Author: admin

  • ArgoCD, Jsonnet and Tanka in 2024

    A few years ago, I got to know Jsonnet and I loved it at first sight. I used a nice little tool called tanka to manage my Jsonnet manifests and I got them working together with ArgoCD, and finally I re-deployed my blog using this combo. Everything worked like a charm, until… Recently I upgraded…

  • How to Enable Compression in Istio Ingress Gateway

    TL; DR: here’s a code snippet to turn on gzip compression for Istio’s ingress gateway, using Envoy filter. Tested with Istio 1.16 and Kubernetes 1.26. To test it with curl: 🙂

  • 3 Years Later, How Is My PowerWall 2 Keeping Up?

    TL; DR: I’ve installed my PowerWall 2 3 years ago. It wasn’t cheap but the quality is great too. There’s 0 issue so far and it helped a lot to “keep my lights on”. And if calculated using recent electricity rate, it has saved me $3,115 so it’s still a long way 🙂 Uptime: 100%…

  • How to Mount an Existing Google Persistent Disk to a Pod in GKE

    TL; DR: Below are steps to mount an existing Google Persistent Disk to a pod in a GKE cluster in the same region. Most of the time I’d prefer to run stateless pods in Kubernetes clusters – they come, they go, as if nothing happened. When there are things to be persisted, a Persistent Volume…

  • How to Run Tableau Server in GKE(Google Kubernetes Engine)

    TL; DR: here are my notes to host a fully working Tableau Server in a GKE cluster. It’s not fully Kubernetes native but still I think it’s better than running as a VM. This is correct as of Dec 2023. The Docker Container Image There doesn’t seem to have an official docker image for Tableau…

  • Github Hosted Runners and Their Access to GCP VPC

    TL; DR: Given plenty of free time of Github hosted runners, I’m tempted to use it instead of running self-hosted ones in my GCP environment. Here are some options to grant network access to my GCP VPC. Prerequisites: Google Workload Identity Federation for Github Runners Option #1, grab the public IP of the runner on-the-fly…

  • How to Setup Google Workload Identity Federation for Github Actions Runners

    When using GHA(Github Actions) for CI/CD purposes, the Github-hosted runners are free unless you use it quite a lot. But if I want to use GHA to build a docker container image and save it to my private repository in Google Artifact Registry, I have to grant the permission to some VMs I don’t even…

  • Solved: Atlantis Couldn’t Track Google Service Account Keys in State File

    Atlantis is a great tool to do Terraform infrastructure-as-code and gitops together. I got it setup and running alright but when I let it to manage some service account keys(I know, not the best option, but in my situation I had to use it), it kept trying to re-create even if the key exists. Turns…