A tensor formalism for computer science Jon Bratseth bratseth@verizonmedia.com Verizon Media Trondheim, Norway Håvard Pettersen havard.pettersen@verizonmedia.com Verizon Media Trondheim, Norway Les...

Sheet1 Attribute memory usage example Number of documents 200000000 Resize overhead factor 1.2 Constants (don’t edit): Enum index width 4 Enum value width 4 Posting entry width (singlevalue) 4 Post...

In this tutorial you will learn how and why to externalize your microservice’s configuration. Specifically, you will learn how to use Kubernetes ConfigMaps and Secrets to set environment variables and then consume them using MicroProfile Config. Before you begin Creating Kubernetes ConfigMaps & Secrets There are several ways to set environment variables for a Docker container in Kubernetes, including: Dockerfile, kubernetes.yml, Kubernetes ConfigMaps, and Kubernetes Secrets. In the tutorial, you will learn how to use the latter two for setting your environment variables whose values will be injected into your microservices.

This page provides an overview of best practices when it comes to enforcing Pod Security Standards. Using the built-in Pod Security Admission Controller FEATURE STATE: Kubernetes v1.25 [stable] The Pod Security Admission Controller intends to replace the deprecated PodSecurityPolicies. Configure all cluster namespaces Namespaces that lack any configuration at all should be considered significant gaps in your cluster security model. We recommend taking the time to analyze the types of workloads occurring in each namespace, and by referencing the Pod Security Standards, decide on an appropriate level for each of them.

Kubernetes is a portable, extensible, open source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. It has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available.

Each object in your cluster has a Name that is unique for that type of resource. Every Kubernetes object also has a UID that is unique across your whole cluster. For example, you can only have one Pod named myapp-1234 within the same namespace, but you can have one Pod and one Deployment that are each named myapp-1234. For non-unique user-provided attributes, Kubernetes provides labels and annotations. Names A client-provided string that refers to an object in a resource URL, such as /api/v1/pods/some-name.

This page provides an overview of available configuration options and best practices for cluster multi-tenancy. Sharing clusters saves costs and simplifies administration. However, sharing clusters also presents challenges such as security, fairness, and managing noisy neighbors. Clusters can be shared in many ways. In some cases, different applications may run in the same cluster. In other cases, multiple instances of the same application may run in the same cluster, one for each end user.

An overview of the Pod Security Admission Controller, which can enforce the Pod Security Standards.

Principles and practices for good Secret management for cluster administrators and application developers.

A time-to-live mechanism to clean up old Jobs that have finished execution.