And how to set it up in minikube

Rubic’s cube floating against a black background
Rubic’s cube floating against a black background
Photo by Michelen Studios on Unsplash

Why Do We Need Ingress?

Some pods will require user input of some kind to interact with the running container.

An example of this might be a web application. Without the user being able to browse the application in their web browser, the application is useless.

Within Kubernetes, setting up access to a pod from outside is referred to as Ingress. Ingress allows you to manage traffic and routing rules via a resource that is running as part of your cluster or via an external offering such as a load balancer, which is then also managed from within the cluster.

An Ingress resource is essentially a collection of rules for routing that allow or deny users access to services running within a cluster. …


Image for post
Image for post

Pre-requisites

In this article, I will be working with the following software, it makes sense to have these pre-installed before continuing.

  • minikube - minikube is local Kubernetes, focusing on making it easy to learn and develop for Kubernetes
  • kubectl - The Kubernetes command-line tool, kubectl, allows you to run commands against Kubernetes clusters.
  • k9s - K9s provides a terminal UI to interact with your Kubernetes clusters.
  • helm - helm Charts help you define, install, and upgrade even the most complex Kubernetes configurations

You can install all by using brew if on OSX, or check out the website for detailed installation instructions.

Creating a Namespace

Kubernetes supports multiple virtual clusters backed by the same physical cluster. …


Image for post
Image for post
Photo by frank mckenna on Unsplash

When working with kubernetes, it is sometimes useful to spin up a container within a cluster to just test something quickly.

Image for post
Image for post
Photo by CHUTTERSNAP on Unsplash

Sure, you can just exec onto a pod, but sometimes you need to work with jobs or cronjobs, which are not so easy to just exec onto.

One way to do this is to create a pod temporarily with the tools you need (such as busybox) just to test something, such as connectivity to a server (because of a recent firewall change) or to test inter-pod communication.

NAMESPACE=my-namespacecat <<EOF | kubectl apply -n $NAMESPACE -f -
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: debug
spec:
podSelector:
matchLabels:
app: debug
policyTypes:
- Egress
egress:
- {}…

Image for post
Image for post

What is AWS Client VPN?

AWS Client VPN is a managed client-based VPN service that enables you to securely access your AWS resources and resources in your on-premises network. With Client VPN, you can access your resources from any location using an OpenVPN-based VPN client.

Mutual authentication — generating certs

With mutual authentication, Client VPN uses certificates to perform authentication between the client and the server.

In order to use this using this guide, you will want to generate some certs, and import them into the certificate manager in AWS.

There is a pretty good guide here:

In my case, I generated the following files:

CA: ca.crt
Client: craig.vpn.management.XXX.com.crt
Client: craig.vpn.management.XXX.com.key
Server: vpn.management.XXX.com.crt …


Image for post
Image for post

GitOps is a broad term, which generally describes some processes used when deploying cloud-native applications.

A source control repository is used as a mechanism to provide a declarative description of the current state of some infrastructure.

Image for post
Image for post

The idea is that this source control repository is updated when there is a change, such as a new version or a change to the infrastructure.

Some automated process detects the change and updates the environment to become eventually consistent with what is described within the repository.

GitOps uses tools that developers are familiar with already, hence the git part of GitOps. …


Image for post
Image for post

I’ve recently had to work on services that require to be installed on Windows, and because of this, using a container was out of the question.

It was part of a migration which due to time constraints required lifting and shifting the machines rather than spending time automating and getting it right.

Due to cost, it was not necessary to create high availability as long as the service could recover within a reasonable time (10 minutes) without any loss of backing data.

Image for post
Image for post

The idea was to use EC2 in combination with an autoscaling group, to allow an almost always running service, which would automatically recover if terminated either by ourselves, or AWS. …


Image for post
Image for post

I had an underutilized raspberry pi, running raspian headless.

I set it up a couple of months back to run pihole

To utilise my pi further, I decided to see if I could run Airflow on it. I have used airflow in the past to run python tasks and thought it could come in handy for running some automation tasks at home.

Turns out it is very easy to set up and runs really well!

Image for post
Image for post

What is Airflow

Apache Airflow

Airflow is a platform created by the community to programmatically author, schedule and monitor workflows.

Setting up PreRequisites

First SSH onto the raspberry pi.

The version I am running of Raspian was Raspbian GNU/Linux 10…


SSH tunneling is something I have to do all the time, yet its something that never seems to stick in my brain.

Image for post
Image for post
Photo by Jordan Harrison on Unsplash

I have created a guide (with examples) to quickly and easily demystify SSH tunneling and get you going.

Before we start — SSH Config

Use ssh config to save your connections, to save having to go through your bash history to find the command you used last week that worked.

I am a serial bash history searcher, but there are easier ways to setup your ssh tunnels and connections in general using SSH config.

SSH config is usually located at: ~/.ssh/config

If it isn’t you should just be able to create that file. …


Image for post
Image for post

I don’t usually like to write articles about myself, as it feels a bit self-indulgent, but I thought it would be useful to show examples of how I became ‘T’ shaped and how my career progressed.

Introduction

I’ve been working in tech for over ten years. My passion first started when I was young. When I was five years old, my parents bought a commodore 64, and it sparked something inside of me.

Image for post
Image for post

I enjoyed playing games and eventually going on to writing small bits of code in basic and watching the output.

As a teenager, I played a lot with a tool my parents got for me called ‘Klik and Play’ which was a drag and drop game creator, which allowed scripting of events to create custom behaviors. It was awesome and helped me understand event-driven programming. …


Let’s build a Twitter bot together

groups of people working
groups of people working
Image credit: www.freepik.com/macrovector

People have a love-hate relationship with Twitter bots. They can be useful for retweeting content that is relevant to things you are looking for, but they can also be annoying if they tweet too much or if they tweet about stuff that you don't care about. However, you can get around this issue by creating your own bot.

Creating a Twitter bot is relatively straightforward. In true serverless style, it is possible to build your own in a cost-effective way. This article will focus on creating a Twitter bot in Node, hosted in AWS Lambda.

Why Serverless?

Using serverless patterns for a Twitter bot makes complete sense. …

About

Craig Godden-Payne

Technologist who enjoys writing and working with software and infra. I write up all the things I learn as I go along to share the knowledge! beardy.digital

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store