Cloud
Terraform - applying complex default values
This post explores handling default values in Terraform. It shows merging default values with instance-specific values, using both native merge and the deepmerge module for recursive merging of nested objects. This approach ensures compact, maintainable code and seamless use of default values.
Get filesystem access using an ephemeral container in kubernetes
Sometimes you need to access a containers filesystem but the container itself is eventually distroless or does not offer any shell. Here's how to access the filesystem anyway using ephemeral containers!
Using AKS kubectl (kubelogin) on headless systems or pipelines
Running kubectl on pipelines with interactive authentication is somewhat non-optimal :-) Let's make it better without using long-living tokens.
Choosing a postgres operator
This post describes my journey on the selection of the postgres operator that matches our demand.
Why you should use rook ceph on kubernetes (onprem)
If you run kubernetes on your own, you need to provide a storage solution with it. We are using ceph (operated through rook). This article gives some short overview about it's benefits and some pro's and con's of it.
Change statefulset spec without downtime
Altering statefulsets on kubernetes can be tricky - as statefulsets are very common used for persistent applications like databases recreation is no option. This guide shows a path around some of these limitations.
Linux kernel keyrings, container isolation and maybe some kerberos
On a recent project I've been stumbling on the case that kerberos tickets have been inadvertently shared across containers on a node - which obviously caught my attention as I'm not keen on sharing such secrets across workloads. This post describes why this happens and what to do to prevent this.
nginx ingress controller cannot load default-ssl-certificate
nginx ingress controller supports scoping to namespaces. This can be an issue with the default-tls-certificate in case this is not part of the scoped namespaces.