• Test SSL protocols availability using openssl s_client

    3 min read

    To make sure we don't publish an SSL service with vulnerable protocols enabled we can check which protocols the server has enabled using openssl s_client

    Depending on the OpenSSL version we have we will have different procotols available. For example, if we are using OpenSSL 1.0.2j we will have the following options for s_client:

     -ssl2         - just use SSLv2
 -ssl3         - just use SSLv3
 -tls1_2       - just use TLSv1.2
 -tls1_1       - just use TLSv1.1
 -tls1         - just use TLSv1
 -dtls1        - just use DTLSv1

    On the other hand, if we are using OpenSSL 1.1.1f we will only have:

     -tls1                      Just use TLSv1
 -tls1_1                    Just use TLSv1.1
 -tls1_2                    Just use TLSv1.2
 -tls1_3                    Just use TLSv1.3

    06/07/2021

    Read more...

  • Testing a TCP connection using bash

    2 min read

    bash test connection

    To be able to debug issues we can test a TCP connection using netcat (nc) or even telnet. But when we are on a containerized environment such as Kubernetes it can be a challenge when the container doesn't have the right tools for the job

    $ nc
bash: nc: command not found
$ netcat
bash: netcat: command not found
$ telnet
bash: telnet: command not found

    05/07/2021

    Read more...

  • Using terraform try function to retrieve optional values on maps

    2 min read

    terraform try function

    It's common practice to use a map in terraform to configure resources. If we want to use a map with optional values we can make use of the try() function

    Let's us the following map as an example:

      config = {
    namespaces = ["namespace1", "namespace2"]

    (...)
  }

    02/07/2021

    Read more...

  • Using an HPA object to autoscale a deployment based on it's Pods CPU metrics

    3 min read

    kubernetes autoscale deployment CPU metrics

    On Kubernetes, scaling an application is just a matter of defining how many replicas we want:

    $ kubectl scale deployment/demo --replicas=5
deployment.apps/demo scaled

    Having to manually adjust the number of replicas is not really practical. Here's where the HorizontalPodAutoscaler (HPA) comes into play

    01/07/2021

    Read more...

  • Kubernetes Pod: Share a temporal Volume across containers

    2 min read

    kubernetes volume pod

    If we need to be able to share some data across containers (one generates the data and the other one consumes it) we can use an emptyDir to create a Volume to mount on both containers.

    30/06/2021

    Read more...

More recent...

Older content...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets
cloud
golang awscli Helm patch Environment MacOS Workflow Troubleshooting Argo Workflows github action multiarch Job template Kustomize Policy enforcement provider Lambda cluster autoscaler OpenShift ExternalSecret Git drain Traefik EC2 Pulumi ALB Ingress EKS Secret AWS datasource troubleshooting CDK PersistentVolume RBAC krew Service HPA spot instances HCL deployment Prometheus context git ssh probe ASG Crossplane Terraform EBS typescript Pod Kaniko state minikube Kubernetes operator-sdk k3s ArgoCD for_each GitHub Argo Deployment history diff IRSA Docker Volume container images