-
Better Resilience for Kubernetes Pods
I happened to notice that all 3 pods serving this blog in my Kubernetes cluster were allocated to a same node. I thought Kubernetes will try its best to shuffle pods of a deployment into different nodes by default but guess I expected too much. Note the knode3 below Have you spotted the problem? In…
-
How to Regulate Egress Access in Kubernetes with Istio
Usually I don’t mind to give pods unlimited egress access, ie. the pods I deployed can access the whole internet if it needs to. However when the pods take input from users it’s a whole different story. For example, running some sandbox applications such as an online Python learning environment, the workload can be abused…
-
Flyway Container, MySQL and SSL/mTLS
Flyway is a handy utility to manage database schema migrations. Very similar to the schema migration mechanism in Ruby on Rails or Django, but Flyway is a standalone tool. So it’s best suited for some project which doesn’t have database schema management yet. I needed to use Flyway for a project I worked with, the…
-
Passing Environment Variables to Terraform with RegExp
In a Terraform template, an input variable can be used to set some configuration point for a resource, such as In some scenario the input variable can get its value from an environment variable in the shell where terraform runs. It looks like This is handy where there is just a few variables. If there…
-
Share Environment Variables in GNU Make
I think writing up a cheat sheet for GNU Make and environment variables before Christmas is a good idea, right? In GNU Make, by default a single line runs in its own shell. ie. We can use backslash to fake multi-line like this: With .ONESHELL directive multiple lines in one target run in a same…
-
Deploy the Loki Stack in a Kubernetes Cluster with ArgoCD
Loki and Promtail from Grafana Labs are new kids in the observability community. Are they good enough to replace Elasticsearch and Logstash? I would like to see. Here’s a sample ArgoCD Application to deploy Loki, Promtail, Prometheus and Grafana all from 1 Helm chart: grafana/loki-stack. Some settings of my installations are: loki, grafana and prometheus…
-
Running Minecraft Server in Kubernetes Cluster
A month ago I had an idea to run a Minecraft server in my garage Kubernetes lab. I though it might interest my little Minecraft player at home with some Kubernetes and GitOps stuff but that failed miserably. But at least I knew how to host a Minecraft server in Kubernetes, with ArgoCD too. First…
-
ArgoCD, Jsonnet and Tanka
Ever since I’ve installed ArgoCD in my garage Kubernetes lab, I wanted to make Tanka work with ArgoCD, so that I can do GitOps with Jsonnet, in addition to YAML, kustomize and helm charts. I was hugely inspired by(read: copied and pasted from) this blog post. Here are the steps I made Tanka worked as…