Ivan DelićinOracle DevelopersSafeguarding OKE: Super-Admin vs. Regular UserOCI IAM policies significantly influence OKE internals and security. Depending on the Policy verbs for the cluster resource (e.g., manage…3 min read·Apr 18, 2024----
Ivan DelićinOracle DevelopersSafeguarding OKE: Kubernetes API Server Access Control With OCI IAM and RBAC ExplainedEvery cluster owner’s mission is to safeguard the OKE API server perimeter. You probably don’t want to expose kubectl access to the public…7 min read·Apr 16, 2024----
Ivan DelićinOracle DevelopersSafeguarding OKE: Kubernetes Authentication and AuthorizationSafeguarding OKE starts with access control for the Kubernetes API Server. The API Server is a part of the managed control plane of OKE…5 min read·Apr 10, 2024----
Ivan DelićHow to Resolve Multi-Attach Error With Block Storage PVC in OKE ProperlyIf you faced an error Multi-Attach error for volume "csi-..." Volume is already used by pod(s) when creating a pod, it means that…3 min read·Apr 9, 2024----
Ivan DelićHow to Define Cloud-Init Script in OKE Terraform ResourceThe OCI provider for Terraform often provides minimalistic documentation around OKE, especially popular oci_containerengine_cluster and…1 min read·Apr 3, 2024----
Ivan DelićHow to Customize Kube Reserved Resources in OKEDid you ever experience sudden kubelet failure at runtime, resulting in disconnected worker nodes? It’s easy to spot since worker nodes are…3 min read·Mar 26, 2024----
Ivan DelićinOracle DevelopersPulling the OCIR images to OKE without SecretsWouldn’t it be nice for OKE to pull the container images from private OCIR repos in a passwordless mode, without stored secrets and…3 min read·Mar 22, 2024----
Ivan DelićinOracle DevelopersAllowing OKE to Pull Images From Custom Image Repositories with Self-Signed CAOKE supports pulling container images from various sources, including custom registries with non-trusted and self-signed CAs. Still, to…2 min read·Oct 16, 2023----
Ivan DelićinOracle DevelopersAdvanced Kubernetes Networking: OKE in a Hub-Spoke ArchitecturesThe true power of OCI Container Engine for Kubernetes (OKE) arises from flexible core networking — VCN. VCN powers OKE to achieve advanced…5 min read·Sep 13, 2023----
Ivan DelićinOracle DevelopersServe gRPC on OKE With Ingress and Network Load balancergRPC is a highly performant Remote Procedure Call (RPC) framework based on HTTP/2 protocol, a perfect fit for resilient microservice…4 min read·Jul 14, 2023----