Some executables need elevated privileges, but we don’t always want to provide a user with root access. Fortunately, Linux and macOS support setuid. setuid instructs the OS to run an executable as the owner of the executable instead of the current user.
The next question to answer after writing How do Kubernetes and Docker create IP Addresses?! is “How does Docker handle publishing ports?”
In the previous post, we created our own network namespaces, virtual interfaces, and assigned IP addresses to these virtual interfaces. Now we’ll learn how to make a request to 127.
This is a follow-up to Resolving Kubernetes Services from Host when using kind. In the previous post we modified the host’s DNS configuration (/etc/resolv.conf) and the host’s IP routes to communicate to the kind cluster from our host. There are scenarios where modifying the host environment isn’t ideal, such as running integration tests on a local development laptop.
One of the first mysteries I encountered with Docker and Kubernetes was seeing IP addresses created for containers and pods. And thinking how did these IP addresses enable binding a port number already used by another process? Turns out this is handled by Linux’s network namespaces and virtual interfaces.
In previous posts we covered creating smaller commits and splitting an existing commit. In practice there are cases where it is helpful to modify an existing commit. This can range from wanting to improve a commit message to adding additional code changes like fixes or tests.