Category Archives: Docker

Docker is a computer program that performs operating-system-level virtualization, also known as “containerization”.

Istio: an overview and running Service Mesh in Kubernetes

11 April 2021
 

 Istio is a Service Mesh solution that allows performing Service Discovery, Load Balancing, traffic control, canary rollouts and blue-green deployments, traffic monitoring between microservices. We will use Istio in our AWS Elastic Kubernetes Service for traffic monitoring, as an API Gateway service, for traffic policies, and for various deployment strategies. In this post, will speak… Read More »

AWS: InvalidSignatureException: Signature not yet current and Kubernetes AWS ALB Ingress controller

4 March 2021
 

 One day our developers said that they can not create new AWS LoadBalancers via Ingress on our Kubernetes Dev cluster (AWS EKS). Balancers are created using AWS ALB Controller, see AWS Elastic Kubernetes Service: running ALB Ingress controller. Errors in the controller’s logs were: E0304 07:12:38.595113       1 controller.go:217] kubebuilder/controller “msg”=”Reconciler error” “error”=”no object matching key… Read More »

Jenkins: running workers in Kubernetes and Docker images build

27 February 2021
 

 We have a Jenkins instance that is running jobs in Docker containers on its host. Eventually, we’ve faced with an issue when the current AWS Ec2 instance t2.2xlarge (8 CPU, 32 RAM) during peak workload periods was too overloaded – not enough CPU time, not enough memory. So, the first solution could be to proceed… Read More »

Kubernetes: NGINX/PHP-FPM graceful shutdown and 502 errors

25 February 2021
 

 We have a PHP application running with Kubernetes in pods with two dedicated containers – NGINX и PHP-FPM. The problem is that during downscaling clients get 502 errors. E.g. when a pod is stopping, its containers can not correctly close existing connections. So, in this post, we will take a closer look at the pods’… Read More »

Kubernetes: load-testing and high-load tuning – problems and solutions

4 September 2020
 

 Actually, this post was planned as a short note about using NodeAffinity for Kubernetes Pod: But then, as often happens, after starting writing about one thing, I faced another, and then another one, and as a result – I made this long-read post about Kubernetes load-testing. So, I’ve started about NodeAffinity, but then wondered how… Read More »

Docker: configure tzdata and timezone during build

17 May 2020
 

 During a Docker image build – it stops asking to configure the tzdata. Dockerfile at this moment is the next: FROM ubuntu:18.04 RUN apt update && apt install -y python-pip python-dev ssh python-boto3 RUN pip install ansible==2.4.3.0 Let’s reproduce – run the build: And here it hangs waiting for us enter data, and even after… Read More »

Helm: helm-secrets – sensitive data encryption with AWS KMS and use it with Jenkins

16 May 2020
 

 So, as a follow-up to the Helm: Kubernetes package manager – an overview, getting started post – let’s discuss about sensitive data in our Helm charts. What I want is to store a chart files in a repository, but even if such a repo will be a private Github repo – I still don’t want… Read More »

AWS Elastic Kubernetes Service: a cluster creation automation, part 2 – Ansible, eksctl

1 May 2020
 

 The first part – AWS Elastic Kubernetes Service: a cluster creation automation, part 1 – CloudFormation. To remind the whole idea is to create an automation process to create an EKS cluster: Ansible uses the cloudformation module to create an infrastructure by using an Outputs of the CloudFormation stack created – Ansible from a template will… Read More »