• How to use aws s3 sync command

  2 min read

  Similarly on how we use the rsync command to copy content across the filesystem and even across servers, we can use aws s3 sync to not only sync files between the computer we are running it and an S3 bucket but also between S3 buckets

  03/05/2022

  Read more...

• Enable access logs for an AWS ALB using terraform

  2 min read

  To be able to collect access logs it might be just more convenient to be able to enable them at the load balancer level rather than having to aggregate logs from all the backend services. If we are using an AWS ALB we can configure it to push it's logs to an S3 bucket

  29/04/2022

  Read more...

• Kubernetes: volume node affinity conflict

  4 min read

  While trying to deploy Pods we might notice the on the Events section that Pod cannot be scheduled due to a volume node affinity conflict:

  $ kubectl describe pod website-365-flask-ampa2-ha-member-1 -n website-365 
  Name:           website-365-flask-ampa2-ha-member-1
  Namespace:      website-365
  Priority:       0
  Node:           <none>
  Labels:         (...)
  Annotations:    (...)
  Status:         Pending
  IP:             
  IPs:            <none>
  Controlled By:  StatefulSet/website-365-flask-ampa2-ha-member
  Init Containers:
  (...)
  Containers:
  (...)
  Conditions:
    Type           Status
    PodScheduled   False 
  Volumes:
    volume:
      Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
      ClaimName:  volume-website-365-flask-ampa2-ha-member-1
      ReadOnly:   false
  (...)
  Events:
    Type     Reason             Age                      From                Message
    ----     ------             ----                     ----                -------
    Normal   NotTriggerScaleUp  31m (x20835 over 7d19h)  cluster-autoscaler  pod didn't trigger scale-up: 2 node(s) had taint {pti/role: system}, that the pod didn't tolerate, 1 node(s) had volume node affinity conflict
    Normal   NotTriggerScaleUp  95s (x46144 over 7d19h)  cluster-autoscaler  pod didn't trigger scale-up: 1 node(s) had volume node affinity conflict, 2 node(s) had taint {pti/role: system}, that the pod didn't tolerate
    Warning  FailedScheduling   64s (x2401 over 43h)     default-scheduler   0/4 nodes are available: 2 node(s) had taint {pti/role: system}, that the pod didn't tolerate, 2 node(s) had volume node affinity conflict.
  

  27/04/2022

  Read more...

• How to update terraform modules

  5 min read

  
  

  When we change the location of any terraform module we need to run terraform init again to be able to pick up the right version:

  $ terraform plan
  Acquiring state lock. This may take a few moments...
  Releasing state lock. This may take a few moments...
  ╷
  │ Error: Module source has changed
  │ 
  │   on main.tf line 17, in module "terraform-module":
  │   17:   source = "git::ssh://git@github.com/pet2cattle/terraform-module.git?ref=1.0.2"
  │ 
  │ The source address was changed since this module was installed. Run "terraform init" to install all modules required by this configuration.
  ╵
  

  26/04/2022

  Read more...

• CoreDNS on Kubernetes: Allow DNS zone transfer

  3 min read

  
  

  Kubernetes, by default, registers all the Pods and services using the cluster.local DNS zone. At some point we might want to be able to take a look at this zone. Zone transfers are going to be restricted by default:

  dnstools# dig axfr cluster.local
  
  ; <<>> DiG 9.11.3 <<>> axfr cluster.local
  ;; global options: +cmd
  ; Transfer failed.
  

  But if we are using CoreDNS, we can configure it to temporally allow zone transfers to be able to take a look at it

  25/04/2022

  Read more...

More recent...

Older content...