The blackbox-exporter is an exporter that can monitor various endpoints – URLs on the Internet, your LoadBalancers in AWS, or Services in a Kubernetes cluster, such as MySQL or PostgreSQL databases. Blackbox Exporter can give you HTTP response time statistics, response codes, information on SSL certificates, etc. What are we going to do in this… Read More »
We have Grafana Loki for logs and need to connect an AWS IAM Role with AWS IAM Policy, which gives access to an AWS S3 bucket where Loki’s chunks and indexes will be stored. IAM roles for Kubernetes Pods will work in the same way as IAM roles to EC2 instances: a process inside… Read More »
Pritunl is a VPN server with a bunch of advanced security and access control features. In fact, it is just a wrapper over OpenVPN, adding such Access Control Lists to it in the form of Organizations, users, and routes. The task is to deploy a Pritunl test instance in Kubernetesб so we can take a… Read More »
After running Pritunl in Minikube, it is not possible to connect to the VPN: … 2022-10-03 13:50:32 TCP/UDP: Preserving recently used remote address: [AF_INET]194.168.3.100:1194 2022-10-03 13:50:32 UDP link local: (not bound) 2022-10-03 13:50:32 UDP link remote: [AF_INET]194.168.3.100:1194 … Check its Kubernetes Service: [simterm] $ kubectl -n pritunl-local get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)… Read More »
So, we’ve launched Druid, see Apache Druid: Overview, Running in Kubernetes, and Monitoring with Prometheus . So far, a local Apache Derby database is used as the default storage for metadata . Next, we will switch Druid to PostgreSQL, and later we will remove ZooKeeper from the cluster setup. To begin with, let’s start a PostgreSQL cluster in Kubernetes,… Read More »
Apache Druid is a columnar database, focused on working with large amounts of data, combining the features and benefits of Time-Series Database, Data Warehouse, and a search engine. The general task is to set up monitoring of the Druid cluster in Kubernetes, so at first, we will see what it is in general and how… Read More »
One of the most valuable features of the kubectl utility is its plugins. Of course, there are things like Lens, widely used by developers who don’t like working in the terminal, or tools like k9s, but kubectl‘s plugins worth for a dedicated post. So, in this post, we will install Krew – kubectl‘s plugins manager,… Read More »
We have Github runners in our AWS Elastic Kubernetes service cluster, that are used to build Docker images and deploy them with Helm or ArgoCD. On the first helm install run in a Github runner’s Pod, we are getting the “x509: certificate signed by unknown authority” error: [simterm] # helm –kube-apiserver=https://kubernetes.default.svc.cluster.local list Error: Kubernetes cluster unreachable:… Read More »
AWS WAF (Web Application Firewall) is an AWS service for monitoring incoming traffic to secure a web application for suspicious activity like SQL injections. Can be attached to an AWS Application LoadBalancer, AWS CloudFront distribution, Amazon API Gateway, and AWS AppSync GraphQL API. In case of finding any request that sits WAF’s rules, it… Read More »
One of the goals of the ArgoCD implementation in our project is to use new Deployment Strategies for our applications. In this post, we will observe deployment types in Kubernetes, how Deployment is working in Kubernetes and a quick example of the Argo Rollouts. Deployment Strategies and Kubernetes Let’s take a short overview of the… Read More »