• Kubernetes: Configuring Topology Spread Constraints to tune Pod scheduling

    2 min read

    kubernetes pod affinity Topology Spread Constraints

    Ensuring high availability and fault tolerance in a Kubernetes cluster is a complex task: One important feature that allows us to addresses this challenge is Topology Spread Constraints.

    10/07/2023

    Read more...
  • OpenShift 3.11 - custom default route certificate failing with certificate has expired or is not yet valid

    2 min read

    OpenShift Route certificate has expired or is not yet valid default router-certs

    After trying to set a custom default certificate for the OpenShift routes we might see how it's Pods starts crashing:

    $ kubectl get pods
    NAME                          READY   STATUS             RESTARTS   AGE
    router-10-rh8vf               1/1     Running            0          32m
    router-10-f2dt2               0/1     CrashLoopBackOff   6          7m
    router-10-m45b7               1/1     Running            0          31m
    

    Checking it's logs we'll get a quite misleading message:

    $ kubectl logs router-10-f2dt2 -n default
    Error from server: Get https://some.openshift.cluster:10250/containerLogs/default/router-10-f2dt2/router: x509: certificate has expired or is not yet valid
    

    04/07/2023

    Read more...
  • Using Abbreviated Commits in Git

    1 min read

    git commit abbreviated

    To pin some code to a specific version we can use a commit ID instead of a tag but using such a long string might feel a tad cumbersome:

    $ git log
    commit fb944d599d5487229463478928834cac20963f75 (HEAD -> main)
    Author: Eric <some@thing.com>
    Date:   Wed Jun 7 20:27:17 2023 +0100
    
        Fix exit with no error when cert violates lookahead (#2395)
    
    (...)
    

    22/06/2023

    Read more...
  • ExternalSecret: Partially load a secret

    2 min read

    Kubernetes ExternalSecret

    Sometimes we might have a secret stored in the AWS Secrets Manager with multiple properties but we don't really need all the data stored in the secret. We can tell External Secrets Operator to use just a specific key instead of using the whole secret.

    13/06/2023

    Read more...
  • Add new line when printing data using jsonpath

    2 min read

    kubectl jsonpath output formatting new lines custom delimiters

    When we print values using jsonpath we'll get all the values in a single line (actually, it won't even bother adding the newline character at the end of the list):

    $ kubectl get ns -o jsonpath='{ .items[*].metadata.name }'
    default dynamodb-operator ec2-operator iam-operator kube-node-lease kube-public kube-system local-path-storage testvault
    

    06/06/2023

    Read more...

More recent...

Older content...