• Kubernetes: How to configure Deployment to evenly spread Pods across availability zones

    5 min read

    If you run Kubernetes workloads on AWS you want to make sure Pods are spread across all the available availability zones. To do so we can use podAntiAffinity to tell Kubernetes to avoid deploying all the Pods of the same deployment on the same AZ

    28/03/2022

    Read more...

  • ArgoCD redirect loop when using a Ingress objects with HTTPS offloading

    3 min read

    argocd kubernetes ci/cd AWS ALB Ingress

    When enabling an Ingress for ArgoCD we might end up with a redirect loop: ArgoCD keeps redirecting to the main page using https, even tough it is already using https:

    $ curl -I https://argocd.pet2cattle.com/

HTTP/2 307 
date: Wed, 23 Mar 2022 22:38:31 GMT
content-type: text/html; charset=utf-8
location: https://argocd.pet2cattle.com/

    This issue happens because, by default, ArgoCD expects to handle the TLS termination by itself, always redirecting HTTP requests to HTTPS. If we try to offload the TLS termination to the ingress controller, from ArgoCD's perspective the connection is HTTP, so it keeps redirecting to HTTPS

    24/03/2022

    Read more...

  • Crossplane: Share data between resources within the same Composite

    6 min read

    crossplane kubernetes composite status

    Following up on the previous crossplane example on Composition: creating a SecurityGroup and a SecurityGroupRule using a Composition we are now going to push information from one of the objects into the Composition and then push it back to the other resource:

    The composistion is going to create a SecurityGroup and push it's ID up to the Composite's status. Once the ID is on the Composition, this will push this ID into the SecurityGroupRule to set the SecurityGroup's ID to which we want to create the rule

    22/03/2022

    Read more...

  • Run multiple multiple clusters with minikube

    3 min read

    minikube multiple clusters profile

    Whenever we need to test something on a Kubernetes clusters one of the easier (and cheaper) option is test it out using minikube. However, how do we test a feature that require multiple clusters?

    21/03/2022

    Read more...

  • List all the images a minikube is using

    2 min read

    minikube images

    Running applications on minikube is a great test bed, but it can get messy pretty easily. That's specially true if there are several people messing with it.

    It might be useful to retrieve all the images we are using to run the services. For this we can either describe all the Pods on all the Namespaces or check that the minikube image ls command

    17/03/2022

    Read more...

More recent...

Older content...

Kubernetes:
container orchestration
kubernetes
Categories
tags related to this category
Linkerd Argo Rollouts Rollouts Capsule Pod MutatingAdmissionPolicy MutatingAdmissionPolicyBinding kind kubectl plugin custom command Argo Workflows CronWorkflow StatefulSet Workflow Kaniko WorkflowTemplate install kubernetes security Pod Security Standards port-forward socat operator-sdk golang Pushgateway RBAC Rule troubleshooting APIRequestCount affinity topologySpreadConstraints Route ExternalSecret Secret jsonpath ServiceAccount Ingress k3s letsencrypt tcpdump ssh CRD additionalPrinterColumns Velero query PV Operator Role ClusterRole web-console operator oc-mirror Secrets Manager tekton context Policy enforcement Rules Project ConfigMap Environment ROSA IngressRoute redirect RDS psql API server S3 patch file apply selector minikube arm64 colima EKS-connector SecurityContextConstraint SecretStore scripting CRC credentials Deployment valueFrom setup helm StorageClass tagging EBS externalDNS ALB HPA convert API version example shipwright ECR imagePullSecrets ENI subnet krew blame cloud provider etcd availability zones CoreDNS backend state podAntiAffinity Composite images GKE activeDeadlineSeconds Job lifetime bestby IRSA label annotation PersistentVolume Volume fsGroup vpa cluster autoscaler Karpenter provider kubernetes_manifest fsGroupChangePolicy container escape spot instances termination handler persistentVolumeReclaimPolicy fieldPath upgrade privileged network NetworkPolicy bash ps longhorn ASCP QoD raspberry pi drain evict uncordon kubeconfig config view logs admission controller hook postStart preStop deprecations gp3 get-all taints securityGroup probe readinessProbe livenessProbe tolerations explain MutatingWebhook startupProbe RollingUpdate Recreate PDB emptyDir netstat ss autoscale Kubeconfig initContainers DNS tree DaemonSet stern tail LimitRange resource limits restartPolicy system-upgrade-controller rolling update history undo Volumes awsElasticBlockStore change-cause set image imperative hostAliases imagePullPolicy metrics-server Service overlay agent nodes declarative ELB HTTPS alpine package nodeSelector scheduler kubie api-versions events multiple containers SecretKeyRef ReplicaSet NodePort Pod restart rollout deployment nginx-contoller ValidatingWebhookConfiguration error recovery httpHeaders uid securityContext exec interactive LoadBalancer IAM scale replicas nodeName externalName namespace Cronjob multinode template yaml unused-volumes diff