In this post, I’m going to install kube-prometheus on AKS. The process is clearly documented at the kube-prometheus Github page. Here, I’m just going to use the ‘quickstart’ and later I plan to cover other topics such as ingress and customization. Pre-requisites: A Kubernetes cluster. In this example I’m using AKS, but similar steps could …
Author Archives: Slade
Install k9s in WSL Ubuntu 22.04.1 using Homebrew
My only experience with k8s frontends are the web-based Kubernetes Dashboard and k9s. I prefer k9s. Here’s a straight-forward way to install k9s in WSL running Ubuntu 22.04.1 using Homebrew. I use the zsh shell. I enjoy k9s because it uses familiar kubectl’ish syntax and provides a nice terminal-based visualization of your targeted Kubernetes context. …
Continue reading “Install k9s in WSL Ubuntu 22.04.1 using Homebrew”
Hashicorp Vault , Secrets management , Docker
Something that tends to happen as you start building things is that you end up starting in ‘get it running fast’ mode so that you can see how something works, knowing full well due to the in-your-face reminders and, well, reasons, that you’re not going to produce something that is ‘production ready’. You toy around …
Continue reading “Hashicorp Vault , Secrets management , Docker”
k3s Kubernetes lab on a Pi cluster – excellent!
Hardware used: I am using (4) Raspberry Pi Model 4b (8 gig models) with PoE hats and a Netgear 5-port switch with (4) PoE ports which can be found here. This set up is popular and I think made (famous?!) by Jeff Geerling. I used his Wiki to come up with a game plan and …
Continue reading “k3s Kubernetes lab on a Pi cluster – excellent!”
rtl_433 on Docker with mqtt, InfluxDB, and Grafana
I’m using an rlt_433 USB dongle for sniffing air things (mostly at this point a wireless bbq temperature monitor/transmitter) and it’s time to move it over to Docker so that I can include it in my compose stack. Getting rtl_433 running on Docker is already very well documented. I then want to leverage mosquitto, influxdb, …
Continue reading “rtl_433 on Docker with mqtt, InfluxDB, and Grafana”
LetsEncrypt renewal failure with error 400 ‘Timeout during connect’
I encountered this issue when using the Traefik Docker container. LetsEncrypt certificate renewal using the ACME protocol failed. In this case, I had shut down inbound traffic at my edge to port 80. ACME needs this if you’re utilizing the HTTP-01 challenge (the most common). Easy solution… open TCP 80 at your edge and ensure …
Continue reading “LetsEncrypt renewal failure with error 400 ‘Timeout during connect’”
Service Fabric Backups and CN certs – bug discovery
I encountered a strange behavior while working with Backup and Restore service running on a Service Fabric 8.0.514.9590 cluster. I assume the behavior exists on prior releases as well. The Scenario This cluster had been deployed initially referencing the certificate Thumbprint rather than the Common Name attribute, following the MSFT documentation for doing so. Switching …
Continue reading “Service Fabric Backups and CN certs – bug discovery”
Securing an Azure ISE
On my latest project, the client has deployed several ISEs and was unable to successfully implement NSGs or the Azure firewall to secure traffic. As a result, these ISEs aren’t currently using either. We’ll be reviewing an internal ISE. Here, the primary concern is in regards to outbound traffic, but the inbound traffic is of …
Docker networking
Once you install Docker in Linux, a ‘default’ networking configuration is applied. Here is what happens… Docker adds a bridge to the Linux OS named ‘docker0’ and that bridge is an isolated network defined in software. slade@linux-home:/etc/iptables$ ifconfig docker0 docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 inet6 fe80::42:e5ff:fef0:dbc0 prefixlen 64 scopeid 0x20<link> …
tfenv (Terraform version manager) a very useful tool.
I never needed to switch Terraform versions in my prior environment. Instead, I always kept pace with the Terraform release schedule (well, mostly). With the client I’m working with now, an older version is used in all of the CI/CD pipelines; something I plan to address later. Specifically, Terraform version 0.11.13 is used. Because I …
Continue reading “tfenv (Terraform version manager) a very useful tool.”
