-
3 Years Later, How Is My PowerWall 2 Keeping Up?
TL; DR: I’ve installed my PowerWall 2 3 years ago. It wasn’t cheap but the quality is great too. There’s 0 issue so far and it helped a lot to “keep my lights on”. And if calculated using recent electricity rate, it has saved me $3,115 so it’s still a long way 🙂 Uptime: 100%…
-
How to Mount an Existing Google Persistent Disk to a Pod in GKE
TL; DR: Below are steps to mount an existing Google Persistent Disk to a pod in a GKE cluster in the same region. Most of the time I’d prefer to run stateless pods in Kubernetes clusters – they come, they go, as if nothing happened. When there are things to be persisted, a Persistent Volume…
-
How to Run Tableau Server in GKE(Google Kubernetes Engine)
TL; DR: here are my notes to host a fully working Tableau Server in a GKE cluster. It’s not fully Kubernetes native but still I think it’s better than running as a VM. This is correct as of Dec 2023. The Docker Container Image There doesn’t seem to have an official docker image for Tableau…
-
Github Hosted Runners and Their Access to GCP VPC
TL; DR: Given plenty of free time of Github hosted runners, I’m tempted to use it instead of running self-hosted ones in my GCP environment. Here are some options to grant network access to my GCP VPC. Prerequisites: Google Workload Identity Federation for Github Runners Option #1, grab the public IP of the runner on-the-fly…
-
How to Setup Google Workload Identity Federation for Github Actions Runners
When using GHA(Github Actions) for CI/CD purposes, the Github-hosted runners are free unless you use it quite a lot. But if I want to use GHA to build a docker container image and save it to my private repository in Google Artifact Registry, I have to grant the permission to some VMs I don’t even…
-
Solved: Atlantis Couldn’t Track Google Service Account Keys in State File
Atlantis is a great tool to do Terraform infrastructure-as-code and gitops together. I got it setup and running alright but when I let it to manage some service account keys(I know, not the best option, but in my situation I had to use it), it kept trying to re-create even if the key exists. Turns…
-
Solved: Error 403: The caller does not have permission
Recently I got a very confusing error when setting up a PubSub subscription to write to a Big Query table via terraform. Here’s the partial terraform code snippet: And the input variable subscriptions looks like: It doesn’t show any error when doing terraform plan however it gives 403 error when applying. After some googling I…
-
How to Avoid Rebuild Resources with Terraform/Terragrunt
I use Terraform and Terragrunt a lot at work to keep track of infrastructure changes. Sometimes I refactored code in modules so there’s no change to infrastructure but since the module changed terraform will insist to rebuild affected resources. It’s not quite comfortable to destroy some resources and then just create exactly the same ones.…