Skip to content

Unix to the Rescue

Ever wanted to apply Kubernetes secrets without displaying or persisting the secret value? Well now you can: Unix to the rescue!

Laughably Loquacious Logging

Cloud logging. How much space does a typical keep-alive take if you log it?
You would be shocked that 1 byte of log could be 32+ KiB of output space. Watch the entropy!

DoS’ing the cloud with logs

Could cloud logging be the next NTP amplification attack for a DDoS? A small input produces a larger output, the ingredients are there…

Multiple Kubernetes contexts and your multi-coloured prompt

You are working with multiple clouds. But, you keep changing context and then accidentally applying something. Ooops. If only this could be simpler.Drop these two bits in your .bashrc. Now you can simply say ‘context foo’ and be in that context with a little bit of colour in your prompt to remind you.

I Declare is not the same as Make It So

Declarative vs Imperative. In a ‘declarative’ world I document the desired state, and it is the job of the system to ‘make it so’. In a declarative world you don’t need to worry about ‘how’, and you don’t need to worry about things later breaking… If they change, the system puts it back.
In an imperative world, you instruct each step. Install that software, configure that port, etc.
Does declarative work always? read on

When you throw in the towel on declarative

In a declarative world its all written down and checked into version control. No commands are used.
Sometimes you hit a wall and have to punt.
Here I show a simple workaround using `envsubst` for those times that declarative just doesn’t work.

pause: how to debug your Kubernetes setup

Sometimes you need a debug container hanging around to check something from within your cluster. You cobble something together, make the ‘command’ be ‘sleep 3600’ or ‘tail -f /dev/null’ and call it a day. But they don’t terminate gracefully.
Let’s learn how to fix this.

Let’s Encrypt Staging. Curl without the -k

Are you lazy and use ‘-k’ to curl all the time when using Let’s Encrypt staging? Or worse, use snake-oil? Or even worse, use just http for ‘test’? Let me show you how to fix that, simply.