This is the second post of my series of posts where I discuss security in Kubernetes. In the first post, I wrote about service accounts, what they are made up of and their usage.
As mentioned in the first post a service account is made up of a secret. This secret contains a
ca.crt file and a
jwt token. This token is then mounted into the pod. The pod uses this token as a
Bearer token to authenticate its API requests to the API server. …
This post is part of a series of posts, where I will discuss security in Kubernetes. The aim is to take you with me on simplifying this complex concept.
Interaction with a Kubernetes cluster involves communication with the API server. This communication is in the form of requests sent to the API server. When a request is received by the API server it first tries to authenticate the request, if this authentication fails the request is treated as an anonymous request. …
An Afghan reflection on America’s longest war.
On September 10 2001 Afghanistan was a forgotten country in the heart of Asia. As the world looked ahead to the future, this country and its people were still paying the price of a great game that was played here between the then two superpowers of the world, the USSR and the USA. There was a war going on between two factions who both had recently fought a religious war against the USSR. Regional countries like Pakistan, Iran, Russia, India, each had their fingers in the pie.
The Afghan people lived a miserable…
A Django project is a collection of apps that work together to deliver a set of functions. This collection consists of apps provided by Django, ourselves and other developers. In a project, the full set of apps belonging to a project is found in the projects
settings.py , declared as the
When the application server starts (django-dev server or
uwsgiserver), it loads the settings defined for the project to configure the site. The variable
DJANGO_SETTINGS_MODULE defines the correct settings for the environment where your app is running i-e development or production. The loading process involves the loading of…
Django is a free open-source python back-end web framework that removes the tedium and comes packed with features that are required by almost every web application. It provides lots of management commands out of the box that allows users to accomplish important tasks. Of these, almost everyone has used the
However, Django also provides us with the ability to create our own management commands for any application that we want. Management commands are really helpful for running periodic tasks in your application and are run mostly either after each deployment or as corn jobs.
Django object-relational mapper (ORM) is a very powerful tool. It is the easiest way for a Django developer to interact with the database. A developer interacts with ORM as often as it interacts with Django views.
The model managers is a major tool of Django’s ORM that developers use to interact with the database. Fundamentally a manager is a Python class that inherits from the Manager class defined in Django’s
According to Django Docs, at least one Manager exists for every model in a Django application. Django by default adds the
objects manager to every model that is…
Django is a very powerful open-source web development framework in Python. It comes with lots of built-in features required for any web application. These features enable developers to build and deliver the application with ease and in a short time.
Of these features, one of the most powerful features is its Object-Relational Mapper. This enables you to interact with your database without writing a single SQL query. It is defined as a pythonic way of interacting with the database and getting results.
In a relational database, a one-to-many relationship is created when a parent record in one table can reference…
Recently at work, we wanted to enable users to log in to Jenkins UI as individual users so any jobs that are being run can be traced back to an individual. Although we use Google as our email provider the issue was that it will enable everyone in the company to log in to Jenkins. We had the facility of using Jenkins own database but I wanted something more secure.
Jenkins has the functionality to use /etc/shadow file for authentication but it requires the Jenkins user to be added to the root group. …
A DevOps and software engineer. A technology enthusiast. Love learning new technologies and sharing my learning with others.