Understanding the playground
Different concepts are required to exploit the full potential of the Napptive playground, let’s explore some of them in more detail:
- Web interface: An impressive UI to monitor and understand deployed applications.
- CLI: A CLI that integrates with the Kubernetes tools to deploy applications.
- OAM: The Open Application Model is the specification we use to define cloud-native applications.
- Kubernetes: Our orchestration engine of choice.
Limitations on the free account
The playground is offered as a free service with some restrictions. In particular, applications will be shut down after 24 hours. If you need more time contact us and discover our offerings. Check our Terms & conditions for more information.
Playground security
Security is a key feature of any SaaS system. Our Playground enforces some security mechanisms to protect each customer account from interactions with others. Additionally, some restrictions apply related to the privileges available on the containers:
- Priviledged containers are not allowed to avoid privilege escalation and undesired interaction with the cluster infrastructure.
- Adding extra Linux capabilities is not permitted.
- Additionally some Kubernetes operations such as creating new namespaces and cluster-level entities are not allowed.
Our recommendations for packaging applications for Kubernetes are:
- Use a non root user to launch your application with. In the Dockerfile, use
USER
to specify the user that will execute the processes. UserunAsUser
to launch your container with another user. - Do not use reserved ports such as 80, Kubernetes services can be attached to any port, as routing is done through other layers such as load balancers or ingresses.
For more information, take a look to the Docker best practices on how to create Dockerfiles.
What’s next
- Check our deploy tutorials on the different methods to deploy applications.