How to Install and Configure Kubectl: A Tutorial

Reading Time: 4 minutes

What is Kubectl?

Kubectl is a command-line tool for Kubernetes. It allows us to execute Kubernetes operations via the API. We can use Kubectl to deploy apps, check logs as well as manage all the other resources of the cluster.

Kubernetes uses an HTTP-based REST API which is the actual Kubernetes user interface employed to manage it. This means that every Kubernetes operation is represented as an API endpoint and can be carried out based on an HTTP-request sent to the endpoint. 

In this article, we will review Kubectl, and outline its installation, configuration, and use. 

Continue reading “How to Install and Configure Kubectl: A Tutorial”

How to Install Minikube On CentOS, Mac and Windows

Reading Time: 5 minutes

What Is Minikube?

Minikube is the name of a software program written in Go, which can build a local Kubernetes cluster on a single host. It uses a meager amount of resources to run a mini Kubernetes deployment. Minikube is mainly used for testing purposes using different scenarios or versions of Kubernetes

Continue reading “How to Install Minikube On CentOS, Mac and Windows”

Information on CVE-2015-5154

Reading Time: < 1 minute

Overview

Information on CVE-2015-5154 was made public on July 27, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.

Impact

Specifically a flaw with how QEMU’s IDE subsystem handles buffer access while processing certain ATAPI commands, exploitation can allow for the execution of arbitrary code on the host with the privileges of the host’s QEMU process corresponding to the guest.

Summary

  • Made public on July 27, 2015
  • This flaw exploits QEMU, a generic and open source machine emulator.
  • Allows for an attacker to execute arbitrary code outside of their own virtual machine.

Resolution

A patch is available, and Liquid Web’s Heroic Support has proactively scheduled a reboot to patch all affected servers. Continue reading “Information on CVE-2015-5154”

Information on CVE-2015-3456 QEMU Vulnerability (VENOM)

Reading Time: < 1 minute
Overview
VENOM, or Virtualized Environment Neglected Operations Manipulation, was made public on May 13, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.
Impact
Specifically a flaw with how QEMU handles out-of-bounds memory access, exploitation can cause the entire hypervisor to crash and may allow an attacker to access other virtual machines outside of their own.
Summary
  • Made public on May 13, 2015
  • This flaw exploits QEMU, a generic and open source machine emulator.
  • Allows for an attacker to access other virtual machines outside of their own.
Resolution
A patch is available, and Liquid Web’s Heroic Support has proactively scheduled a reboot to patch all affected servers. Continue reading “Information on CVE-2015-3456 QEMU Vulnerability (VENOM)”