-
How to Upgrade a Kubernetes Cluster with `kubeadm` in 2024
TL; DR: I upgraded my Garage Kubernetes Lab cluster from 1.28 to 1.29 recently. Here’s how I did it. Upgrading the Control Plane First, the Linux package repository needs to be updated to include kubeadm 1.29. This can be done like this(My cluster is built with Ubuntu 22.04, for other Linux distributions please refer to…
-
How to Upgrade Istio the Git-Ops Way
Istio 1.17 has been running really well in my Garage Kubernetes lab, but I thought it’s time to give it an upgrade. It was installed and configured using istioctl utility last time when I bootstrapped the cluster. Since I’ve automated a lot of Kubernetes resources using ArgoCD I would like to upgrade Istio the git-ops…
-
A Simple and Interactive Decoder for Kubernetes Secrets
TL; DR: Here’s a simple shell function which can decode Kubernetes secrets interactively and should work in any Bash and compatible environments. Requirements: Here’s the code. This can be chained together with other commands too, eg. on a Mac, I can do Then the decoded content of selected secret key will be put into clipboard.…
-
A GKE Issue: Metadata Service Is Unreachable In Nodes
Recently I encountered some errors in a GKE cluster where a lot of pods were stuck at crash loop backoff state, which means the pods couldn’t recover on their own. When taking a closer look, I saw errors like: It’s a DNS issue then. However when I created a pod and ran some DNS tests…
-
How to Enable Compression in Istio Ingress Gateway
TL; DR: here’s a code snippet to turn on gzip compression for Istio’s ingress gateway, using Envoy filter. Tested with Istio 1.16 and Kubernetes 1.26. To test it with curl: 🙂
-
How to Mount an Existing Google Persistent Disk to a Pod in GKE
TL; DR: Below are steps to mount an existing Google Persistent Disk to a pod in a GKE cluster in the same region. Most of the time I’d prefer to run stateless pods in Kubernetes clusters – they come, they go, as if nothing happened. When there are things to be persisted, a Persistent Volume…
-
Solved: Uninstallation of config-connector Got Stuck in ArgoCD
The Kubernetes Config Connector is another level of IaC(Infrastructure as Code): It wraps Google Cloud resources like a Cloud Load Balancer with Kubernetes CRDs(Custom Resource Definition) so instead of writing Terraform HCL I can write YAML to manage GCP infrastructure. However when there’s a need to uninstall a config-connector, it got stuck in ArgoCD As…
-
Django DB Migration Job with ArgoCD
A Job in Kubernetes is a one-off and immutable task to be carried out during deployment. But what if a job needs to run for each deployment? A new job with the same name can’t be deployed on top of the existing one, given it in completed or failed state. Since Kubernetes 1.23, A TTL(Time…