Posts tagged: containers

Kubernetes is beautiful. Kubernetes is beautiful. Reddit · reddit.com [1] This is a fantastic progression through kuberentes concepts. From running a pod, to making it resiliant, holding secrets, accepting traffic, and autoscaling. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://www.reddit.com/r/kubernetes/comments/1rzyhip/kubernetes_is_beautiful/ [2]: /thoughts/

Today I learned that docker creates an empty /.dockerenv file to indicate that you are running in a docker container. Other runtimes like podman commonly use /run/.containerenv. kubernetes uses neither of these, the most common way to detect if you are running in kubernetes is to check for the presence of the KUBERNETES_SERVICE_HOST environment variable. There will also be a directory at /var/run/secrets/kubernetes.io/serviceaccount that contains the service account credentials if you are running in kubernetes.

Like a dufus this morning I did a hard reset on a git [1] repo for getting I was working on a manifest for. You see I generally use argo, but occasionally I have no idea what I am doing or want yet and I start raw doggin it, fully aware that I’m going to just nuke this namespace before getting it into a proper argocd. I was overjoyed when I found out that you can diff your manifests with live production using the kubectl diff command. It uses standard diff so you can bring all your fancy diff viewers you like. # regular manifest kubectl diff -f k8s/shots -n shot # kustomize kubectl diff -k k8s -n go-waylonwalker-com # using a fancy diff viewer kubectl diff -f k8s/shots -n shot | delta # using an even fancier diff viewer # pinkies out for this one kubectl diff -f k8s/shots -n shot | delta --diff-so-fancy Now I can get those changes back that I thought I lost, and apply updates with confidence knowing what is about to change. References: [1]: /glossary/git/

- Kelsey has a really good lightbulb moment here about platform engineering. “if you had to do all the deployments for the entire company what questions would you ask of the development team?” That’s your api, your platform, this is your product as a platform engineer. It’s not images, docker, terraform, hcl, yaml, kubernetes, It’s building out the right api for your company to deploy its products effectively. https://www.youtube.com/watch?v=HdUbTyvrfKo&t=429s [1] timestamped Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://www.youtube.com/watch?v=HdUbTyvrfKo&t=429s [2]: /thoughts/

I learned to today that setting MEMORY on your minecraft server causes the JVM to egregiously allocate all of that memory. Not setting it causes slow downs and potential crashes, but setting INIT_MEMORY and MAX_MEMORY gives us the best of both worlds. It is allowed to use more, but does not gobble it all up on startup. In this economy we need to save all the memory we can! Here is a non-working snippet for a minecraft server deployment in kubernetes. containers: - name: dungeon image: itzg/minecraft-server env: - name: EULA value: "true" - name: INIT_MEMORY value: "512M" - name: MAX_MEMORY value: "3G" and in docker compose dungeon: image: itzg/minecraft-server environment: EULA: "true" INIT_MEMORY: "512M" MAX_MEMORY: "3G"

Today I learned an important lesson that you should periodically check on your kubeconfigs expiration date. It’s easy to do. You can ask for the client-certificate-data from your kubeconfig, decode it, and use openssl to get the expiration date. kubectl config view --raw -o jsonpath='{.users[0].user.client-certificate-data}' \ | base64 -d 2>/dev/null \ | openssl x509 -noout -dates Note This will only work for the first user, if you have more than one user or context defined in your kubeconfig you will need to adjust.

The k3s system-upgrade controller is a fantastic tool for upgrading k3s automatically. It has done a fantastic job for me every time I’ve used it. Today I ran it on a cluster that needed to upgrade several minors and I learned that the controller does not pick up on changes to the channel url if you change from minor to minor. The solution I came up with was to name the plan with the version it supports. Then on each patch upgrade, change both the plan name and the channel. I use gitops with argocd, it automcatically cleaned up old plans, created new plans, and the system-upgrade-controller picked up the plan and started applying immediately. # Server plan apiVersion: upgrade.cattle.io/v1 kind: Plan metadata: name: server-plan-v1.33 # <- This is important if you want to change the channel name namespace: system-upgrade spec: concurrency: 1 cordon: true nodeSelector: matchExpressions: - key: node-role.kubernetes.io/control-plane operator: In values: - "true" serviceAccountName: system-upgrade upgrade: image: rancher/k3s-upgrade channel: https://update.k3s.io/v1-release/channels/v1.33 --- # Agent plan apiVersion: upgrade.cattle.io/v1 kind: Plan metadata: name: age...

K8s Diagram Builder - Visual Kubernetes YAML Generator Free Kubernetes diagram builder with drag-and-drop design. Auto-generate production-ready YAML for Ingress, Services, Deployments, ConfigMaps, Secrets & more. No signup required. K8s Diagram Builder · k8sdiagram.fun [1] This looks like great prototyping tool for k8s. I too often ask ai to get me going with the things I need. I’ve used k8s long enough that I can generally remember all the things I need, roughly where they go, would probably forget a few things and need to iterate, but I cannot remember exactly what goes where and need examples at a minimum. I need to give this a go from desktop and see if it will work for me. Right now looking through mobile looks promising. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: http://k8sdiagram.fun/ [2]: /thoughts/

PETaflop cluster AI is a pain in the back. Justin Garrison · justingarrison.com [1] Justin makes the coolest kubernetes clusters wishing I could see it in the flesh at Kubecon. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://justingarrison.com/blog/petaflop-cluster/ [2]: /thoughts/

Performance Difference between RWX and RWO volumes · longhorn longhorn · Discussion #6964 Hey all, because of some internal testing I made a couple of experiments on our Cluster related to performance of RWX and RWO volumes. Because this might be of interest to some people I thought I s... GitHub · github.com [1] Interesting longhorn storage performance test, author does highlight right away that this is a simulation and not a REAL test. I did not fully understand the storage semantics before reading through this. - RWO - Always presents a filesystem ext4 or xfs - RWX/ROX - Always presents a network share nfs to the pod. This is an important distinction for applications that use sqlite or a tool on top of sqlite such as diskcache. With sqlite it is not recomended to run over nfs due to missing required file locking mechanisms. Longhorn storage still provides a lot of benefits to these applications as the storage is automatically replicated, if the node that your application is running on goes offline a new pod will start on an existing node. If you have planned downtime, you can cordon and drain a node. Since the data is available in another location you will be able to s...

