-
Playing with Kubernetes Ingress Controller
It’s very very easy to use Kubernetes(K8s) to provision an external service with AWS ELB, there’s one catch though(at least for now in 2018). AWS ELB is usually used with an auto scaling group and a launch configuration. However with K8s, EC2 instances won’t get spun directly, only pods will, which is call Horizontal Scaling.…
-
Profiling Tomcat Remotely with Java Mission Control
I was interested to see why a tomcat app runs very slow. In the tooling stage, I picked Java Mission Control(jmc) because it’s a built-in of Oracle Java 8. To enable jmc and its flight recorder, I added the following Java switches to tomcat’s setenv.h file: Having restarted tomcat, double check if the port is…
-
Don’t Need Ngrok When I Have SSH
I was trying to create a Slack app. In order to let Slack send REST requests to my dev environment, eg. http://localhost:9000, I searched a bit and saw ngrok. Ngrok is very handy for this kind of setup: Slack -> xyz.ngrok.io -> localhost However I just don’t want to install anything so I turned to…
-
Kubernetes Log Aggregation with Filebeat and Logstash
Following last blog, Filebeat is very easy to setup however it doesn’t do log pattern matching, guess I’ll need Logstash after all. First is to install Logstash of course. To tell Filebeat to feed to Logstash instead of Elasticsearch is straightforward, here’s some configuration snippets: Filebeat K8s configMap: — apiVersion: v1 kind: ConfigMap metadata: name:…
-
Kubernetes Cluster Log Aggregation with Filebeat
Finally the Kubernetes cluster I was working on went live, and I didn’t provide a log aggregation solution yet. I had a look at dynaTrace, which is a paid SaaS. However it requires to install some agent in every container. It’s fun when there’s only several to play with but I wouldn’t rebuild dozens of…
-
Time Machine for Arch Linux
I’ve been using Arch Linux for some years, and it’s still my favorite Linux distribution. The feature that distinguished Arch from others is its rolling release which means there’s no such a thing called version in Arch. Using latest packages in Arch is the norm. However living on the edge means it’s not quite safe.…
-
夜捅马蜂窝
前院花坛的短墙是我刚刚搬家进来时修的, 当时比较仓促, 所以墙上有些砖缝比较不合格. 没想到今年夏天一窝马峰在此安家了, 日子还过的不错. 老婆在除草时显然惊扰了马蜂, 被蜇了一下慌忙撤退. 我本来想雇人搞定, 但在 YouTube 上搜了一下, 很多人都是自己动手不求人的. 当然方法很重要, 被马蜂群攻击是有生命危险的. 最重要的就是一定要夜袭, 因为夜间蜂群是回窝休息的, 附近没有巡逻兵. 我买了一瓶消灭蜂窝的干粉, 看起来像过期的白面. 一个宁静的晚上我悄悄接近蜂窝, 居然有些马蜂还在窝口处乘凉, 我把大量干粉喷洒在蜂窝口就迅速原路撤回, 因为一些马蜂已经起飞准备战斗了. 第二天早上我再去查看时, 那群马蜂已经玩完了 🙂
-
Kubernetes External Service with HTTPS
This is a quick example to assign an SSL certificate to a Kubernetes external service(which is an ELB in AWS). Tested with kops 1.8 and kubernetes 1.8. — apiVersion: v1 kind: Service metadata: name: my-https-service namespace: my-project labels: app: my-website-ssl annotations: service.beta.kubernetes.io/aws-load-balancer-ssl-cert: “arn:aws:acm:ap-southeast-2:xxx:certificate/xxx…” service.beta.kubernetes.io/aws-load-balancer-backend-protocol: “http” service.beta.kubernetes.io/aws-load-balancer-ssl-ports: “https” service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: ‘3600’ spec: type: LoadBalancer selector: app: my-website…