-
Share Environment Variables in GNU Make
I think writing up a cheat sheet for GNU Make and environment variables before Christmas is a good idea, right? In GNU Make, by default a single line runs in its own shell. ie. We can use backslash to fake multi-line like this: With .ONESHELL directive multiple lines in one target run in a same…
-
Deploy the Loki Stack in a Kubernetes Cluster with ArgoCD
Loki and Promtail from Grafana Labs are new kids in the observability community. Are they good enough to replace Elasticsearch and Logstash? I would like to see. Here’s a sample ArgoCD Application to deploy Loki, Promtail, Prometheus and Grafana all from 1 Helm chart: grafana/loki-stack. Some settings of my installations are: loki, grafana and prometheus…
-
Running Minecraft Server in Kubernetes Cluster
A month ago I had an idea to run a Minecraft server in my garage Kubernetes lab. I though it might interest my little Minecraft player at home with some Kubernetes and GitOps stuff but that failed miserably. But at least I knew how to host a Minecraft server in Kubernetes, with ArgoCD too. First…
-
ArgoCD, Jsonnet and Tanka
Ever since I’ve installed ArgoCD in my garage Kubernetes lab, I wanted to make Tanka work with ArgoCD, so that I can do GitOps with Jsonnet, in addition to YAML, kustomize and helm charts. I was hugely inspired by(read: copied and pasted from) this blog post. Here are the steps I made Tanka worked as…
-
Kubernetes Jobs and Istio
Note: the Job in the title refers to the Job resource in a Kubernetes cluster. At the time the Istio sidecar doesn’t play well with a Job or a Cronjob, because the istio-proxy might not be ready when the Job starts (which causes connection issues for the job) and won’t exit after the job finishes…
-
Use Variables with Kustomize, Part 2
I was looking at the Kustomize variable trick I did a year ago and I think I’ve learned some new tricks worth noting down. Variables are very handy most of the times, here’s a pattern to define a variable to be used in Kustomize templates and set its value via annotations. There you have it:…
-
Automate SSL/TLS Certificates for Kubernetes and Istio with Cert Manager
It’s been a lot easier nowadays to turn on full site SSL/TLS encryption with an ACME issuer such as the popular non-profit Let’s Encrypt which I’ve started using it a few months ago. However the free certificates from Let’s Encrypt are only valid for 90 days and I have been notified to renew them already.…
-
TLS Full Site Encryption with Istio and Let’s Encrypt
These are steps to easily install TLS certs to a Kubernetes cluster with Istio service mesh as ingress controller, provided by Let’s Encrypt‘s awesome certbot. Installation of the certbot (on Ubuntu Linux 20.04LTS) The certbot can be install via snap on Ubuntu Linux By default certbot needs to write to system directories which I thought…