Tag Archives: Kubernetes

ArgoCD: a Helm chart deployment, and working with Helm Secrets via AWS KMS

22 November 2020
 

 In the previous post ArgoCD: an overview, SSL configuration, and an application deploy we did a quick overview on how to work with the ArgoCD in general, and now let’s try to deploy a Helm chart. The most interesting part of this is how to enable the Helm Secrets. Had some pain with this, but… Read More »

ArgoCD: an overview, SSL configuration, and an application deploy

22 November 2020
 

 ArgoCD helps to deliver applications to Kubernetes by using the GitOps approach, i.e. when a Git-repository is used as a source of trust, thus all manifest, configs and other data are stored in a repository. It can b used with Kubernetes manifest, kustomize, ksonnet, jsonnet, and what we are using in our project – Helm-charts.… Read More »

Kubernetes: ServiceAccounts, JWT-tokens, authentication, and RBAC authorization

22 November 2020
 

  For the authentification and authorization, Kubernetes has such notions as User Accounts and Service Accounts. User Accounts – common user profiles used to access a cluster from the outside, while Service Accounts are used to grant access from inside of the cluster. ServiceAccounts are intended to provide an identity for a Kubernetes Pod to… Read More »

Kubernetes: update AWS Route53 DNS from an Ingress

22 November 2020
 

 We’d like to have the ability to add a DNS-record on the AWS Route53 when a Kubernetes Ingress resource is deployed and point this record to the URL of an AWS Load Balancer which is created by the ALB Ingress controller. To achieve this, the ExternalDNS can be used which will make API-requests to the… Read More »

Jenkins: Redis deployment, and Helm subchart values

1 November 2020
 

 The task is to create a Jenkins job to deploy Redis to Dev/Stage/Prod Kubernetes clusters. In the Redis: running Master-Slave replication in Kubernetes we did it manually to see how it’s working, now it’s time to automate it. The main question is how to pass parameters for different environments during the deployment? I’d like to… Read More »

Kubernetes: Service, load balancing, kube-proxy, and iptables

1 November 2020
 

 One day I wondered – how is load balancing between pods is working in Kubernetes? I.e. – we have an external Load Balancer. Then a Service. And behind it – Pods. What happens when we are receiving a network packet from the world, and we have a few pods – how the traffic will be… Read More »

Kubernetes: running SQL migrations with Kubernetes Job and Helm hook

27 October 2020
 

 We have a project running in Kubernetes that needs to run SQL migrations during deployment. To run migrations need to clone a Github repository and run actually migrations stored in it. Currently, this is done with Kubernetes initContainers , and there are two of them – the first one with git clones the repository with… Read More »

Helm: reusable chart – named templates, and a generic chart for multiple applications

20 October 2020
 

 Our project is growing, and more and more applications are started on the AWS Elastic Kubernetes Service. Finally, we’ve faced with the question already mentioned in the Helm: пошаговое создание чарта и деплоймента из Jenkins (Rus) – what to do with Kubernetes manifests and Helm templates when using a lot of similar applications? Especially now,… Read More »

Kubernetes: AWS ALB Ingress Controller – add redirect to another domain

9 October 2020
 

 We have an application – an old version, and a new one, and two domains for them. The application is working on AWS Elastic Kubernetes Service, behind an AWS LoadBalancer created with AWS ALB Ingress Controller. The task is to create a redirect from the old domain’s Ingress to a new LoadBalancer: old URL: dev.api.old-example.com… Read More »