• terraform: Apply changes to a specific resource

    2 min read

    terraform target resource

    When updating resources using terraform we might notice that infraestructure might have drifted for multiple reason: from developers creating or updating infrastructure through the web console without telling anyone, to uncontrolled updates on the cloud provider side.

    If we really need to apply a change but there are other changes that need reviewing, we can tell terraform to update just a specific resource.

    12/02/2021

    Read more...

  • IRSA: IAM role to ServiceAccount

    1 min read

    For EKS cluster there was kube2iam for providing IAM credentials to containers running inside a kubernetes cluster that required a DaemonSet to be deployed. With IRSA (IAM Role to ServiceAccount) we can link IAM roles to ServiceAccounts

    11/02/2021

    Read more...

  • Get attributes of a conditionally included resource

    2 min read

    terraform attributes conditionally included resource HCL get value

    To be able to conditionally include a given resource we can use the count argument but if we do so it is not as straightforward to use it's outputs (attributes) because now on this resource we have an array of outputs even thought we are confident that it will just have one if enabled. Let's take a deeper look on how to deal with this using the following conditional resource as an example:

    resource "aws_route53_record" "ampa_public_r53_cname_record" {
  count   = try(length(var.public_alias_name)>0, false)?1:0
  zone_id = data.aws_route53_zone.public_r53_zone.zone_id
  name    = var.public_alias_name
  type    = "CNAME"

  records = [ aws_route53_record.ampa_web_public_r53_record.fqdn ]
  ttl     = "3600"
}

    10/02/2021

    Read more...

  • kubectl scale: Scaling deployments

    1 min read

    scale deployment kubectl replicas

    To be able to scale kubernetes deployments we can edit the yaml file to increase the number of replicas we want but we can also use kubectl scale. Let's try to scale out the following deployment:

    $ kubectl get deploy demo
NAME   READY   UP-TO-DATE   AVAILABLE   AGE
demo   2/2     2            2           11d

    09/02/2021

    Read more...

  • IAM policies: What's the Version 2012-10-17?

    1 min read

    AWS IAM 2012-10-17

    While creating IAM policies you might have wondered: what's 2012-10-17? Is it something we need to update?

    08/02/2021

    Read more...

  • minikube: Get the URL to use for a given NodePort

    2 min read

    minikube NodePort URL service

    To avoid having to create an Ingress it is quite handy to use NodePort for testing purposes. But how do we get the URL we can use to connect to a NodePort on a minikube cluster? minikube uses it's own networking layer so it is not as obvious a looking for listening ports using netstat

    05/02/2021

    Read more...

  • kubernetes: Assigning a pod to a node

    2 min read

    kubernetes pod nodeName scheduler

    In a kubernetes cluster not all nodes must be identical, for example, some might have access to a disk that others don't, or belong to a different network segment that do have a public IP thus we might want to assign pods to specific nodes

    04/02/2021

    Read more...

  • Run an interactive shell in a kubernetes cluster

    2 min read

    pod interactive kubernetes

    For troubleshooting purposes, it's quite useful to run an interactive shell on the kubernetes cluster. We can always run a shell con an existing container but it might not have the tools we need.

    03/02/2021

    Read more...

  • Troubleshooting on kubernetes using netshoot

    2 min read

    pod troubleshooting netshoot kubernetes nicolaka/netshoot

    One of most common issues we might have while troubleshooting an issue on a kubernetes cluster is to actually not having the right tool for the job. Containers usually have the bare minimum set of tools (actually, this is how it's supposed to be) and libraries required to do it's job: So they are not designed for troubleshooting

    02/02/2021

    Read more...

  • Manage multiple Terraform versions with tfenv

    3 min read

    terraform tfenv multiple versions switch version

    As terraform evolves has been major changes that forces you to update your terraform code to use it with the latest version. If you have a large codebase it can be very challenging to keep up with the versions since it can be very time consuming. So, instead of this you can specify on your side the required terraform version like so:

    terraform {
  required_version = "=0.11.14"
}

    If you try to plan/apply this code you would get an error message like this:

    Error: Unsupported Terraform Core version

  on main.tf line 3, in terraform:
   3:   required_version = "0.11.14"

This configuration does not support Terraform version 0.13.5. To proceed,
either choose another supported Terraform version or update this version
constraint. Version constraints are normally set for good reason, so updating
the constraint may lead to other errors or unexpected behavior.

    To make it easier to switch between terraform versions we can use tfenv

    01/02/2021

    Read more...

More recent...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets