• Helm templates: Using fullname inside a range block

    2 min read

    helm template fullname range

    If we try to use the template fullname function inside a range block as follows:

    {{ range .Values.secrets }}
---
apiVersion: 'kubernetes-client.io/v1'
kind: ExternalSecret
metadata:
  name: "{{ template "pet2cattle.fullname" . }}-{{ . | replace "_" "-" }}"
(...)
{{ end }}

    We will get a can't evaluate field Values in type string like follows:

    Error: template: pet2cattle/templates/_helpers.tpl:14:14: executing "pet2cattle.fullname" at <.Values.fullnameOverride>: can't evaluate field Values in type string

    29/12/2021

    Read more...

  • Traefik Ingress controller: How to to redirect all http traffic to https

    2 min read

    traefik redirect http https ingress helm

    If you want to redirect all your HTTP requests to HTTPS, we can configure Traefik to do it for all the Ingress object we have configured

    28/12/2021

    Read more...

  • K3s: Upgrade your Traefik ingress controller to version 2

    2 min read

    traefik k3s upgrade

    If you have K3s' system-upgrade-controller installed you might have noticed how charts appear under /var/lib/rancher/k3s/server/static/charts but your traefik Ingress controller is not being updated:

    # pwd
/var/lib/rancher/k3s/server/static/charts
# ls -lrt
total 104
-rw------- 1 root root 27292 May 21  2021 traefik-1.81.0.tgz
-rw------- 1 root root   914 Nov 21 17:19 traefik-crd-9.18.2.tgz
-rw------- 1 root root 17008 Nov 21 17:19 traefik-9.18.2.tgz
-rw------- 1 root root   914 Dec  3 07:14 traefik-crd-9.18.201.tgz
-rw------- 1 root root 17041 Dec  3 07:14 traefik-9.18.201.tgz
-rw------- 1 root root 17685 Dec 22 19:07 traefik-10.3.001.tgz
-rw------- 1 root root  7396 Dec 22 19:07 traefik-crd-10.3.001.tgz

    27/12/2021

    Read more...

  • Generate public SSH key from existing private SSH key

    1 min read

    To be able to successfully connect using SSH keys we need to have the private key on the client side and the public key set on the server side (where we want to connect). If we only have the private key, we can generate a public SSH key from it

    24/12/2021

    Read more...

  • How risky it really is to run a Pod with privileged: true?

    3 min read

    kubernetes privileged pod

    When running containers, by default we will have an isolation between the host and the running container: you cannot access the host’s resources. But when you run a Pod with the privileged flag, you are effectively disabling this isolation making it equivalent to running that process as root on the host server.

    22/12/2021

    Read more...

More recent...

Older content...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets
cloud
krew Crossplane ASG AWS Ingress Workflow ssh deployment Prometheus Pulumi ExternalSecret Kubernetes Argo Workflows history Lambda Terraform probe Secret HPA EBS operator-sdk Docker Job Helm container images CDK diff HCL Deployment EKS MacOS RBAC GitHub Pod Policy enforcement Argo ALB git context PersistentVolume drain typescript for_each cluster autoscaler datasource golang IRSA Git Kustomize EC2 patch spot instances OpenShift Traefik provider multiarch troubleshooting Volume Service awscli minikube ArgoCD Environment Troubleshooting Kaniko template github action state k3s