Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Understanding the playground

Different concepts are required to exploit the full potential of the Napptive playground, let’s explore some of them in more detail:

  • Web interface: An impressive UI to monitor and understand deployed applications.
  • CLI: A CLI that integrates with the Kubernetes tools to deploy applications.
  • OAM: The Open Application Model is the specification we use to define cloud-native applications.
  • Kubernetes: Our orchestration engine of choice.

Limitations on the free account

The playground is offered as a free service with some restrictions. In particular, applications will be shut down after 24 hours. If you need more time contact us and discover our offerings. Check our Terms & conditions for more information.

Playground security

Security is a key feature of any SaaS system. Our Playground enforces some security mechanisms to protect each customer account from interactions with others. Additionally, some restrictions apply related to the privileges available on the containers:

  • Priviledged containers are not allowed to avoid privilege escalation and undesired interaction with the cluster infrastructure.
  • Adding extra Linux capabilities is not permitted.
  • Additionally some Kubernetes operations such as creating new namespaces and cluster-level entities are not allowed.

Our recommendations for packaging applications for Kubernetes are:

  • Use a non root user to launch your application with. In the Dockerfile, use USER to specify the user that will execute the processes. Use runAsUser to launch your container with another user.
  • Do not use reserved ports such as 80, Kubernetes services can be attached to any port, as routing is done through other layers such as load balancers or ingresses.

For more information, take a look to the Docker best practices on how to create Dockerfiles.

What’s next