Pirate Makers

Pirate Makers https://piratemakers.ca/ Recent content on Pirate Makers Hugo -- gohugo.io en <a href="https://creativecommons.org/licenses/by-nc/4.0/" target="_blank" rel="noopener">CC BY-NC 4.0</a> Tue, 30 Apr 2024 10:32:36 -0400 Adding color-blind themes to Kubecolor to make Kubernetes more inclusive https://piratemakers.ca/posts/2024/04/adding-color-blind-themes-to-kubecolor-to-make-kubernetes-more-inclusive/ Tue, 30 Apr 2024 10:19:04 +0000 https://piratemakers.ca/posts/2024/04/adding-color-blind-themes-to-kubecolor-to-make-kubernetes-more-inclusive/ Kubcolor is a thin wrapper over the kubectl command that adds coloring to the output. I cloned the project and started maintaining it back in 2022 when the original author wasn’t active anymore. KubeColor can reformats the output of most kubectl commands to add colors and clarity. It makes it so easier to read the output that I still don’t understand that it’s not more widely used. I actually gave a lightning talk about it at the KubeCon’s Cloud Native Reject Europe 2024 in Paris if you want a video pitch. Crossplane: review after 1.5 years https://piratemakers.ca/posts/2024/02/crossplane-review-after-1.5-years/ Tue, 20 Feb 2024 20:05:56 +0000 https://piratemakers.ca/posts/2024/02/crossplane-review-after-1.5-years/ So, a year and a half ago, I wrote Playing with Crossplane, for real blog post (link to the Medium original version). This blog post was relating a real POC I did for my company, where I was pushing for using ArgoCD and Crossplane to handle our infrastructure in place of Terraform. As you may have read, the outcome wasn’t exactly what I thought. I got contacted by Crossplane CEO, who shared my blog post to the Upbound team. ArgoCD Appset-of-Appset Pattern https://piratemakers.ca/posts/2024/01/argocd-appset-of-appset-pattern/ Wed, 10 Jan 2024 14:31:56 +0000 https://piratemakers.ca/posts/2024/01/argocd-appset-of-appset-pattern/ We all know the App-of-Apps pattern, where one repo contains many other ArgoCD Applications. While testing how to add my Kubernetes Cluster’s Addons using ArgoCD, which represents all the apps mandatory in all clustets, like crossplane, prometheus (victoriaMetrics), exporters…, I came to test a “new” pattern: AppSet-Of-AppSet. This is a quick post going over my experiements. It is not a howto, or a suggestion to go this route, it’s just a test. Docker.io & OpenSource Fail (and what to do instead) https://piratemakers.ca/posts/2022/11/docker.io-opensource-fail-and-what-to-do-instead/ Tue, 29 Nov 2022 14:31:56 +0000 https://piratemakers.ca/posts/2022/11/docker.io-opensource-fail-and-what-to-do-instead/ Ah Docker… what a sad story… The coolest and most promising openSource project, used by millions, and not able to make any profit out of it… After a split of the many different parts of Docker, there was a move to finally try to make money with Docker Hub and Docker-For-Desktop. Good or bad, I don’t know. What I know is that many openSource alternatives to Docker-For-Desktop now exist, and work perfectly, at least on macs, even on new M1/M2 processors. Playing with Crossplane, for real https://piratemakers.ca/posts/2022/08/playing-with-crossplane-for-real/ Wed, 24 Aug 2022 18:27:29 +0000 https://piratemakers.ca/posts/2022/08/playing-with-crossplane-for-real/ It’s 2022 ! We all know about the necessity of creating your Infra AS CODE. I guess we can all agree that Terraform (TF) is the leader in this field. that said, TF is far from easy to use. This is actually not the fault of TF itself (or its parent company, Hashicorp), but to the fact that each provider is so specific that it’s impossible to build up something clean out of it. Playing with Dasel https://piratemakers.ca/posts/2022/06/playing-with-dasel/ Thu, 30 Jun 2022 15:19:54 +0000 https://piratemakers.ca/posts/2022/06/playing-with-dasel/ Lately I worked on deprecated and deleted APIS from Kubernetes cluster for migration from version 1.20 and 1.21 to 1.22 (or 1.23). To do so, I used the famous KubePug tool, specifically the Krew plugin. As I have a bunch of clusters I used some dirty for loops , but here’s the global KubePug usage: kubectl deprecations --k8s-version=v1.23.0 --format json --context ${my_cluster_name} | jq '.' > kubepug_output.json The output file, PrettyPrinted, look something like: Kubernetes tooling and shell setup https://piratemakers.ca/posts/2022/03/kubernetes-tooling-and-shell-setup/ Tue, 29 Mar 2022 16:54:21 +0000 https://piratemakers.ca/posts/2022/03/kubernetes-tooling-and-shell-setup/ How to be productive fast with Kubernetes Updates: 20220410: added