Ramblings of a cloud engineer

Diff check and manifest generation GitHub Actions For Go projects it’s crucial that you don’t forget to run go mod tidy from time to time. Combine that with a project that includes Kubernetes controllers and the other thing people tend to forget is running make manifest && make generate. To check for these I added a small GitHub action that looks like this: name: Check for diff after manifest and generated targets on: pull_request: {} jobs: diff-check-manifests: name: Check for diff runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: Make manifests && generate run: | make manifests && make generate - name: Setup Go uses: actions/setup-go@v3 with: go-version-file: '${{ github....

Digital and analog notes together This fight is as old as time itself. Okay, maybe not that old. But as soon as viable digital note-taking tools appeared it was on. Since then, many solutions that live together have appeared. PKM tools like Second Brain running hand-in-hand with Zettelkasten or BuJo have opened my eyes to combining them in a way that makes the outcome more powerful than each alone would be....

Adding a certificate to a GitHub runner Imagine having a project where you have a server that you would like to run with TLS. Let’s say, you want to run a Docker registry in a cluster using TLS. You need the generated certificate’s root certificate in the trust store of the GitHub action runner. This is simple with mkcert. The action is simple: name: tests on: pull_request: paths-ignore: - 'CODE_OF_CONDUCT.md' - 'README....

Well, the previous post was a lie ( or rather a copy and paste error ).

Hello dear reader. I switched to a new theme that has Dark Mode. I’m hoping nothing changed regarding the RSS functionality. I removed the comments because I rarely used them. Also disabled any sort of tracking. Enjoy, Gergely.

Hello dear reader. I switched to a new theme that has Dark Mode. I’m hoping nothing changed regarding the RSS functionality. I removed the comments because I rarely used them. Also disabled any sort of tracking. Enjoy, Gergely.

Welcome dear reader. When last we met, we talked a lot about setting up Tilt for rapid controller development. Now, let’s see how powerful Tilt can be once we bring it together with Kubernetes’ e2e-framework. Controller E2E Framework I’d like to present my controller-e2e-framework which brings Tilt and e2e-framework together to easily write and run tests for controllers that work together. This framework can be used to integration test or e2e test controllers that work together....

Welcome dear reader. Today, we are going to dive into how to use Tilt to speed up the feedback loop of developing a Kubernetes controller. We are going to do that using an open-source project called OCM which has a controller called ocm-controller. I’m going to walk through the following process: researching tilt what it could do for me understanding the Tilt file trivial mapping of the developer process understanding Starlark adding more features tackling hot swapping troubleshooting Let’s dive in....

You can see, I wasn’t able to decide on a title. That’s because I wanted to express more than a “How to get started with Journaling” kind of vibe. There are a lot of posts about that already. Rather, this post depicts my struggle to get into this habit. TL;DR It turned out that it took way too long to get into writing a simple entry with too many steps. Taking out a notebook and starting to write is a lot faster and cheaper....

Hello. This one is a quick update. Just a showcase really. I wrote a tool to generate a sample YAML file from a CRD. Given a CRD like this one, it would output a generate yaml sample like this: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: AWSCluster metadata: {} spec: additionalTags: {} bastion: allowedCIDRBlocks: ["string"] ami: string disableIngressRules: true enabled: true instanceType: string controlPlaneEndpoint: host: string port: 1 controlPlaneLoadBalancer: additionalSecurityGroups: ["string"] crossZoneLoadBalancing: true healthCheckProtocol: string name: string scheme: string subnets: ["string"] identityRef: kind: AWSCluster name: string imageLookupBaseOS: string imageLookupFormat: string imageLookupOrg: string network: cni: cniIngressRules: - description: string fromPort: 1 protocol: string toPort: 1 securityGroupOverrides: {} subnets: - availabilityZone: string cidrBlock: string id: string ipv6CidrBlock: string isIpv6: true isPublic: true natGatewayId: string routeTableId: string tags: {} vpc: availabilityZoneSelection: string availabilityZoneUsageLimit: 1 cidrBlock: string id: string internetGatewayId: string ipv6: cidrBlock: string egressOnlyInternetGatewayId: string poolId: string tags: {} region: string s3Bucket: controlPlaneIAMInstanceProfile: string name: string nodesIAMInstanceProfiles: ["string"] sshKeyName: string status: bastion: addresses: - address: string type: string availabilityZone: string ebsOptimized: true enaSupport: true iamProfile: string id: string imageId: string instanceState: string networkInterfaces: ["string"] nonRootVolumes: - deviceName: string encrypted: true encryptionKey: string iops: 1 size: 1 throughput: 1 type: string privateIp: string publicIp: string rootVolume: deviceName: string encrypted: true encryptionKey: string iops: 1 size: 1 throughput: 1 type: string securityGroupIds: ["string"] spotMarketOptions: maxPrice: string sshKeyName: string subnetId: string tags: {} tenancy: string type: string userData: string volumeIDs: ["string"] conditions: - lastTransitionTime: string message: string reason: string severity: string status: string type: string failureDomains: {} networkStatus: apiServerElb: attributes: crossZoneLoadBalancing: true idleTimeout: 1 availabilityZones: ["string"] dnsName: string healthChecks: healthyThreshold: 1 interval: 1 target: string timeout: 1 unhealthyThreshold: 1 listeners: - instancePort: 1 instanceProtocol: string port: 1 protocol: string name: string scheme: string securityGroupIds: ["string"] subnetIds: ["string"] tags: {} securityGroups: {} ready: true The link to the repo is here....