Category: Systems Admin

  • Kubernetes at Home on Raspberry Pi 4, Part 2

    Continue from part 1 It’s recommended to change all Pi’s password also run ssh-copy-id [email protected] to enable SSH public key login. There are lots of steps to prepare before kubeadm is installed, so I made this ansible repository to simplify this repeating process. Please see here. The ansible role will do the following tasks: set…

  • Kubernetes at Home on Raspberry Pi 4, Part 1

    I mostly followed/was inspired by this tutorial but with some tweak/fix to recent(Sep 2019) software versions. Also this is a pure Linux walk-through as I don’t use a Mac. I planned to build a home Kubernetes(k8s) cluster and migrate home servers including the one this blog is running on to the k8s cluster, for a…

  • Use FZF to Speed Up KUBECTL

    FZF is general purpose option selector for Linux command line. By default fzf is an super-upgrade for the ctrl-r command history finder, but it is helpful for almost any scenario where you need to pick 1 item from a list. Here’s a tiny use case where I use fzf to select a kubernetes namespace and…

  • AWS Lambda with Single CloudFormation Template

    This is just a quick snippet of CloudFormation template to deploy a Python 3.7 Lambda function embedded in the template. The source code inside ZipFile can contain up to 4KB. # CloudFormation templateAWSTemplateFormatVersion: 2010-09-09Resources: LambdaCode: Type: AWS::Lambda::Function DependsOn: – LambdaRole – LambdaPolicy Properties: Code: ZipFile: | import boto3 def handler(event, context): … Role: !GetAtt LambdaRole.Arn…

  • Golang and Docker Multi-Stage Build

    I have noticed a common pattern amonst some new utilities such as kubectl, kops and terraform: There’s only 1 single executable file to install, and by ‘install’ it can be put anywhere as long as it’s in $PATH. This was before I learned some Golang but it’s easy to find out that the reason behind…

  • Home VPN with OpenVPN

    Here are step to run a simple OpenVPN service at home, so that I can access home network easily while not at home. First, clone the git repo for OpenVPN docker container: git clone https://github.com/kylemanna/docker-openvpn.git I can use the pre-built docker image from docker hub but it has just been breached so I’d rather build…

  • Ansible, CloudFormation and Jinja2

    CloudFormation is the corner stone to provision infrastructure in AWS with code, however it’s not very DRY, ie. poor modularization, almost static variables and templates. So here comes Ansible. However at the moment Ansible’s CloudFormation module doesn’t support Jinja2 in templates, like other modules do. Luckily there’s a work-around to get the Ansible-CloudFormation-Jinja2 trio working…

  • Working with a Big Corporation

    So it’s been a while since I started this job in a big corporation. I always enjoy new challenges, now my wish got granted. Not in a very good way. The things work in a quite different manner here. There are big silos and layers between teams and departments, so the challenges here are not…