Security is an essential and a core part of operations and thus keeping secrets secured is vital. Unfortunately, for many an organization, this is often not a priority.
The lack of zeal toward managing secrets is likely related toward the complexity involved. Managing configuration artifacts have well established patterns using change configuration (Puppet, Chef, Ansible, Salt Stack) tools, using service discovery with KV stores (etcd, Consul, Zookeeper), or through simpler means like environment vars and config files.
This article covers using ExternalDNS to automate updating DNS records when applications are deployed on Kubernetes. This is needed if you wish to use a public endpoint and would prefer a friendlier DNS name rather than a public IP address.
This article will configure the following components:
As apart of this exercise, two demonstration programs will demonstrate use of ExternalDNS:
After creating a system with a public IP, you can add a friendly DNS name to reference this such as
Once you purchased a domain name, such as through a service like GoDaddy, you have a few options for automating DNS:
When getting started on a new technology, one method is to take what you know and just do the same sort of things on the new platform.
For this guide, I will essentially do this: ❶ create network infrastructure and ❷ put a Linux VM machine on that network infrastructure.
We’ll also create some storage that can be used for boot diagnostics, should the system fail in a way that is not captured by the logs.
This article will teach two conceptual domains:
This article covers provisioning a sizable AKS cluster using Azure CLI. In the past, I covered articles covering how to do this with EKS and GKE, so this will be the third set of series around AKS with a guide to how to get off the ground (to get started).
For this solution to work, you will likely need to submit a request to Microsoft to extend quotas for Azure. Azure quotas are quite limited and will not permit you to create a 3 × Kubernetes worker node cluster with one Kubernetes worker node per zone.
Below are some articles…
In the Kubernetes community, it would be a surprise to find anyone that does not yet know about the popular Helm tool to deploy services. Similar to tools like Homebrew for macOS or Chocolatey for Windows, you can install a solution on Kubernetes easily with
helm install <package-name>.
Helm charts share one thing in common with change config tools like Chef, Consul-Template, Ansible, Puppet, or Salt Stack, where you can use a template engine like ERB or Jinja to dynamically compose a configuration file. …
On my journey in the DevOps cultural revolution, like many, has been heavy on the automation. This started with change configuration platforms (Chef, Puppet, Ansible, Salt Stack), infrastructure as code (Ansible, Terraform), and immutable infrastructure (Docker, Kubernetes).
However automation was only one the aspects in DevOps.
One area that I found vital yet often neglected is measurement, and so in my DevOps journey, I wanted to devote some energy…
When developing for cloud native solutions, I occasionally need to setup clean isolated environments using virtualization for testing or modelling solutions. One of the tools for my development system used to manage virtual machines is the popular Vagrant tool from Hashicorp.
This article will cover how to install and setup these components on Ubuntu 20.04.1 LTS (Focal Fossa).
These are instructions use GNU bash that comes standard on most distros. …
Azure like other cloud providers has support for an object store, called Azure Blob Storage. This solution is similar to S3 or GCS, but unfortunately, most applications out there will not have direct support for Azure Blob Storage.
These are the tools required to fully use this…
Now that we have an existing VPC infrastructure, we can provision Amazon EKS. In this article I will cover two main topic take-aways:
eksctlto quickly provision EKS using VPC infrastructure created by Terraform.
This code will create a EKS-ready VPC cluster: private and public subnets per availability zone and tag appropriately for EKS.
Linux NinjaPants Automation Engineering Mutant — exploring DevOps, Kubernetes, CNI, IAC