Category: Systems Admin

  • Build Multi-arch Docker Images on Ubuntu Linux

    Since I’ve made my Raspberry PI Kubernetes cluster hybrid, now I have good reasons to build multi-arch(which means multi CPU architecture) Docker images so I don’t care if my pod is deployed to a Raspberry PI node or a X86 node. I followed a lot of instructions from this guide and finally made it work […]

  • Hybrid Kubernetes Cluster (X86 + ARM)

    The one in the picture was my old laptop, then my daughter’s for a few years. Now she got a nice new 2-in-1 ultra book the school asked us parents to buy, this clunky one was gathering dust on shelves. I tried to sell it but got no one’s attention despite it has got i7 […]

  • Renew Certificates Used in Kubeadm Kubernetes Cluster

    It’s been more than a year since I built my Kubernetes cluster with some Raspberry PIs. There was a few times that I need to power down everything to let electricians do their work and the cluster came back online and seemed to be Ok afterwards, given that I didn’t shutdown the PIs properly at […]

  • Use Variables in Kustomize

    Variables in Kustomize are handy helpers from time to time, with these variables I can link some settings together which should share the same value all the time. Without variable I probably need to use some template engine like Jinja2 to do the same trick. Some examples here. In my case, there’s a bug in […]

  • 5G + Public IP with OpenVPN

    I’ve done a proof of concept with SSH tunneling to add a public IP to my 5G home broadband connection, it works for my garage-hosted blogs but it’s not a complete solution. Since I still have free credit in my personal Google Cloud account, I decided to make an improvement with OpenVPN. The diagram looks […]

  • 5G is Fast but There’s No Public IP

    I’m super happy that I can finally have a broadband that does have a broad bandwidth. However like all other cellular services the 5G gateway has a private IP as its external IP, ie. everything I got is behind huge NAT servers of Optus and they will not open any port just for me. The […]

  • Using Sealed Secrets in a Raspberry Pi Kubernetes Cluster

    Sealed Secrets is a bitnami Kubernetes operator aimed to one-way encrypt secrets into sealed secrets so that they can be safely checked-in into GitHub or other VCS. It’s rather easy to install and use Sealed Secrets in a Kubernetes cluster on AMD64 architecture, but not so on my Raspberry Pi cluster. First, the container image […]

  • Customize the Kustomize for Kubernetes CRDs

    I’ve introduced Kustomize in this earlier post, now I feel even happier because Kustomize can be even more customized for some CRDs(Custom Resource Definition). For instance, Kustomize doesn’t know how to handle Istio’s VirtualService object, but with some simple YAML style configurations it ‘learns’ to handle that easily. So in name-reference.yaml, kustomize will learn the […]