raynix 筆記

raynix 筆記

  • Home
  • WordPress Hosting
  • Side Quests
Illustration of a bird flying.
  • Automate SSL/TLS Certificates for Kubernetes and Istio with Cert Manager

    It’s been a lot easier nowadays to turn on full site SSL/TLS encryption with an ACME issuer such as the popular non-profit Let’s Encrypt which I’ve started using it a few months ago. However the free certificates from Let’s Encrypt are only valid for 90 days and I have been notified to renew them already.…

    July 21, 2021
    Internet Security, Opensource, Systems Admin
    Cert, Crypto, kubernetes
  • Grant a Service Account an IAM Role in AWS/GCP

    How to grant a pod running in a Kubernetes cluster necessary permissions to access cloud resources such as S3 buckets? The most straight forward approach is to save some API key in the pod and use it to authenticate against cloud APIs. If the cluster is running inside the cloud, an IAM role can then…

    June 10, 2021
    Systems Admin
    AWS, GCP, IAM, kubernetes
  • I Farmed Some Chia(XCH)

    Chia is a relatively new crypto currency which can be ‘mined’ with hard disks. It’s advertised as a green crypto because hard disks consumes way less energy comparing to mining rigs with high end graphic cards. I installed Chia on my Ubuntu Linux desktop computer because it has some vacant SATA ports that I can…

    June 2, 2021
    Crypto
    Chia, Crypto
  • TLS Full Site Encryption with Istio and Let’s Encrypt

    These are steps to easily install TLS certs to a Kubernetes cluster with Istio service mesh as ingress controller, provided by Let’s Encrypt‘s awesome certbot. Installation of the certbot (on Ubuntu Linux 20.04LTS) The certbot can be install via snap on Ubuntu Linux By default certbot needs to write to system directories which I thought…

    May 14, 2021
    Internet Security, Opensource, Systems Admin
    istio, kubernetes, TLS
  • A Kubernetes ClusterSecret

    No, at this moment ClusterSecret, unlike ClusterRole, doesn’t officially exist in any version of Kubernetes yet. I’ve seen some discussion like this, so looks like it will be a while to have a ClusterSecret. But why do I need a ClusterSecret in the first place? The reason is very simple: To be DRY. Imagine I…

    April 14, 2021
    Free software, Opensource, Systems Admin
    kubernetes, secret, Security
  • Real Life Cost of a Tesla Model 3

    It’s been a bit more than 2 weeks since I got my Model 3 as a result of my impulse-buying, so as an end user I think I’m qualified to do some cost analysis and projection based on the first 1000km I’ve done with the car. Disclaimer: The following analysis is based on my calculation…

    March 20, 2021
    Emerald Dreams, Energy Efficiency
    Tesla
  • Hello World, Grafana Tanka

    I liked YAML a lot, until it gets longer and longer, and even longer. There are tools to make YAML ‘DRY’, the popular ones are Helm and Kustomize. But none of them can say it got the job done. To be honest, I didn’t like Helm much from the start. Helm uses templating syntax similar…

    March 13, 2021
    Free software, Systems Admin
    jsonnet, kubernetes, tanka, yaml
  • Never Buy a Tesla

    I just got my Tesla Model 3 delivered last week and I’ve added a few hundreds of KMs to its odometer. Frankly it’s largely a disappointment and I’ll state my reasons here. First, it doesn’t have a ‘start engine’ or ‘ignition’ button at all! More to that, it doesn’t have an engine either, only electric…

    March 6, 2021
    Emerald Dreams, Energy Efficiency
    Tesla
←Previous Page
1 … 14 15 16 17 18 … 110
Next Page→
  • Eric Lin’s Blog
  • Eddie Wang’s Blog at WP
  • GoalKeeper’s Blog

raynix 筆記

Just another WordPress blog

  • Facebook
  • Twitter
  • Instagram

Proudly powered by WordPress