-
The Upgrade of Kubernetes Ingress Nginx
The ingress-nginx container image I’ve been using was v0.25, and that’s more than 1 year old. The recent release is v0.44 but it’s a big leap from 25 to 44 and I’ve found some major differences between the 2 versions. Version 0.25 implemented API version of networking.k8s.io/v1beta1 while version 0.44 has networking.k8s.io/v1. Here are samples…
-
Kubernetes: How to Use Affinity
Affinity is a great feature in Kubernetes to assign pods to nodes based on labels. In my case, I have a hybrid Kubernetes cluster with half nodes are of X86 architecture and other half of ARM architecture, and I need to deploy the X86 only containers to the X86 nodes. Of course I can build…
-
Kubernetes and GitOps with Flux CD V2.0
GitOps could be the next big thing in cloud automation so I’d give it a try with my in house hybrid Kubernetes cluster. I was recommended to try Flux CD and there’s a good reference project initiated by my colleage: k8s-gitops. However, in order to fully understand how to use Flux CD, I chose to…
-
Renew Certificates Used in Kubeadm Kubernetes Cluster
It’s been more than a year since I built my Kubernetes cluster with some Raspberry PIs. There was a few times that I need to power down everything to let electricians do their work and the cluster came back online and seemed to be Ok afterwards, given that I didn’t shutdown the PIs properly at…
-
Use Variables in Kustomize
Variables in Kustomize are handy helpers from time to time, with these variables I can link some settings together which should share the same value all the time. Without variable I probably need to use some template engine like Jinja2 to do the same trick. Some examples here. In my case, there’s a bug in…
-
Using Sealed Secrets in a Raspberry Pi Kubernetes Cluster
Sealed Secrets is a bitnami Kubernetes operator aimed to one-way encrypt secrets into sealed secrets so that they can be safely checked-in into GitHub or other VCS. It’s rather easy to install and use Sealed Secrets in a Kubernetes cluster on AMD64 architecture, but not so on my Raspberry Pi cluster. First, the container image…
-
Customize the Kustomize for Kubernetes CRDs
I’ve introduced Kustomize in this earlier post, now I feel even happier because Kustomize can be even more customized for some CRDs(Custom Resource Definition). For instance, Kustomize doesn’t know how to handle Istio’s VirtualService object, but with some simple YAML style configurations it ‘learns’ to handle that easily. So in name-reference.yaml, kustomize will learn the…