-
Using MinIO instead of a S3 bucket
4 min read
Since MinIO is an object storage server that implements the same public API as Amazon S3, can it be used to store terraform's state?
15/06/2021
Read more... -
tree visualization of Kubernetes objects
2 min read
Some kubernetes objects creates and manages other kubernetes objects in order to provide it's functionality. For example, the Deployment object creates a ReplicaSet that in turn creates the desired Pod objects. We can always track down this relationship using kubectl describe but using the tree krew plugin we can see the relationship in a visual way. We can install it like so:
$ kubectl krew install tree14/06/2021
Read more... -
terraform: check terraform configuration
4 min read
While working with terraform we might find some configuration or syntax errors using terraform plan. While we won't break anything anyway, it take a lot of time to realize we have a syntax error due to a typo. This is specially true if we are working with a remote terraform state. To avoid wasting time we can use terraform validate
11/06/2021
Read more... -
How to build a multi architecture container using buildx
7 min read
Docker has the ability to handle multi architecture containers: Using the same container image and tag we can deploy it on multiple architectures such as Intel and ARM. Since a docker container is composed of multiple layers it will just use one or another depending on the architecture we are running it. From the user perspective there's no difference on it's usage, but how do we build them?
10/06/2021
Read more... -
Hide sensitive information from terraform output
2 min read
There are certain terraform outputs that can contain sensitive data, for example: Rendered helm values can contain sensitive data that we need to give to helm to be able to install the pods on our kubernetes cluster. Starting terraform 0.15 we can tell terraform which input and output variables are sensitives so it can hide them away from it's output.
For example, to set an output variable as sensitive we just need to add the sensitive attribute and set it to true:
output "helm_pet2cattle_values" { value = module.pet2cattle.values sensitive = true }09/06/2021
Read more... -
terraform: create an array of resources using for_each
3 min read
If we need to create multiple resources of the same kind based on a set of objects, we can use the for_each keyword for creating them.
08/06/2021
Read more... -
Retrieve Oracle's versions using a SQL query
3 min read
One of the first things we might want to know about an Oracle database we have just connected is what version it is running. We can retrieve this information using an SQL query
07/06/2021
Read more... -
What's a kubernetes DaemonSet?
2 min read
When it comes to kubernetes objects, maybe the one that is quite common but still causes a lot of confusion is the DaemonSet. What's it's function?
04/06/2021
Read more... -
tail multiple kubernetes pods
2 min read
While debugging issues we might need to be able to see the output from multiple pods (or multiple) at the same time to be able to understand how they are interacting. Stern allows you to tail multiple pods on Kubernetes and even multiple containers within the pod
03/06/2021
Read more... -
kubernetes: enforce resource limits using LimitRange
3 min read
If we want to make sure the resources for a given namespace are controlled yet we want to be able to give full control to whoever is creating objects in that namespace, we can use LimitRange to enforce some resource constraints:
- We can enforce a minimum and maximum (and it's default value) for compute resources per Pod or Container or storage request per PersistentVolumeClaim in the namespace
- We can also enfornce a ratio between request and limit for a resource (so that we are not abusing the control setting limits that are too wide) Set default request/limit for compute resources in a namespace and automatically inject them to Containers at runtime.
This is implemented as an admission controller that observes the incoming requests and makes sure that it does not violate any of the constraints enumerated in the LimitRange object within it's namespace.
02/06/2021
Read more...