Pod Priority, Priority Class, and Preemption

While deploying the deployment manifest, we found that some of the critical pods are not getting scheduled whereas others are getting scheduled easily. Now, I wanted to make sure that the critical pod gets scheduled first over other pods. I started exploring pod scheduling and then came across one of the native solutions for Pod Scheduling using Pod Priority & Priority Class. So in this blog, we’ll talk about Priority Class & Pod Priority and how we can use them for pod scheduling.

Pod Priority

It determines the importance of a pod over another pod. It is most helpful when we need to schedule the critical pods, which are unable to schedule due to resource capacity issues.

Priority Class

It is a non-namespace object. It is used to define the priority. Priority Class objects can have any 32-bit integer value smaller than or equal to 1 billion. The higher the value, the higher will be the priority.

Pod Preemption

It allows the higher-priority pods to evict the lower-priority pods so that higher-priority pods can be scheduled, which is by default enabled when we create PriorityClass.

Continue reading “Pod Priority, Priority Class, and Preemption”

Securing Kubernetes Traffic with Cert-Manager & Lets Encrypt 

why do we need to use cert-manager?

Cert-Manager simplifies the process of creating & renewing certificates. It makes sure your certificate is valid and up to date by renewing the certificate automatically for you in your kubernetes cluster. So that your domain certificate never expires.

What is Cert-Manager?

Cert-Manager is a Kubernetes native certificate management controller consisting of a set of CustomResourceDefinitions. When we add cert-manager in our Kubernetes cluster it adds on the certificate & certificate issuers as custom resource types in the Kubernetes cluster. which helps in adding or renewing the certificate. It also ensures that your certificate is valid and up to date. Cert-manager can issue certificates from a variety of sources such as let’s encrypt, Vault, and SelfSigned, Venafi.

How cert-manager is related to HTTP & HTTPS?

As cert-manager helps in assigning the certificate from certificate Issuers to our domain. Now that certificate will be used by HTTPS protocol where “S” stands for secure. HTTP protocol was developed in the early 1990s and was initiated by Tim Berners-Lee. HTTP gives users a way to interact with web resources such as HTML files by transmitting hypertext messages between clients and servers. However, it does not provide a single level of security when exchanging information between client and server. Therefore it is more prone to attackers as it sends that data as plain text.

Continue reading “Securing Kubernetes Traffic with Cert-Manager & Lets Encrypt “