-
Kops: Add Policies for Migrated Apps
When migrating some old applications to a Kubernetes(k8s) cluster provisioned by kops, a lot of things might break and one of them is the missing policy for the node. By default, nodes of a k8s cluster have the following permissions: ec2:Describe* ecr:GetAuthorizationToken ecr:BatchCheckLayerAvailability ecr:GetDownloadUrlForLayer ecr:GetRepositoryPolicy ecr:DescribeRepositories ecr:ListImages ecr:BatchGetImage route53:ListHostedZones route53:GetChange // The following permissions are […]
-
Notes: BuildKite and Kubernetes Rolling Update
This is kind of a textbook case that container is much more efficient than VM. The CI pipeline in comparison uses AWS CloudFormation to build new VMs and drain old VMs to do a rolling update, which takes around 10 minutes for everything even if it’s just 1 line of code changed. I did a […]
-
Kubernetes Tips: ConfigMap
This is how to update a config map with 1 line: kubectl create configmap foo –from-file foo.properties -o yaml –dry-run | kubectl replace -f – I found it here: https://stackoverflow.com/questions/38216278/update-k8s-configmap-or-secret-without-deleting-the-existing-one And this is how to mount a config map created from a file as file(not super intuitive but a config map can only be mounted as […]
-
Play a bit Kubernetes with Minikube
I’ve just played a bit Kubernetes on my Arch Linux laptop, with Minikube. It’s easier than I thought. Since I’ve already installed VirtualBox from the start, I can use minikube right after I installed it with curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/ The command I used to start […]