-
Remove resources from the terraform state without deleting them
3 min read
Terraform keeps a list of managed objects on it's state, if for some reason we no longer want terraform to manage them we can remove them from the code base. Doing so we will see how terraform will try to delete them:
$ terraform plan (...) Plan: 0 to add, 0 to change, 10 to destroy. (...)30/04/2021
Read more... -
kubectl uncordon: mark node as schedulable
1 min read
Using kubectl drain you can evict pods and disabled scheduling for a node so you can proceed with some maintenance. Once this maintenance is over we will need to allow pods to be scheduled to this node, removing the SchedulingDisabled:
$ kubectl get nodes NAME STATUS ROLES AGE VERSION nauvoo.pet2cattle.com Ready control-plane,master 19d v1.20.4+k3s1 tycho.pet2cattle.com Ready,SchedulingDisabled <none> 9m25s v1.20.4+k3s129/04/2021
Read more... -
AWS CLI manage files on an S3 bucket
2 min read
Using the AWS CLI we can perform most operations for files sitting on a S3 bucket such as: list, copy, rename, cat, etc...
28/04/2021
Read more... -
kubernetes: Adding initContainers to a pod
2 min read
When setting up a pod we might need to populate some shared storage or generate some configuration files to be used for the actual containers that are going to run on that pod. It might not make sense that some tools just required for the setting up the environment to be available on the final container. Futhermore, we might need to run some scripts with higher privileges than we really need for running the pod. The initContainers come handy for covering this use-cases.
27/04/2021
Read more... -
git: Apply commit to another branch
2 min read
When we have a change (commit) that we want to apply to several branches we can use git cherry-pick.
26/04/2021
Read more... -
Rename resources from the terraform state
3 min read
When handling Infrastructure as Code (IaC) with terraform, refactoring the code might cause terraform to try to delete the existing resources an recreate them using a different name:
# module.jenkins.module.worker.module.kms-parameter-store.aws_iam_policy.kms_read_policy will be destroyed # module.jenkins.module.worker.module.kms-parameter-store.aws_iam_policy.ssm_read_policy will be destroyed # module.jenkins.module.worker.module.kms-parameter-store.aws_iam_role_policy_attachment.kms_read_policy_attachment will be destroyed # module.jenkins.module.worker.module.kms-parameter-store.aws_iam_role_policy_attachment.ssm_role_policy_attachment will be destroyed # module.jenkins.module.worker.module.kms-parameter-store.aws_kms_alias.kms_key_alias will be destroyed # module.jenkins.module.worker.module.kms-parameter-store.aws_kms_key.kms_key will be destroyed # module.jenkins.module.worker[0].module.kms-parameter-store.aws_iam_policy.kms_read_policy will be created # module.jenkins.module.worker[0].module.kms-parameter-store.aws_iam_policy.ssm_read_policy will be created # module.jenkins.module.worker[0].module.kms-parameter-store.aws_iam_role_policy_attachment.kms_read_policy_attachment will be created # module.jenkins.module.worker[0].module.kms-parameter-store.aws_iam_role_policy_attachment.ssm_role_policy_attachment will be created # module.jenkins.module.worker[0].module.kms-parameter-store.aws_kms_alias.kms_key_alias will be created # module.jenkins.module.worker[0].module.kms-parameter-store.aws_kms_key.kms_key will be createdWhile in some cases it's just fine to destroy the resources and recreate them back, in other cases it can cause a undesired service interruption just for deleting all the resources and recreate them back exactly with the same settings using slightly different name on the terraform state.
We can avoid it by renaming the resources in the terraform state to the name terraform is expecting
23/04/2021
Read more... -
Create a helm chart template
2 min read
To get started creating a helm chart on our own there are some common structure that we can reuse from chart to chart: We can let helm create the basic structure for us
22/04/2021
Read more... -
How to release a helm chart on our own repo
2 min read
To be able to create a release of a helm chart we will need to first, create the package and then generate / update the index.yaml for being able to serve it as a repo using any webserver of our choice
21/04/2021
Read more... -
Kubernetes Ingress: Required value: pathType must be specified
1 min read
While upgrading Ingress objects to networking.k8s.io/v1 you'll find out, among other changes that now the pathType is a required option:
spec.rules[0].http.paths[0].pathType: Required value: pathType must be specified, spec.rules[0].http.paths[1].pathType: Required value: pathType must be specified20/04/2021
Read more... -
Troubleshoot Kubernetes service not being resolved
2 min read
When you create a Kubernetes Service, pods from within the same namespace should be able to resolve it's IP by name. For example, if we create a service named ampa-votacions; any pod from the same namespace should be able to resolve it's IP. But sometimes it can't be resolved:
$ kubectl exec -it ampa-install-ws7cw -- sh / $ nslookup ampa-votacions Server: 172.20.0.10 Address: 172.20.0.10:53 ** server can't find ampa-votacions.us-west-2.compute.internal: NXDOMAIN ** server can't find ampa-votacions.ampa.svc.cluster.local: NXDOMAIN ** server can't find ampa-votacions.svc.cluster.local: NXDOMAIN ** server can't find ampa-votacions.ampa.svc.cluster.local: NXDOMAIN ** server can't find ampa-votacions.cluster.local: NXDOMAIN ** server can't find ampa-votacions.svc.cluster.local: NXDOMAIN ** server can't find ampa-votacions.cluster.local: NXDOMAIN ** server can't find ampa-votacions.us-west-2.compute.internal: NXDOMAIN19/04/2021
Read more...