• AWS CLI configuration for assuming a different role

    On a previous post we saw how to test we can assume a role using AWS CLI but how can we configure AWS CLI to assume an specific role before performing some request? We can do it using a profile to save us from the trouble of having to change three different environment variables.


  • Testing assume-role using AWS CLI

    Once you have configured that one role can assume another role from another account you might want to actually test that you are able to do it. With aws sts you will be able to assume a role


  • How to get EC2 instance ID and other metadata

    On an EC2 instance we can retrieve some of it's metadata by using curl. Let's see how


  • ALB Ingress: redirect traffic to HTTPS

    One of the beauties of using an ALB Ingress controller on AWS is that you can configure SSL certificates for your Ingress by just defining you want to use HTTPS

    apiVersion: extensions/v1beta1
    kind: Ingress
        kubernetes.io/ingress.class: alb
        alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80},{"HTTPS":443}]'

    But this is going to serve the same content using HTTP and HTTPS. Configuring a SSL redirect it is also pretty straightforward but involves two steps:


  • Error syncing load balancer: failed to ensure load balancer: could not find any suitable subnets for creating the ELB

    If we try to create a LoadBalancer on an AWS EKS cluster without any public subnet it will get stuck on the pending state and we won't get any external IP/DNS name for it. By using kubectl describe we will be able to get the actual error:

    $ kubectl get svc -n pet2cattle
    NAME      TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
    demo-lb   LoadBalancer   <pending>     80:30525/TCP   7d
    $ kubectl describe svc demo-lb -n pet2cattle 
    Name:                     demo-lb
    Namespace:                pet2cattle
    Labels:                   <none>
    Annotations:              <none>
    Selector:                 run=demo-lb
    Type:                     LoadBalancer
    IP Families:              <none>
    IPs:                      <none>
    Port:                     <unset>  80/TCP
    TargetPort:               80/TCP
    NodePort:                 <unset>  30088/TCP
    Endpoints:      ,
    Session Affinity:         None
    External Traffic Policy:  Cluster
      Type     Reason                  Age                From                Message
      ----     ------                  ----               ----                -------
      Normal   EnsuringLoadBalancer    12s (x3 over 27s)  service-controller  Ensuring load balancer
      Warning  SyncLoadBalancerFailed  12s (x3 over 27s)  service-controller  Error syncing load balancer: failed to ensure load balancer: could not find any suitable subnets for creating the ELB



From pet to cattle
Treat your kubernetes clusters like cattle, not pets