Article

Introduction I’m working on a project where I’m migrating an Azure Pipeline to GitHub Actions. So far I’ve found the GitHub Actions very intuitive to work with and it was a very easy transition from Azure Pipelines. One requirement was to increase the version with every build. In the previous setup they were using the build ID, but I’m an advocate of always using semantic versioning if possible, so I wondered if this could be done using the GitHub Actions. ...

In a recent analysis, I explored two notable solutions for synchronizing secrets from Azure Key Vaults to AKS (Azure Kubernetes Service) clusters: akv2k8s and the Azure Key Vault Provider for the Secret Store CSI Driver. Here, I present my findings and recommendations based on the functionality, maintenance requirements, and integration capabilities of these tools. Akv2k8s, maintained by Sparebanken, is an open-source tool designed for the synchronization of secrets. Being dependent on an external tool for Kubernetes secrets synchronization is an undesirable situation and poses several challenges. Notably, the latest version of akv2k8s has been problematic, especially concerning the deployment of Postgres databases on our AKS clusters using the EDB operator. Akv2k8s alters the SecurityContext of pods in a way that causes them to fail. ...

This document is the result of my research into the Gateway API. It aims to briefly describe the Gateway API for Kubernetes, a typical implementation of ingress traffic using NGINX in AKS and how this setup could benefit from implementing the Gateway API. Introduction Gateway API is an official Kubernetes project focused on L4 and L7 routing in Kubernetes. This project represents the next generation of Kubernetes Ingress, Load Balancing, and Service Mesh APIs. From the outset, it has been designed to be generic, expressive, and role-oriented. ...

As a DevOps Engineer or Cloud Native Engineer, I think it’s important to specialize in one cloud provider in the beginning of your career. Specializing allows you to gain deep knowledge and expertise in the specific tools and services related to that cloud provider, making you a valuable asset to any company using that provider. Although cloud computing is similar in essence no matter which provider you choose, each cloud provider has its own vocabulary and way of structuring things. ...

Ah, writing. It’s one of the skills that I’ve consistently been praised for throughout my life. I’m pretty good at it, and I think that’s because I enjoy it. It led me to getting an academic degree in English Literature and Culture, simply because I was following the things I was naturally good at. However, just like any other skill, you can only become better at it through consistent practice. This morning I read a wonderful little blog post on writing regularly, and I was touched by his words: ...

This week I started a project which I’ve been putting off for too long. I finally started my homelab. Over the past year I’ve been collecting hardware here and there, and I’ve had the intention to start up a proper Kubernetes cluster at home. I got inspired by Rob Muhlenstein’s Homelab Init playlist on YouTube which I’m working on. There are a few reasons why I haven’t started up until now: ...

I used to make all my notes on paper, but I decided to switch to a digital note-taking system about two years ago. Digital note-taking provides the following advantages: Searchability Collected in one place Can be converted to different output formats Easier to share with others Does not take up physical space No risk of losing your notes in case of fire or other disaster I’ve gone through several iterations of my note-taking systems. I started on Google Docs, moved on to Notion and eventually landed on Obsidian. However, as I became more proficient with UNIX systems and vim, I realized I did not need all of that distracting functionality, and I switched over to using Neovim and a few bash scripts. I occasionally open up Obsidian to look at my graph view or to make use of the Anki plugin, but I enjoy the trimmed-down version that I built myself. I don’t need to leave the command line to read my notes or to create a new one. ...

I’ll be working with Bicep during my next contract, so I’m working through the Bicep modules on Microsoft Learn to prepare. I must say that these modules are particularly helpful. They are well structured and they provide you with free sandbox environments to practice deploying the templates you create. Why Bicep? Resources in Azure are deployed by the Azure Resource Manager (ARM). These resources are JSON objects under the covers, and ARM templates are a way to generate these JSON objects. However, JSON is not really meant to be edited by humans, and the ARM templates are not very suitable for editing either. Thus, Bicep was developed to allow for a better editing experience and better readability and reusability. ...

This guide uses the official getting started guide with a few modifications. This installation is only for lab purposes. Running ArgoCD in a production environment requires more configuration. Install argocd and argocd cli kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml My VM is running on arm architecture, so I need these commands to install the argocd cli on ubuntu. curl -sSL -o argocd-linux-arm64 https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-arm64 sudo install -m 555 argocd-linux-arm64 /usr/local/bin/argocd rm argocd-linux-arm64 Change the service type to LoadBalancer ...

You can get a free 24GB ram VM from Oracle. What better place for your own Kubernetes lab that is always available? See this article to create your VM. Here are the steps I took to install a single node kubernetes cluster on the Ubuntu VM. Installation sudo apt-get update sudo apt install apt-transport-https curl Install containerd sudo mkdir -p /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install containerd.io Remove the default containerd configuration, because it creates errors when running kubeadm init. ...