-
Publish a helm chart using github actions and github pages
2 min read
Having a helm chart released (via an index.yaml) is a convenient way of using it. Combining github actions with github pages we can do it in a serverless fashion
31/10/2022
Read more... -
Kubernetes: How to push ConfigMap values as environment variables
2 min read
We can read values from a ConfigMap as a volume but we can present them to a Pod as an environment variable
27/10/2022
Read more... -
AWS STS: IAM roles for ServiceAccounts on AWS ROSA
2 min read
AWS ROSA it is integrated with the AWS STS that will allow us to setup IRSA just as we would do on an EKS cluster.
25/10/2022
Read more... -
OpenShift: Operators lifecycle using manifest files
4 min read
With OpenShift we can use a nice UI to install and remove operators, but we can achieve exactly the same using manifests and kubectl (oc)
24/10/2022
Read more... -
OpenShift ROSA: Get the OIDC URL within the cluster
1 min read
When running a ROSA cluster (OpenShift on AWS) we might need to get it's Identity provider (OIDC) for, for example, configure STS (IRSA). We can get it directly from the cluster reading the Authentication object
20/10/2022
Read more... -
External Secrets Operator with Vault
3 min read
The External Secrets Operator can be configured to retrieve secrets from Vault, to demonstrate this we are going to use a test vault running on Kubernetes.
18/10/2022
Read more... -
Simulate a OpenShift cluster using CRD objects
3 min read
Openshift has some objects that doesn't exists on Kubernetes such as Project or Route. If we try to push one of these OpenShift objects into a vanilla Kubernetes we'll get an error:
$ kubectl apply -f route.yaml error: resource mapping not found for name: "demo-route" namespace: "" from "route.yaml": no matches for kind "Route" in version "route.openshift.io/v1" ensure CRDs are installed firstFor CI/CD we might not need a fully features OpenShift cluster, just being able to push the objects might be enough, with the CRD generator we can create the needed CRDs to be able to create these OpenShift objects
17/10/2022
Read more... -
Updating secrets using the External Secrets Operator
3 min read
When we are using an ExternalSecret the actual secret is stored elsewhere, being the External Secret Operator in charge of updating the Secret object with the datata if fetches from the SecretStore. What happens when the Secret is updated?
11/10/2022
Read more... -
Configure HTTP to HTTPS redirect using traefik's IngressRoute
2 min read
When using the Traefik ingress controller there are several ways of redirecting HTTP traffic to HTTPS, one of the ways is using IngressRoute (Traefik 2)
07/10/2022
Read more... -
Crossplane: (not) handling secrets when defining resources
3 min read
The best way of handling secrets is not having to: When we rely on Crossplane to create cloud resources (such as a RDS instance) we can configure it to create a secret with it's credentials so that we don't have define any secret beforehand
06/10/2022
Read more...