Roland
boosted
Plateforme d'apprentissage pour apprendre les tests d'intrusion sur kubernetes :
Plateforme d'apprentissage pour apprendre les tests d'intrusion sur kubernetes :
Is there any world where it makes sense to set the cluster service IP range as global IPv6 addresses?
It _sortof_ works with a range in my router's delegated prefix but I'm suspecting Cilium's native routing option is treating it as North-South traffic since it's inside the native routing range.
Which I think means it's YOLOing CoreDNS's East-West attempts to reach the default Kubernetes service across the host interface (and to the gateway, which has no idea what to do with it).
Relatedly, I think I can put to bed my idea of service implementation being DNS.
Dear lazyweb!
Does anyone here have enough #kubernetes experience to try and convince me I should use it for managing a fleet of services which are NOT web services?
(My gut feeling is k8s is not designed for this so I'd struggle, but I don't know enough to know what I don't know.)
@HerraBRE #kubernetes works fine for any services that use TCP or UDP. It's just an orchestration API. Whether you should use it is a question of scale, mostly. In the past decade, I've put all sorts of things on #K8S.
@Stoned_Deva_ Adult-proof containers
「 Docker is essentially a sandwich of disk images where you can shove absolutely anything, and then these images get executed by running whatever legacy software you’ve crammed in there, regardless of how horrific or inconsistent it might be, with zero behavioral controls 」
https://andreafortuna.org/2025/06/20/unpopular-opinion-kubernetes-is-a-symptom-not-a-solution