Sam McGeown

When I deploy a new service into a namespace, I need to create a new DNS record that makes it available. I’ve previously talked about using CoreDNS to host my lab DNS zones, but this is something different. I want to make a Kubernetes Service available using an existing Microsoft DNS server - which is already used by all the clients who would need to access the service.

To do this I will create a delegated zone under my existing zone cmbu.local that CoreDNS will be responsible for. Then I will use the k8s_gateway plugin to automatically create records for Services provisioned within my zone.

To generate a basic authentication header from a username and password in Code Stream you could use a CI task and execute echo -n username:password | base64 in the shell then export the result for use later on. A more repeatable way is to create a Custom Integration that takes the two inputs, and returns the encoded header as an output.

To create the Custom Integration:

1. Create a new Custom Integration named “Create Basic Authentication Header”
2. Select the Runtime - the examples below are shell and python3 respectively
3. Replace the placeholder code with the example from below
4. Save and version the Custom Integration, ensuring you eanble the “Release Version” toggle

To use the Custom Integration in a pipeline:

As more services go live on my Kubernetes clusters and more people start relying on them, I get nervous. For the most part, I try and keep my applications and configurations stateless - relying on ConfigMaps for example to store application configuration. This means with a handful of YAML files in my Git repository I can restore everything to working order. Sometimes though, there’s no choice but to use a PersistentVolume to provide some data persistance where you can’t capture it in a config file. This is where a backup of the cluster - and specifically the PersistentVolume is really important.

If you’re anything like me, your home lab is constantly changing, evolving, breaking, rebuilding. For the last year or so I’ve been running all my home kubernetes workloads on a Raspberry Pi cluster - and it’s been working really well!

I’ve been through several iterations - for example firstly running on SD cards (tl;dr - it’s bad, they wear out really fast with Kubernetes on board!), then PxE booting them from my Synology to it’s now current state of booting directly from SSDs. I’ve also moved from Raspberry Pi 3s to 4s, I’ve played around with stacking cluster cases before landing on the current rack-mount format.

Where can you find me at VMworld 2020

VMworld 2020 is fast approaching (Sept 29th-October 1st), and in case you hadn’t heard, it online and free! If you struggle getting funding for tickets and flights normally, this could be a golden opportunity to get involved! Register for VMworld 2020 for FREE here! Please come and talk to me for my round table session, it will be awkward by myself!

In the most recent round of vExpert sub-program applications, I was asked to help review applications for the vExpert Cloud Management track. As part of the CMBU and a long-standing vExpert it made sense for me to help out, and I was happy to do so. I reviewed ~60 of the applications that were in my area - automation. The experience was an eye-opener. What follows is a distillation of what (not) to do when you’re writing your application.

I love Raspbery Pis - I have done since they first released them, all the way up to the present iteration, the Raspberry Pi 4. They’re phenominal little bits of kit, endlessly hackable and because of their really low price, they open up computing to a huge number of people who otherwise wouldn’t get the opportunity.

One of the irritating things, though, about running Raspberry Pis is that they typically boot from an SD card. SD cards are notorious for having high attrition rates, especially if you’re reading/writing to them regularly. Running a Kubernetes cluster on my Raspberry Pis is especially hard on the SD card because you’re not only running the system’s read and writes, but you’re also running containers and their I/O on the card.

TL;DR - the first 50 vExperts to sign up on this google sheet and then make a donation to my fundraiser here or another charity of your choice will get a nice shiny new vExpert 2020 sticker!

A few weeks ago, I entered a StickerMule tweet contest to get some free holographic sticker prints - and I won! While I was thinking about what to do with my newly donated sticker trove, I figured why not use it to bribe the vExpert community in exchange for some charitable giving?! And, given there were over 50 likes and 40 comments in response to my initial tweet, it seemed like vExperts were up for a little bit of paying it forward!

Since I started learning Kubernetes the Certified Kubernetes Administrator (CKA) exam has been a target for me, but it’s always seemed to be out of reach. The whole Kubernetes ecosystem is a vast and nebulous beast, with new projects rising to the fore all the time, and old projects fading from favour. The size and rapid development that make the field so interesting and powerful, are the same properties that make the learning curve so steep, and the entry bar so high.

I’ve had the Certified Kubernetes Security Specialist exam booked for a long time - so long in fact that the exam voucher was due to expire at the end of January 2022! I figured I’d give it a go right at the start of January, work out how far off the mark I was and then aim to do the free retake before it expired at the end of the month.