-
Keeping the terraform state in a Kubernetes Secret
2 min read
Storing the terraform state into a S3 bucket with dynamoDB for locking has become the de facto standard for being able to share the state across an organization. Nevertheless, there are interesting alternatives: We can use a Kubernetes Secret
19/04/2022
Read more... -
terraform: Get the latest AMI id
2 min read
Hard coding values is never a good idea, using the aws_ami datasource we can query AWS to fetch the latest AMI available, or any AMI really, as long as we properly set the filters so than just one AMI is selected.
06/04/2022
Read more... -
Kubernetes: Autoscaling using Prometheus as a external metrics provider
5 min read
Using an external metrics provider (Kubernetes 1.10+) we can use an HorizontalPodAutoscaler to automatically scale applications using any metric collected by Prometheus. Let's take a look on how to configure it
05/04/2022
Read more... -
Building container images on Kubernetes with Kaniko
3 min read
When trying to build container images on Kubernetes we might be tempted to use the Docker in Docker approach: To do this you'll need to:
- Run a docker daemon on the nodes, either as a service or as a container runtime (which it is deprecated since 1.20)
- Allow the Pod to communicate with docker's socket
This approach is considered a security risk and it should be avoided.
As alternative, we can use kaniko: It is a tool to build container images inside containers (hence, Kubernetes clusters)
04/04/2022
Read more... -
terraform: Update a Lambda function when the code changes
2 min read
If we are using the archive_file datasource to zip some Lambda function to be able to push it to AWS, we need to se the source_code_hash with it's hash to make sure the function gets updated when it changes:
01/04/2022
Read more...