• Use a letsencrypt certificate on Kubernetes with cert-manager and Traefik

    4 min read

    traefik k3s ingress letsencrypt cert-manager

    To be able to automatically request letsencrypt certificates for the TLS-eanble Ingress objects in a kubernetes cluster with the traefik ingress controller we can use the cert-manager controller.

    23/05/2023

    Read more...

  • external DNS: Ignore Ingress object

    1 min read

    If we are using external DNS to create DNS records based on the configured Ingress objects we might face a situation where we have two Ingress objects with the same hosts configured:

    $ kubectl get ingress
NAME                    CLASS    HOSTS                                          ADDRESS       PORTS     AGE
repo-nginx              <none>   repo.pet2cattle.com                            10.12.10.21   80        194d
repo-alb                <none>   repo.pet2cattle.com                            10.12.10.31   80, 443   115d

    In a situation like this, we want to be able to tell external DNS to ignore one of them.

    05/07/2022

    Read more...

  • Enable access logs for an Ingress using ALB

    3 min read

    AWS Kubernetes Ingress ALB access logs

    When configuring the ALB using an Ingress object we can enable storing access logs to an S3 bucket in the same way we can do it for any ALB using terraform

    28/06/2022

    Read more...

  • ArgoCD redirect loop when using a Ingress objects with HTTPS offloading

    3 min read

    When enabling an Ingress for ArgoCD we might end up with a redirect loop: ArgoCD keeps redirecting to the main page using https, even tough it is already using https:

    $ curl -I https://argocd.pet2cattle.com/

HTTP/2 307 
date: Wed, 23 Mar 2022 22:38:31 GMT
content-type: text/html; charset=utf-8
location: https://argocd.pet2cattle.com/

    This issue happens because, by default, ArgoCD expects to handle the TLS termination by itself, always redirecting HTTP requests to HTTPS. If we try to offload the TLS termination to the ingress controller, from ArgoCD's perspective the connection is HTTP, so it keeps redirecting to HTTPS

    24/03/2022

    Read more...

  • Install and configure external-DNS on AWS EKS

    3 min read

    With external DNS the DNS records for the ingress objects we have will be created automatically. We can choose between several cloud providers but we can even configure it to use the standard dynamic zone manipulation defined in RFC-2136. Let's see how to configure it on AWS EKS with Route53

    09/11/2021

    Read more...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets