Similar to assigning an IAM role to a ec2 instance to grant access to the applications running on it to access AWS services, you can assign an IAM role to each individual k8s service. This will allow you to get finer control and only grant the access to aws resources Read more…
Install kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml https://argoproj.github.io/argo-cd/getting_started/ Proxy connection to server kubectl port-forward svc/argocd-server -n argocd 8080:443 You can access the argocd server at http://localhost:8080 Until we configure SSL you will get a certificate error in the browser. Click continue and use the default credentials Read more…
In this example we are using Elastic Cloud managed elasticsearch and will deploy the metricbeat to a k8s cluster. Create Secret apiVersion: v1 data: ELASTICSEARCH_AUTH: [base64_encoded_auth] ELASTICSEARCH_CLOUD_ID: [base64_encoded_cloudid] ELASTICSEARCH_RABBITMQ_PASSWORD: [base64_encoded_password] ELASTICSEARCH_RABBITMQ_USER: [base64_encoded_user] kind: Secret metadata: name: metricbeat type: Opaque Create DNS pointing to RabbitMQ apiVersion: v1 kind: Service metadata: name: Read more…
Creating a private docker registry can be as simple as running a container provided by docker. Most cloud providers offer a hosted solution (e.g. AWS ECR). But, sometimes you just want/need to roll your own 🙂 If you are using k8s, this is a quick way of doing it. The Read more…
Enable auto-completion Upgrade bash, install autocompletion and enable them: https://medium.com/merapar/fixing-bash-autocompletion-on-macos-for-kubectl-and-kops-e87f019652e8 List all pod (sorted by node) kubectl get pods -o wide –sort-by=”{.spec.nodeName}” –all-namespaces
Docker Private Registry To setup Microk8s, see previous post Enable required microk8s add-ons: In order to push images from your development machine to a Microk8s docker private registry, you may want to expose it outside of the host. Note: these instructions can easily be adapted to expose a docker private Read more…
A common need is to share files between different containers. There are many ways to accomplish this. If you only need to share a folder between pods running on the same node you can use local node shares. NFS shares is one of the options when you are looking to Read more…
One more of those small things that can cost you hours to find again when you eventually need it. 502 – too big header If you get nginx 502 error pages when browsing one of the services you deployed to a kubernetes controller using a nginx ingress controller to expose Read more…
Start with a virtual machine running Ubuntu with snap support (e.g. 16 or 18LTS) SSL Rancher has “native” support for letscencrypt. If you have access to a domain and can create a new DNS entry on it, add one pointing to this server. Make sure ports 80 and 443 are Read more…
Create a kubernetes cluster all-in-one virtual machine for kubernetes learning/experimentation. Note: There is a little video on https://microk8s.io/ if that is more of your cup of tea. Ingredients Virtual Machine (e.g. AWS EC2 instance) Ubuntu 18.04 LTS (or any linux distribution with snap support) Create cluster using microk8s Like Magic: You Read more…