• terraform: Apply changes to a specific resource

    2 min read

    terraform target resource

    When updating resources using terraform we might notice that infraestructure might have drifted for multiple reason: from developers creating or updating infrastructure through the web console without telling anyone, to uncontrolled updates on the cloud provider side.

    If we really need to apply a change but there are other changes that need reviewing, we can tell terraform to update just a specific resource.

    12/02/2021

    Read more...

  • IRSA: IAM role to ServiceAccount

    1 min read

    kubectl kubernetes EKS IRSA IAM ServiceAccount

    For EKS cluster there was kube2iam for providing IAM credentials to containers running inside a kubernetes cluster that required a DaemonSet to be deployed. With IRSA (IAM Role to ServiceAccount) we can link IAM roles to ServiceAccounts

    11/02/2021

    Read more...

  • Get attributes of a conditionally included resource

    2 min read

    terraform attributes conditionally included resource HCL get value

    To be able to conditionally include a given resource we can use the count argument but if we do so it is not as straightforward to use it's outputs (attributes) because now on this resource we have an array of outputs even thought we are confident that it will just have one if enabled. Let's take a deeper look on how to deal with this using the following conditional resource as an example:

    resource "aws_route53_record" "ampa_public_r53_cname_record" {
  count   = try(length(var.public_alias_name)>0, false)?1:0
  zone_id = data.aws_route53_zone.public_r53_zone.zone_id
  name    = var.public_alias_name
  type    = "CNAME"

  records = [ aws_route53_record.ampa_web_public_r53_record.fqdn ]
  ttl     = "3600"
}

    10/02/2021

    Read more...

  • kubectl scale: Scaling deployments

    1 min read

    scale deployment kubectl replicas

    To be able to scale kubernetes deployments we can edit the yaml file to increase the number of replicas we want but we can also use kubectl scale. Let's try to scale out the following deployment:

    $ kubectl get deploy demo
NAME   READY   UP-TO-DATE   AVAILABLE   AGE
demo   2/2     2            2           11d

    09/02/2021

    Read more...

  • IAM policies: What's the Version 2012-10-17?

    1 min read

    AWS IAM 2012-10-17

    While creating IAM policies you might have wondered: what's 2012-10-17? Is it something we need to update?

    08/02/2021

    Read more...

More recent...

Older content...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets
cloud
RBAC IRSA ExternalSecret for_each history drain Crossplane context EBS GitHub Kaniko Troubleshooting Kubernetes CDK EC2 typescript EKS Lambda PersistentVolume k3s Volume Deployment Prometheus diff Argo Workflows Helm ASG AWS Environment ALB HCL probe Pod Service Secret Traefik Docker Ingress patch operator-sdk MacOS golang cluster autoscaler Policy enforcement krew HPA state ArgoCD Pulumi template multiarch OpenShift deployment Argo github action Workflow spot instances Git container images troubleshooting minikube Terraform ssh provider git awscli Kustomize datasource Job