Using AKS kubectl (kubelogin) on headless systems or pipelines Paid Members Public
Running kubectl on pipelines with interactive authentication is somewhat non-optimal :-) Let's make it better without using long-living tokens.
Choosing a postgres operator Paid Members Public
This post describes my journey on the selection of the postgres operator that matches our demand.
SAML tokens and too much accuracy on clients Paid Members Public
Having multiple clients not being able to log in we discovered that our ADFS tokens NotBefore date is maybe too accurate for some very picky clients. Let's add some tolerance.
Manually remove a member from etcd Paid Members Public
Recently, I needed to rollback a kubernetes control-plane node to an older snapshot. This cause (obviously) that etcd could not operate anymore in the etcd cluster. The approach in this scenario is to remove the etcd node from the cluster and add it again. The removal of it is rather
Ubuntu 22.04 (or 21.10), kubernetes & cgroups v2 Paid Members Public
On some of our systems we've recently upgraded Ubuntu to 22.04 LTS (from 20.04 LTS). And one thing that has been problematic afterwards is that containers kept crashing - or to be more exact: the containers have been killed because the probes failed. This affected cilium
Using crun as container runtime Paid Members Public
Most of you will be aware that runc is one of the (currently) most commonly used container runtimes. In this image you can see runc is available besides other runtimes like kata of firecracker. If you need stronger isolation you might also be awaer of gVisor. However - there'
Adjusting the ulimit on microk8s Paid Members Public
Our software engineers are more and more working with AI which sometimes raises entirely new requirements on the environment. One of those is that we wanted to pin larger language models (in this case platypus2 70B parameters, or falcon 40B) to memory on a development host that runs microk8s. Long
When fstrim stalls your I/O subsystem Paid Members Public
On one of our systems we had issues that - once a week - the I/O subsystem stalled and causes issues on database operations.
