Crowd is Atlassian centralized identity management tool. Since Crowd 2.7, the Active Directory Connector is able to sync the disabled flag from Active Directory to Crowd. But if you are using older version or other connectors (e.g Delegated Authentication Directory), then you may run into the issue that users are disabled in Active Directory are … Continue reading CrowdLess – Make Crowd less crowded
I summarised a list of FAQ about the memory request and limit in Kubernetes. Also I have a real example down the bottom. 1) What if Container exceed memory request? Totally fine, a Container can exceed its memory request if the Node has memory available. 2) What if Container exceed memory limit? Thats dangerous, as … Continue reading The myth of memory requests and limits in Kubernetes
Caching is 'fun' if you don't set it up correctly. A useful cheat sheet of CloudFront edge cache TTL settings that I found in AWS documents site. Origin Configuration Minimum TTL = 0 Seconds Minimum TTL > 0 Seconds The origin adds a Cache-Control max-age directive to objects CloudFront caching CloudFront caches objects for the lesser of … Continue reading CloudFront Edge Cache Settings
We had a short outage recently which was caused by the pods were not recreated on other nodes when the previous node become unresponsive. It is Kubernetes 1.6, and according to the documentation, it is expected in some cases. "If the Status of the Ready condition is “Unknown” or “False” for longer than the … Continue reading Pods are not recreated after kubernetes node failure
A nice diagram that I found on Okta illustrates the workflow of both SP-initiated and IDP-initialed SSO. Reference: https://developer.okta.com/standards/SAML/index http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
Jackie Chen's IT Workshop 