Blog
Thoughts on engineering, design, and building great products.
LimitRange and ResourceQuota
When many teams share one cluster, nothing stops team A from creating 10,000 pods or asking for 64Gi RAM for a single container — unless you set rules. LimitRange sets defaults and min/max for each pod in a namespace; ResourceQuota caps the total resources and object count the whole namespace can use. This article closes Part VI with both: testing for real the default-injection, the over-max 403, and the fourth pod blocked by quota.
Labels, selectors, namespaces and annotations
We've typed -l app=web dozens of times without stopping to ask how it works. This article opens Part V with the toolkit for organizing and querying objects: labels to tag and select (equality and set-based), annotations to attach non-identifying metadata, namespaces to isolate, and field selectors to filter by built-in fields. Each kind of selector is tested for real on a basket of labeled pods.
Namespaces, Labels and Selectors
Two foundational organizing mechanisms in Kubernetes: namespaces split the cluster into separate compartments, while labels/selectors are how you tag and select resources — the very 'glue' that Deployment and Service use to find pods. This article makes both clear with real examples.