External Link meetgor.com [1] Sometimes, all you need is a mindset shift, a blocker in your mind that holds you back from doing certain things. And for me, I have consumed enough tutorials and posts about Kubernetes, that I need to put to use and create. I have been stuck in the learning cycle, lets push to prod with kubernetes. This hurts. I know others with this learning style that need to see the full picture before actually doing something with new tech. The way I first got into kubernetes I was looking for the easy route and somehow k8s came up several times as a suggested route Looking for a Heroku replacement, What I found was shocking! [2], So I dove in head first with k3s [3] and kompose [4]. What I found was that it was not all that hard once you start to see how the pieces fit together, no amount of reading tutorials would have gotten me there. Does anyone care if you use simple yet fragile bash scripts or heavy weight Kubernetes cluster for just clicking buttons and creating and updating rows in a database? No! You know what, let’s fucking use Kubernetes. Let’s Gooo. Use what is right for you and stop parroting kubernets is hard, heavy, for big companies, maybe...

External Link meetgor.com [1] If you want to use it for the purpose of learning it, please do use it. Kubernetes as usual is a tool like others, you can’t use one tool everywhere. Where bash scripts work, they just work, where they don’t they fall apart too, kubernetes works like a charm. Use your grug brains a little and choose wisely! In the end, who the hell cares if you use kubernetes or bash scripts to scale if your users are happy? Well Said! Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://www.meetgor.com/thoughts/kubernetes-isn-t-for-you/ [2]: /thoughts/

Kubernetes Isn Kubernetes isn sliplane.io [1] This post feels like it was written by someone who has never tried kubernetes, someone who reads twitter, listens to t3.gg and thePrimeagen (who cant even container let alone kubernetes). If you cant run linux, use bash, build your own docker images, run docker comfortably. If infra is not your thing kubernetes is probably not for you. Kubernetes Was Built for Google Just like how react was built for facebook to solve facebook problems with many teams contributing effectively to the same interactive interfaces. Turns out that react is actually a pretty good product if you have a highly interactive page, and if this is your bread and butter, you can make overly heavy static sites with too much build very effectively. It works and runs much of the internet now. We are getting serious. We need serious tools. Big companies use Kubernetes. We should too. It feels more professional. It sounds like we know what we are doing. If anyone uses these reasons to pitch kubernetes to me they don’t belong in a position to make any sort of decision. The first one could be a heading with maybe something under it. But Kubernetes should not be y...

If you need to target a specific k8s node in the cluster, you can use labels. You want to treat your nodes as much like cattle as you can, but sometimes budgets get in the way. You might be like me and just run any free hardware you can get in your cluster, or you might have some large storage or gpu needs that you can’t afford to put on every node in the cluster. kubectl get nodes --show-labels # add the bigpool label kubectl label node k8s-1 bigpool=true kubectl get nodes --show-labels # remove the bigpool label kubectl label node k8s-1 bigpool- To use the label in a pod set spec.nodeSelector to the label that you applied. apiVersion: v1 kind: Pod metadata: name: busybox spec: containers: - name: busybox image: busybox nodeSelector: bigpool: "true"

k8s-monitoring-helm/charts/k8s-monitoring/docs/examples/private-image-registries/globally/values.yaml at main · grafana/k8s-monitoring-helm Contribute to grafana/k8s-monitoring-helm development by creating an account on GitHub. GitHub · github.com [1] k8s-monitoring requires setting imageregistry and pullsecrets twice global: image: registry: my.registry.com pullSecrets: - name: my-registry-creds imageRegistry: my.registry.com imagePullSecrets: - name: my-registry-creds Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://github.com/grafana/k8s-monitoring-helm/blob/main/charts/k8s-monitoring/docs/examples/private-image-registries/globally/values.yaml#L29 [2]: /thoughts/

External Link christopherbiscardi.com [1] Interesting take on kubernetes from a front end perspective. All valid arguments to me, and really the answer to any do you need to any specific implementation of tech is probably no. We got along just fine before k8s ever existed and you still can, but its really nice in a lot of cases. If your skills lean toward backend or infrastructure I encourage you to give it a try. k8s distros # [2] There are a lot of beginner friendly k8s distros that you can setup with relative ease, kind and k0s are great for single node, If you want multi-node k3s is what I generally use. If you want a very lightweight OS that you only interact with through an api, and has a very small attack surface talos is an amazing product. When else might you want k8s # [3] Internal, on-prem, self hosted [4]. If you are trying to avoid the cloud for cost, rules, regulations, red tape, kubernetes is a great option to manage your container workflows yourself without needing to have a cloud budget, get approvals and sign offs on running workflows in a public cloud. Note This post is a thought [5]. It’s a short note that I make about someone else’s content online #t...