctl.conf file in our AMI...
### Kyverno Version 1.6.2 ### Description Setup: Kyverno on EKS Sample policy: ```yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: name: my-pod-mutations spec: background: false rules: - name: tls-bundle-volume match: any: -...
Installing the chart with apiVersion v1 through kustomize along with a bundle resource in the same go is resulting in dry run errors because the CRDs are not evaluated separately
Affinities and topologySpreadConstraints can wait for nodeSelector(enforced by validatingwebhooks) and tolerations(where all nodes run with taints) are more important to support in the helm chart
#### What does this PR do? Correctly allows the specification of drop in the helm chart values. #### Where should the reviewer start? Helm chart. #### How should this be...