I spent more than 8 years retenlessly working between software development, Cloud Operations, Release Engineering then Architecting. People are thirsty to see DevOps at the ground. I let our directors / VPs breathe with me “DevOps”, not just to talk about it… i am here to share the whole experience practically
Challenge: public hostname will be accessed is not mentioned in api-server certificate as SAN :
Each system can produce data, consume data or both.
Integrating between systems becomes a must.
If system A produces data, and System B & C needs this data, you will have to integrate A +B , then A+C.
Integrating systems costs a lot with this way ( i mean two by two).
- Imagine you have 4 tools, the number of possible integration between every two is : C(4,2) = 6
- Imagine you have 10 tools, the number of possible integration between every two is : C(10,2) = 45
Note: C(n,k) is a maths formula, check it here: https://www.calculatorsoup.com/calculators/discretemathematics/combinations.php
There are two ways:
In json format (but very long output)
ceph osd cursh dump
Or in plain text format ( but easy to read)
ceph osd getcrushmap | crushtool -d -
we recommend to use Gluster native client which is “glusterfs-fuse”. However, if you still insist to use NFS protocol, the article is written for that purpose.
There are a lot of ways to secure a container image for runtime :
I search on a Nginx image that complies with these criteria,
I found 2 images however .. :
Spending a lot of time to find the best memory-optimized instance but also it should have amd64 as architecture because the current version of EKS is not well compatible with arm64 cpu architecture.
The happy day came when i visited the home page of this software :
ec2-instance-selector --memory 16 --vcpus 4 --cpu-architecture amd64 -r ap-southeast-1
install yq CLI then :
yq r application.yaml --printMode pv "**" | sed 's/: /=/' > application.properties
Details ? check ; https://stackoverflow.com/a/63098014/747579
May 28 2020, It was a hard day. Indeed. The famous public container registry, quay.io , was down for several hours.
The same day, we decided to upgrade the EKS Kubernetes cluster from 1.14 to 1.15
While rolling out the upgrade by terminating some worker nodes and let the autoscaling group spin off new nodes, the incident occurs.
Indeed, the Main router of all user requests ( Ingress Controller) cannot run on any node with the error ImagePullBackOff
After some investigation, I realized that all pods with images from quay.io are not downloadable.
I’ve checked quay.io , and it…