MFA Generator in External Secrets Operator Today, I’m happy to announce that external-secrets-operator will have an MFA / TOTP token generator once this PR is merged and released. This opens up some exciting new features. For example, imagine having an AWS session that requires MFA, or you have an Azure flow that requires a TOTP token. Now, you can achieve that using automation and an MFA generated in a secret. Just define a generator: ...
In-depth look at CRDs and how they work under the hood Today, we are going to walk through how a CRD looks like, what it does, what it contains, how it works and how it alters Kubernetes. The design, the api extension and links and snippets to the code ( accurate at the time of writing ) where it happens. Let’s dive in. What are CRDs CRDs as described in the official Kubernetes Documentation page are objects that can extend the API of Kubernetes. ...
Update your CRDs with confidence Hello. I would like to write about a release for crd-to-sample-yaml1. It’s the release version v0.8.02. This version brings with it a feature to test the validity of your CRD changes. It means that if you change your CRD it will test if the changes do not break working samples of that version. This is achieved by a helm unittest type of YAML based test scenarios and snapshot generation. ...
Self-Signed locally trusted certificates with cert-manager We are going to discuss how to set up a Kubernetes environment where components can run using HTTPS without pain. Premise Usually, people either generate certificates outside the cluster using either openssl, or mkcert, then mount them in or use those as seeds for further generation. This poses a number of problems during testing and distribution of these certificates. And then, switching to production, it proves that local certs will either no longer work or pose even more problems in getting them properly distributed again. ...
Well, the previous post was a lie ( or rather a copy and paste error ).
Hello dear reader. I switched to a new theme that has Dark Mode. I’m hoping nothing changed regarding the RSS functionality. I removed the comments because I rarely used them. Also disabled any sort of tracking. Enjoy, Gergely.
Hello dear reader. I switched to a new theme that has Dark Mode. I’m hoping nothing changed regarding the RSS functionality. I removed the comments because I rarely used them. Also disabled any sort of tracking. Enjoy, Gergely.
Welcome dear reader. When last we met, we talked a lot about setting up Tilt for rapid controller development. Now, let’s see how powerful Tilt can be once we bring it together with Kubernetes’ e2e-framework. Controller E2E Framework I’d like to present my controller-e2e-framework which brings Tilt and e2e-framework together to easily write and run tests for controllers that work together. This framework can be used to integration test or e2e test controllers that work together. They set up some kind of ref connection between certain objects and perform some operation on said object. ...
Welcome dear reader. Today, we are going to dive into how to use Tilt to speed up the feedback loop of developing a Kubernetes controller. We are going to do that using an open-source project called OCM which has a controller called ocm-controller. I’m going to walk through the following process: researching tilt what it could do for me understanding the Tilt file trivial mapping of the developer process understanding Starlark adding more features tackling hot swapping troubleshooting Let’s dive in. ...
Intro Welcome. This is a longer post about how to deploy a Go backend with a React frontend on Kubernetes as separate entities. Instead of the usual compiled together single binary Go application, we are going to separate the two. Why? Because usually a React frontend is just a “static” SPA app with very little requirements in terms of resources, while the Go backend does most of the leg work, requiring a lot more resources. ...