Local CI/CD with Skaffold

The world of software development and how apps are run in production environments has come a long way over the years. Starting with bare metal physical servers, we evolved to virtual machines, onward to LXC, Docker daemons, and now our current state of container orchestration via things like Kubernetes. The other side of the world... … Continue reading Local CI/CD with Skaffold

Automating helm releases with helmfile & helmfile-deploy

If you deploy applications to Kubernetes, you probably have brushed shoulders with Helm charts and have likely even developed a chart on your own. Helm charts are a great way to custom tailor each installation/upgrade of a given application by dynamically generating all the Kubernetes YAML based on the set of values that you pass … Continue reading Automating helm releases with helmfile & helmfile-deploy

appconduits: manage custom Ingresses via Helm

Generally there are two large parts involved with making an application available on k8s (Kubernetes). First is deploying your service/application. Second is making it available on well known endpoints (i.e. via known FQDNs). In k8s there are many different approaches to handling the latter, however one popular way involves declaring and wiring up some combination … Continue reading appconduits: manage custom Ingresses via Helm

appdeploy: a helm chart for consistency

Moving your applications from a traditional architecture where your apps are directly installed on VMs to a container orchestration engine is a large task. Regardless of your orchestrator choice you are generally going to have to deal with the task of figuring out how to deliver your container's their required application specific configuration. App configuration … Continue reading appdeploy: a helm chart for consistency

Determining ingress host availability across Kubernetes clusters

Lets say you have two apps available at a.b.com and x.y.com and you have 3 available Kubernetes it could potentially be deployed on, clusterA, clusterB and clusterC. Generally upstream from your cluster LoadBalancers you will have another cloud load balancer device or you are just using some sort of DNS service to control what cluster LoadBalancer IPs are relevant for each application at any given time. To … Continue reading Determining ingress host availability across Kubernetes clusters

Validate chart installs with Helm Hook based health checks

"Validate chart installs with Helm Hook based health checks"... now that's a mouthful. While working on developing a set of pretty generic Helm charts to deploy various apps a specific need arose to validate that a chart installation or upgrade succeeded or failed. Given the apps being deployed by these charts all exposed some sort … Continue reading Validate chart installs with Helm Hook based health checks

Kubernetes vs Swarm: the most basic primer

Context Docker Swarm is a great orchestration tool for getting into container orchestration platforms and an excellent starting point for simple to moderately complex workloads and app deployment topologies. A lot of companies still use it, and it works pretty well for production workloads; however for long running clusters you may start to run into … Continue reading Kubernetes vs Swarm: the most basic primer

Batch processing testssl.sh commands

If you secure your entire infrastructure at the transport layer with end to end SSL for both internal and external traffic, then you likely have a ton of endpoints, each with their own SSL software stacks and a wide array of different certificates, some CA signed, others not etc. Both the amount of these and … Continue reading Batch processing testssl.sh commands

Migrating APIs to Tyk

In the recent past I was helping on a project who's objective was to migrate off of a very costly proprietary appliance based API gateway solution, and move into a cheaper alternative; preferably an open source api gateway offering. The main challenge was that a large percentage of the APIs to be migrated were legacy … Continue reading Migrating APIs to Tyk

Docker Swarm Traefik state analysis

Recently I've been working on a toolset (see github swarm-traefik-state-analyzer) intended to aid in the health analysis of Docker Swarm services that are proxied by Traefik in an Docker swarm footprint architecture I previously described in a previous post (click here to read). In short you have 1-N docker swarm clusters, each segmented into 1-2 … Continue reading Docker Swarm Traefik state analysis