some Dasel examples 20220410: I’ll be giving a talk about this post April the 12th at the Canadian CNCF and Kubernetes meetup: https://lnkd.in/ep9yaj6Z 20220412: add commands to build a patched kubecolor 20220413: recording of the K8s/CNCF CANADA Meetup talk A ton of writing had been done about how to setup your shell and all the tooling that goes with it to use Kubernetes. Prometheus-Operator and Istio Telemetry V2 https://piratemakers.ca/posts/2020/08/prometheus-operator-and-istio-telemetry-v2/ Fri, 07 Aug 2020 00:52:19 +0000 https://piratemakers.ca/posts/2020/08/prometheus-operator-and-istio-telemetry-v2/ Starting Istio 1.4 and up, the way the Observability metrics are created, exchanged and scraped changed. Here is how I configure Prometheus-Operator resources to scrape metrics from Istio 1.6 and install latest Grafana Dashboards ServiceMonitor Prometheus-Operator is far more dynamic than the default Prometheus install. It adds some CRD to dynamically and transparently re-configure your Prometheus cluster. A ServiceMonitor is a resource describing which pods to scrape based on a Service. Understanding Istio and TCP services https://piratemakers.ca/posts/2020/08/understanding-istio-and-tcp-services/ Thu, 06 Aug 2020 23:41:53 +0000 https://piratemakers.ca/posts/2020/08/understanding-istio-and-tcp-services/ overview I lately came across an Istio setup where both the downstream (client) and the upstream (server) were using the same sets of ports: port 8080 for HTTP protocol port 5701 for Hazelcast protocol, a Java based memory database embedded in the pod’s workload, using TCP The setup is presented here: In theory, two types of communications happens: each Hazelcast database (the red and purple cylinders) talk to each other on port 5701 using TCP protocol. Laser Post-Processor for Fusion 360 that works on Shapeoko https://piratemakers.ca/posts/2020/04/laser-post-processor-for-fusion-360-that-works-on-shapeoko/ Sat, 11 Apr 2020 18:29:43 +0000 https://piratemakers.ca/posts/2020/04/laser-post-processor-for-fusion-360-that-works-on-shapeoko/ bought a 10W+ Endurance Laser last year. This is an addon to mount on my Shapeoko3 CNC. It’s really easy to setup as you only have to attach it on your spindle and connect it to the PWM port of the Shapeoko controler. Don’t forget to unplug your spindle :) I mostly use Autodesk Fusion 360 when I create my CNC projects, and sadly, I found no post-processor that could create Gcode files compatible with the Shapeoko 3 (GRBL). Banzaicloud Kafka Operator and Broker AutoScaling https://piratemakers.ca/posts/2019/10/banzaicloud-kafka-operator-and-broker-autoscaling/ Thu, 03 Oct 2019 16:34:43 +0000 https://piratemakers.ca/posts/2019/10/banzaicloud-kafka-operator-and-broker-autoscaling/ The new Kafka Operator from BanzaiCloud includes a neat feature : a Prometheus AlertManager that can receive alerts from your global Prometheus cluster. In this poste we’re going to see how to use your own Prometheus cluster deployed using the Prometheus Operator. EDIT also check my previous article on the Banzaicloud Kafka Operator EDIT : CC only trigger rebalance in an UPscale/DOWNscale operation. It’s the operator that create the new brokers. BanzaiCloud Kafka Operator tour https://piratemakers.ca/posts/2019/10/banzaicloud-kafka-operator-tour/ Tue, 01 Oct 2019 19:29:00 +0000 https://piratemakers.ca/posts/2019/10/banzaicloud-kafka-operator-tour/ Welcome to the Kafka Operator (Magical) Mystery tour ! I’m sure the Beatles would have rebranded the song if they were still here to see how BanzaiCloud team finally rocked the Kafka Operator world ! They also did a good job of branding it, so I won’t dive into “why this another Kafka Operator is better than the others”. I can assure it is ! Just check : https://banzaicloud.com/products/kafka-operator/ https://banzaicloud. Using Jsonnet does not have to be complex https://piratemakers.ca/posts/2019/06/using-jsonnet-does-not-have-to-be-complex/ Tue, 04 Jun 2019 19:25:40 +0000 https://piratemakers.ca/posts/2019/06/using-jsonnet-does-not-have-to-be-complex/ In this Post I’ll try to explain what I’ve set up to generate Kubernetes manifests for all my Micro-Services using Jsonnet. Kubernetes / Jsonnet The obvious gain you have when using Jsonnet is that you template JSON files instead of YAML. While YAML is easier to read by humans, it is far less computational friendly. There’s a must read about that : Lee Briggs post about “Why the fuck are we templating YAML” Micro-Services deployment as Snapshots https://piratemakers.ca/posts/2019/06/micro-services-deployment-as-snapshots/ Tue, 04 Jun 2019 15:28:58 +0000 https://piratemakers.ca/posts/2019/06/micro-services-deployment-as-snapshots/ In this article you’ll learn how we bundle our Micro-Services in Snapshots, targeting deployment in Kubernetes. Micro-Services Now we have cut our old monolith into a lot of small micro-services, we need to deploy them. You think, well, your CI build the micro-service when someone commit a change, and your CD deploy it. Yeah. When your project start growing, you end up with a lot of micro-services. If you’re lucky and smart enough, your services API will not change, AT ALL, and all your micro-services are back and forth compatible with each others. Istio 1.1.7 + Let’s Encrypt : WORKING ! https://piratemakers.ca/posts/2019/05/istio-1.1.7--lets-encrypt-working/ Wed, 22 May 2019 13:01:42 +0000 https://piratemakers.ca/posts/2019/05/istio-1.1.7--lets-encrypt-working/ It’s been almost a year since I first wrote about using Let’s Encrypt SSL Certificates with Istio, 0.8.0 at this time. Then I blogged again when Istio 1.0.2 came out. I had to build an Operator, Cert-Merge, to allow to merge all the SSL certificates created in many Secrets by Cert-Manager into ONE single secret that Istio’s Gateway could use. While building this Operator was cool, and I learnt a lot by this time, I knew this was a temporary solution, a highly insecure one. Istio 1.0.2 (Envoy) + Cert-Manager + Let’s Encrypt for TLS + Certificate Merge https://piratemakers.ca/posts/2018/11/istio-1.0.2-envoy--cert-manager--lets-encrypt-for-tls--certificate-merge/ Wed, 07 Nov 2018 17:38:31 +0000 https://piratemakers.ca/posts/2018/11/istio-1.0.2-envoy--cert-manager--lets-encrypt-for-tls--certificate-merge/ Recap I already talked about Istio + Cert-Manager in part one and part two. In the meantime Istio went to release 1.0, lastly 1.0.3. While this version improves a lot of things and finally get rid of some nasty bugs when using gRPC (HTTP2) Streams, there’s still no improvement on the Ingress Gateway SSL Management. Let me remind you : Cert-Manager only create TLS Secrets, which are a kind of Secret that only contains a crt and key file. Istio 0.8.0 (Envoy) + Cert-Manager + Let’s Encrypt for TLS https://piratemakers.ca/posts/2018/06/istio-0.8.0-envoy--cert-manager--lets-encrypt-for-tls/ Tue, 26 Jun 2018 18:57:13 +0000 https://piratemakers.ca/posts/2018/06/istio-0.8.0-envoy--cert-manager--lets-encrypt-for-tls/ A few months back I wrote a blog post on how to use Cert-Manager to provide SSL certificates for Istio. Since then, Istio reached version 0.8.0 and changed the Ingress API to a new version using Kubernetes Custom Resources. It is called the Route Rules v1alpha3. What have changed ? Istio had a great blog post about it here. To sum it up quickly, instead of using Ingress manifests with annotations, you now have to define a Gateway, which defines the Layer 4 configuration, and a VirtualService which is the Layer 6/7 part. Istio (Envoy) + Cert-Manager + Let’s Encrypt for TLS https://piratemakers.ca/posts/2018/01/istio-envoy--cert-manager--lets-encrypt-for-tls/ Tue, 23 Jan 2018 23:12:08 +0000 https://piratemakers.ca/posts/2018/01/istio-envoy--cert-manager--lets-encrypt-for-tls/ Updates 1 Thanks to comments by Laurent Demailly, here are some updates. This article have been updated accordinately : there is now an official Helm Chart for Cert-Manager Istio Ingress also support GRPC, which is based on HTTP/2 Update 2 (2018–06–26) I made a new post to use Cert-Manager with Istio 0.8.0 here. Istio Istio is a part of a new way to manage the flow of data in your Microservice world. What nobody tells you about Kubernetes https://piratemakers.ca/posts/2017/07/what-nobody-tells-you-about-kubernetes/ Tue, 18 Jul 2017 12:03:59 +0000 https://piratemakers.ca/posts/2017/07/what-nobody-tells-you-about-kubernetes/ This is a first post in a long serie to come about what you never heard and maybe never thought about when using K8s (Kubernetes), and maybe other orchestration tools. I’ve been using Kubernetes for a long time. In fact, at some point, I decided not to use K8s for the company I was working for, because it was too new, unstable, not easy to deploy… At this time, I also decided not to use Marrathon, which was brand new and too linked to the (crappy) Mesos/Hadoop ecosystem (it’s better now with DC/OS). About https://piratemakers.ca/about/ Mon, 01 Jan 0001 00:00:00 +0000 https://piratemakers.ca/about/ Why Pirate Because Pirates are free people which values friendship and freewill ! Who are the Pirate Makers At the moment, only Prune is onboard. Thanks for reading!