https://github.com/microservices-security-in-action/samples/tree/master/appendix-j
- Page 500 / figure J.1, top, right caption which points to kubectl box. In the caption it says kubelet, should be corrected as kubectl.
We update this section as and when we find articles/blogs/videos related to the content discussed in this chapter.
- [Section J.2.3] Kubernetes uses itables to route traffic destined to a given service IP address to the corresponding pod. iptables is a user-space program providing a table-based system for defining rules for manipulating and transforming packets using the netfilter framework. This tutorial provides a very good intro to iptables and netfilter architecture: A Deep Dive into Iptables and Netfilter Architecture
- [Section J.4] This provides a comparision between different managed Kubernetes services offered by Google, Amazon, Microsoft, IBM, Digitalocean, Alibaba and so on: Comparison of Kubernetes managed services
- [Section J.18] Here is an excellent article that explains what happens during the creation and deletion of a Pod: Graceful shutdown and zero downtime deployments in Kubernetes
- [Section J.18] kube-proxy operates in three modes to define routes to pods (userspace, iptables and IPVS), This artciles gives a very good caomparision between those three modes: Comparing kube-proxy modes: iptables or IPVS?
- Minimum Viable Kubernetes
- This is an excellent article written by Kevin Sookocheff on the Kubernetes network model: A Guide to the Kubernetes Networking Model
- There is no easy way to see network namespaces, as Kubernetes and Docker don’t register them (“ip netns” won’t work with Kubernetes and Docker). But we can use a few tricks discuss in this article to see, debug, manage and configure POD networking from the host: A Hacker’s Guide to Kubernetes Networking
- Deconstructing Kubernetes Networking