Pre-requisites

In this article, I will be working with the following software, it makes sense to have these pre-installed before continuing.

• minikube - minikube is local Kubernetes, focusing on making it easy to learn and develop for Kubernetes
• kubectl - The Kubernetes command-line tool, kubectl, allows you to run commands against Kubernetes clusters.
• k9s - K9s provides a terminal UI to interact with your Kubernetes clusters.
• helm - helm Charts help you define, install, and upgrade even the most complex Kubernetes configurations

You can install all by using brew if on OSX, or check out the website for detailed installation instructions.

Creating a Namespace

Kubernetes supports multiple virtual clusters backed by the same physical cluster. …

When working with kubernetes, it is sometimes useful to spin up a container within a cluster to just test something quickly.

Sure, you can just exec onto a pod, but sometimes you need to work with jobs or cronjobs, which are not so easy to just exec onto.

One way to do this is to create a pod temporarily with the tools you need (such as busybox) just to test something, such as connectivity to a server (because of a recent firewall change) or to test inter-pod communication.

NAMESPACE=my-namespacecat <<EOF | kubectl apply -n $NAMESPACE -f -
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: debug
spec:
  podSelector:
    matchLabels:
      app: debug
  policyTypes:
  - Egress
  egress:
  - {}…

What is AWS Client VPN?

AWS Client VPN is a managed client-based VPN service that enables you to securely access your AWS resources and resources in your on-premises network. With Client VPN, you can access your resources from any location using an OpenVPN-based VPN client.

Mutual authentication — generating certs

With mutual authentication, Client VPN uses certificates to perform authentication between the client and the server.

In order to use this using this guide, you will want to generate some certs, and import them into the certificate manager in AWS.

There is a pretty good guide here:

In my case, I generated the following files:

CA: ca.crt
Client: craig.vpn.management.XXX.com.crt
Client: craig.vpn.management.XXX.com.key
Server: vpn.management.XXX.com.crt …

GitOps is a broad term, which generally describes some processes used when deploying cloud-native applications.

A source control repository is used as a mechanism to provide a declarative description of the current state of some infrastructure.

The idea is that this source control repository is updated when there is a change, such as a new version or a change to the infrastructure.

Some automated process detects the change and updates the environment to become eventually consistent with what is described within the repository.

GitOps uses tools that developers are familiar with already, hence the git part of GitOps. …

I’ve recently had to work on services that require to be installed on Windows, and because of this, using a container was out of the question.

It was part of a migration which due to time constraints required lifting and shifting the machines rather than spending time automating and getting it right.

Due to cost, it was not necessary to create high availability as long as the service could recover within a reasonable time (10 minutes) without any loss of backing data.

The idea was to use EC2 in combination with an autoscaling group, to allow an almost always running service, which would automatically recover if terminated either by ourselves, or AWS. …

I had an underutilized raspberry pi, running raspian headless.

I set it up a couple of months back to run pihole

To utilise my pi further, I decided to see if I could run Airflow on it. I have used airflow in the past to run python tasks and thought it could come in handy for running some automation tasks at home.

Turns out it is very easy to set up and runs really well!

What is Airflow

Apache Airflow

Airflow is a platform created by the community to programmatically author, schedule and monitor workflows.

Setting up PreRequisites

First SSH onto the raspberry pi.

The version I am running of Raspian was Raspbian GNU/Linux 10…

SSH tunneling is something I have to do all the time, yet its something that never seems to stick in my brain.

I have created a guide (with examples) to quickly and easily demystify SSH tunneling and get you going.

Before we start — SSH Config

Use ssh config to save your connections, to save having to go through your bash history to find the command you used last week that worked.

I am a serial bash history searcher, but there are easier ways to setup your ssh tunnels and connections in general using SSH config.

SSH config is usually located at: ~/.ssh/config

If it isn’t you should just be able to create that file. …

I don’t usually like to write articles about myself, as it feels a bit self-indulgent, but I thought it would be useful to show examples of how I became ‘T’ shaped and how my career progressed.

Introduction

I’ve been working in tech for over ten years. My passion first started when I was young. When I was five years old, my parents bought a commodore 64, and it sparked something inside of me.

I enjoyed playing games and eventually going on to writing small bits of code in basic and watching the output.

As a teenager, I played a lot with a tool my parents got for me called ‘Klik and Play’ which was a drag and drop game creator, which allowed scripting of events to create custom behaviors. It was awesome and helped me understand event-driven programming. …