Cloud
terraform actions - I like hooks and I cannot lie Paid Members Public
Terraform 1.14 beta brings actions - a decent approach to run one shot events on state transitions. Check out this post to see an example and how it can be done already today.
Using kyverno to generate secrets Paid Members Public
Sometimes it's the little helpers that make the difference. Here's some kyverno policy you can use to generate secret values in Kubernetes through a mutating webhook.
Helm & variable scopes Paid Members Public
When using variables to track state across loop iterations in Helm templates, declare them outside the loop scope or they'll reset on each iteration.
Terraform map expansion - interface ranges Paid Members Public
Expanding value ranges dynamically in terraform can help you to compact your configuration and keep the focus on the values. It takes a few moments to expand the values using regex magic, still it's worth the effort!
InvalidHeaderValue on python & azure storage account access Paid Members Public
Using python to access azure storage accounts can - during rollouts of new api versions - result in InvalidHeaderValue issues if the client library is requesting an api version that is not yet on the account.
ingress-nginx 1.12 & allow-snippet-annotations Paid Members Public
If you need to use snippet annotations (why?) on ingress-nginx - you'll also need to adjust the annotation filtering.
multus - deadlock state on thick plugin Paid Members Public
Using Multus CNI's 'thick plugin' in Kubernetes can cause pod startup deadlocks due to circular dependencies between pods and the Multus daemon. Switching to the daemonless 'thin plugin' mode effectively resolves this initialization issue.
kubernetes, cgroups v2 and failing health probes Paid Members Public
Running Kubernetes on a systemd-based OS can lead to pods restarting endlessly due to health probe failures, caused by the systemd cgroup driver. Previously, this was fixed by modifying boot options, but a simpler approach is to switch the kubelet to use cgroupfs instead.
