One of the requirements of the k8s networking model is that all pods running in a host are able to communicate with each other. This flat networking model posses some security challenges in clusters that are multi-tenanted. So for an MSP running multiple customer applications on a single cluster; this can lead to customers accessing each other’s service. Even in a setup where multiple business units share a common cluster having a network security policy is needed from a goverance and…

EKS and GKE make k8s networking some what transparent. You bring up a cluster and nodes, then create a deployment and by magic your pods have IP addresses and even a load balancer. Obviously this is assuming your VPCs and subnets are already in place, but the main point is that you never typically get to worry about the inner working on how networking is implemented within your k8s clusters. In this post, I will be studying how this networking magic happens behind the scenes.

K9s is CLI application that is designed to interact with Kubernetes clusters. The project is opensource (github: https://github.com/derailed/k9s) and it’s aim is to make it easier to navigate, observe and manage application deployed in Kubernetes.