Skip to main content
All posts tagged “Technical posts”

Prometheus is a monitoring system and time series database expressly designed for the highly distributed, automated, and scalable modern cluster architectures orchestrated by systems like Kubernetes. Prometheus has an operational model and a query language tailored for distributed, dynamic environments.

Distributed systems commonly rely on a distributed consensus to coordinate work. Usually the systems providing distributed consensus guarantee information is delivered in order and never suffer split-brain conflicts.

While Kubernetes is ushering in a world where SSH is less necessary on a daily basis for deploying and managing applications, there are still instances when SSH is necessary for gathering statistics, debugging issues, and repairing configuration issues. So, while years from now there may not be a need to SSH and run one-off debugging sessions, the tools below are useful for quickly SSH'ing into machines in your Kubernetes cluster.

 

Locksmith is the component included in CoreOS Container Linux that manages machine reboots after an update has been downloaded. This is a critical part of the operating system that we’ve had in place since the launch of our distribution, and today is part of the reason why when a security vulnerability is released we can update every auto-updating Container Linux machine on the order of hours.

Locksmith has four update strategies:

CoreOS etcd’s first commits happened some three and a half years ago, and a lot has changed since that initial version 0 of the etcd API. etcd version 3, introduced last summer, offers a streamlined, gRPC-based API and dramatic performance improvements over both competitive solutions and its own prior versions, while maintaining the distributed reliability and rolling upgrade capabilities that make etcd manageable in production.

Today, CoreOS introduced a new class of software called Operators and are also introducing two Operators as open source projects, one for etcd and another for Prometheus. In this post, we'll outline the importance of an Operator for Prometheus, the monitoring system for Kubernetes.

The CoreOS rkt container engine is designed for security and production deployment scenarios.

This video shows how to use rkt’s modular stage1 isolation mechanism to choose the process isolation model that makes the most sense for your application. By executing alternate stage1s, you can either expose more host resources to your application, or segment it away from your host further by running it inside of a rkt-managed virtual machine.

Development on Ignition, CoreOS's machine provisioner, has continued apace since its public debut. Along with internal changes and fixes, Ignition has seen widening support in the CoreOS Linux operating system and associated tools.

This week’s spotlight on CoreOS rkt explores how rkt’s cryptographic image signing and verification works. This video will walk through creating a GPG keypair, signing an image with it, and using rkt to verify the image’s signature.

Monitoring is one of the pillars of successful infrastructure. It has been called the base of the hierarchy of reliability. Monitoring is a must have for responding to incidents, detecting and debugging systemic problems, planning for the future, and generally understanding your infrastructure.

Subscribe to Technical posts