-
Is it possible to escape from a container on Kubernetes?
3 min read
You might find some documents explaining containers (this applies to docker and Kubernetes as well) as chroot jails on steroids. One might end up thinking it might be as easy to escape from a root container as it is from a root chroot. But that's not true because it's just an analogy.
28/01/2022
Read more... -
How helm values are stored on Kubernetes
2 min read
If we want to get the values we have set for a particular helm chart we can use the helm get values command. Where are these values stored?
27/01/2022
Read more... -
Packer templates: Add more verbosity to shell provisioners
2 min read
If we use shell scripts as provisioners with packer errors can be confusing:
==> amazon-ebs: Terminating the source AWS instance... ==> amazon-ebs: Cleaning up any extra volumes... ==> amazon-ebs: No volumes to clean up, skipping ==> amazon-ebs: Deleting temporary security group... ==> amazon-ebs: Deleting temporary keypair... Build 'amazon-ebs' errored: Error removing temporary script at /tmp/script_9722.sh! ==> Some builds didn't complete successfully and had errors: --> amazon-ebs: Error removing temporary script at /tmp/script_9722.sh! ==> Builds finished but no artifacts were created.We can tell there is an error, but it's hard to tell what's going on
26/01/2022
Read more... -
Terraform apply without updating modified resources
2 min read
When we are deploying infrastructure using terraform we need to understand that we should not be modifying what we have deployed, otherwise terraform will undo these changes if we apply it again. This is actually a good thing to make sure the code reflex the state of the infrastructure but sometimes can be a pain
24/01/2022
Read more... -
Using AWS Karpenter with spot instances
3 min read
One of the advantages of using AWS Karpenter is that makes straightforward using spot instances. But how do we handle termination notices coming from AWS?
21/01/2022
Read more... -
Terraform: retrieve AWS information
2 min read
When running terraform on an AWS account we might need to have some context information such as it's account ID or the region we are in. Instead of having to set them as variables we can use the aws_caller_identity, aws_partition and aws_region datasources to retrieve this information
19/01/2022
Read more... -
Using multi-stage build to optimize Docker images
2 min read
To be able to build a Docker image we might need some packages that we won't be using at runtime, an example of this would be the compiler or any of the tools we might be using to build it (make, ant, maven...)
Instead of installing the tools to remove them later on while building the Docker image we can use a multistage build so we can just copy the artifacts we need to the final image.
17/01/2022
Read more... -
Load a Jenkins Pipeline Shared Library from a git repository
2 min read
To load a specific Jenkins Pipeline Shared Library we can use the @Library() function, but the library needs to be configured on Jenkins:
@Library('demo-shared-library') _This is particularly annoying if:
- We don't have admin access to Jenkins (so we might need to request every single change)
- We need to test several libraries, so we would need to configure every single library we want to test
13/01/2022
Read more... -
Kubernetes PersistentVolume: Data cleanup on object deletion
2 min read
A PersistentVolume is the abstract representation of storage as a resource within a Kubernetes cluster. The attributes describe the storage resource, it's underlying resource can either be a disk provisioned by the cloud you are using or something as simple as manually provisioned NFS disk
On PersistentVolumes we can configure several reclaim policies to define how it's data removal is handled once the PersistentVolume object is deleted.
12/01/2022
Read more... -
Autoscaling using datadog as a external metrics provider
3 min read
Since Kubernetes v1.2 we can autoscale an application based on metrics like CPU provided by the metrics-server. As of Kubernetes v1.6, it is possible to autoscale off of custom metrics and later on, starting Kubernetes v1.10, we can autoscale using any metric from outside the cluster, like the ones collected by datadog
10/01/2022
Read more...