Tuan Anh

container nerd. k8s || GTFO

kube-monkey

kube-monkey is an implementation of Netflix’s Chaos Monkey for Kubernetes clusters. It randomly deletes Kubernetes pods in the cluster encouraging and validating the development of failure-resilient services.

Netflix’s Chaos Monkey for Kubernetes

link bài gốc

Automate Let's Encrypt certificate genernation for Kubernetes Ingress

Kube-Lego automatically requests certificates for Kubernetes Ingress resources from Let’s Encrypt

You can find complete example how to use this with GCE here

link bài gốc

mycli

A Terminal Client for MySQL with AutoCompletion and Syntax Highlighting.

I can’t recommend this enough! Insanely useful tool.

link bài gốc

Sharing secret data in Kubernetes

  • I’ve seen people bundle config file within source code.
  • I’ve seen people bundle config when building Docker images.

PLEASE DON’T.

Just use secrets / environment variables.

Here is a very detail tutorial on how to share secret data in Kubernetes.

link bài gốc

Distelli - Your DevOps Dashboard for Kubernetes

Your DevOps Dashboard for Kubernetes

I’ve been looking for CI/DI that would complete the Kubernetes setup. This looks like a good fit for it.

link bài gốc

Using squid proxy to bypass 3rd party API IP whitelisting

At work, I have to work with many 3rd party supplier API which requires IP whitelisting. This is becoming an issue when we need to autoscale using multiple Kubernetes nodes.

There are several ways to deal with this

  • Use NAT gateway to forward all outgoing traffic to the gateway
  • Use a proxy like Squid

I went with Squid since it’s much easier. Tinkering with network setting is nightmare for me.

You can follow the tutorial here on Google Cloud Documentation and then export these environment variables below in your Kubernetes nodes / Docker container.

export http_proxy="http://<proxy-ip>:3128"
export https_proxy="http://<proxy-ip>:3128"
export ftp_proxy="http://<proxy-ip>:3128"
export no_proxy="169.254.169.254,metadata,metadata.google.internal"

You can verify if it’s working properly by checking the public IP address of the node afterward by curl ifconfig.me.

Also, package like request does respect HTTP_PROXY and HTTPS_PROXY so you probably don’t have to make any changes to the existing code base.


Getting started with Kubernetes

Just some of my notes while learning about Kubernetes. I use Google Compute Engine to install mine.

Installation

To install Kubernetes, it’s as easy as copy and paste the below command

curl -sS https://get.k8s.io | bash

If you want to customize some default options, you can edit environment variables

curl -sS https://get.k8s.io | MULTIZONE=true KUBERNETES_PROVIDER=gce KUBE_GCE_ZONE=asia-east1-b NUM_NODES=4 bash

There’re more environment variables that you can take a look in kubernetes/cluster/gce/config-default.sh

It’s recommended to export it to environment instead of passing it to the command as above as taking the cluster down will be easier.

export KUBERNETES_PROVIDER=gce
export KUBE_GCE_ZONE=asia-east1-b
export NODE_SIZE=n1-highcpu-2
export MULTIZONE=true
export NUM_NODES=2
export KUBE_AUTOSCALER_MIN_NODES=2
export KUBE_AUTOSCALER_MAX_NODES=10
export KUBE_ENABLE_CLUSTER_AUTOSCALER=true
export PREEMPTIBLE_NODE=true

Add more nodes to cluster

KUBE_USE_EXISTING_MASTER=true KUBERNETES_PROVIDER=gce KUBE_GCE_ZONE=asia-east1-b NUM_NODES=2 ./kube-up.sh

Bring down cluster

KUBERNETES_PROVIDER=gce KUBE_GCE_ZONE=asia-east1-b ./kube-down.sh

Deploying applications on Kubernetes

We use Docker at work and deploying Docker containers in Kubernetes is a breeze.

docker build -t gcr.io/$PROJECT_ID/app-name:v1 .
gcloud docker push gcr.io/$PROJECT_ID/app-name:v1

# update
kubectl rolling-update <replication-controller> --image=gcr.io/$PROJECT_ID/app-name:v2

Expose the service to external

kubectl expose deployment <deployment-name> --type="LoadBalancer"

Enable autoscale

kubectl autoscale rc <replication-controller> --min 3 --max=10 --cpu-percent=60

The state of tiling window manager for OS X

kwm seems to be the best - feature-wise but it requires too many hacking to be done. I’ve given up at some point and just went back with Amethyst. Slate and Hammerspoon aren’t really what I’m looking for.


Should I use yarn?

Myles Borins (@thealphanerd) recently ran citgm with yarn, and shared the results. It was 25 minutes faster than npm, but 20 modules failed to install. Yarn is not a drop in replacement.

Some areas where issues arise:

  • Reliance on npm-shrinkwrap.json
  • Private modules on npm
  • Modules backed by self-signed certificates
  • Exotic dependencies declarations like .zip or shorthand urls
  • Edge case issues on specific OSes, like Windows
  • Pre- and post-script hooks don’t work like they do in npm
  • Scripts that rely on npm environmental variables
link bài gốc

Breaking changes between v4 LTS and v6 LTS

I’ve just migrated 4 big applications at work from Node.js v4 to Node.js v6 LTS. 3 of them require some little changes and 1 with no changes at all since it’s using Babeljs.

You can view the complete list of breaking changes from v4 to v6 here on GitHub.

link bài gốc