Multus CNI with k3s and RKE

Using Multus CNI in K3S

By default, K3S will run with flannel as the CNI and use custom directories to store CNI plugin binaries and config files(You can inspect the kubelet args K3S uses via journalctl -u k3s|grep cni-conf-dir). So you need to configure that properly When deploying Multus CNI.

For example given the official Multus manifests in, the following changes are needed:

 - name: cni
aliases for kubectl with autocomplete
source <(kubectl completion bash)
local cur prev words cword
declare -A flaghash 2>/dev/null || :
if declare -F _init_completion >/dev/null 2>&1; then
_init_completion -s || return
__kubectl_init_completion -n "=" || return
Secure Google Cloud Platform Checklist

Secure GCP infrastructure checklists

Initial setup

  • Configure org policies
    • Restrict allowed IAM domains
    • Disable key download
    • Disable default network
    • Disable external IP
    • Require shielded VM
  • Prepare for VPC service controls (data protection)
Migrate Redis data on Amazon ElastiCache
Copies all keys from the source Redis host to the destination Redis host.
Useful to migrate Redis instances where commands like SLAVEOF and MIGRATE are
restricted (e.g. on Amazon ElastiCache).
The script scans through the keyspace of the given database number and uses
a pipeline of DUMP and RESTORE commands to migrate the keys.
Requires Redis 2.8.0 or higher.