Spotted this on terraform-provider-kubectl
Turns out you can create a template for go configuration which will add some Env vars and other settings. Very useful if you have multiple test which you want to debug /run which have some env var prerequisites.
1<component name="ProjectRunConfigurationManager"...Scenario: you have one (or more) services running at your home which you would like to expose on the internet. Sadly, you are also behind a dynamic dns and your ip can change in any moment.
Sure, you can use one of public dynamic dns providers such as no-ip or zoneedit, but what if you don’t want to depend on dns...
A lot of times (especially when working with kubernetes) happens that you need to extract certain arguments with one command and use them in the middle of another. A quick way to deal with it is through usage of xargs with -I arg.
For example:
kubectl get ns -o name | xargs -I "{}" kubectl label {}...
If you are using finalizers in your argo-cd applications, you may find that it’s impossible to delete them if argo-cd installation is broken.
In order to fix it, you can either update them one by one with kubectl edit and remove the finalizer tag, or you can run following command which will patch all argocd...
One of the biggest annoyances while using aws cli for me was the fact that the command’s output was not printed to standard stdout but it was opened in less like session, which was very annoying if you needed to copy several entries from the output result.
The process of installing gitlab runner on the osx is pretty straightforward and well documented on official Gitlab documentation , however what I find lacking, is the configuration part where you define your actual runners.
So this is a small write up about the whole process which hopefully save me and you some time in the future
IRSA (IAM role for service account) is a very useful tool which permits us to provide AWS permissions to the containers in any pod that uses that service account. This enables us to give a very granular permission setting for specific service accounts and remove most of the headache related to authentication and persisting of secrets.
Below a quick snippet of how to create such mechanism.
Neat example of how we can use terraform http data source to wait for our kubernetes cluster to come up with a healthy state (shamelessly taken from some github repo)
When working with EKS under AWS, it’s possible that at some point you wanted to run a pod under a certain role, and you’ve encountered a following error:
An error occurred (AccessDenied) when calling the AssumeRoleWithWebIdentity operation: Not authorized to perform sts:AssumeRoleWithWebIdentity
What’s frustrating, is that by default AWS doesn’t provide you a lot of feedback of why that error happened.
So I’ve written down some debug steps for further reference:
If you are running docker with default settings, you will probably find one day that the disk space on your machine begin to approach 100% state.
That’s because by default, docker will log all stdout from the containers to a log files, and it won’t rotate nor trim them.
Luckily there is a quick solution to that