Drew RogersEKS Pod Identity is a feature that enables applications running on EKS to securely access AWS services, such as AWS Secrets Manager, without the need for hardcoding or managing access credentials. Instead, EKS Pod Identity uses IAM roles to grant permissions to pods, allowing them to interact with AWS services seamlessly. In my last post, … Read More
Recently AWS released EKS Pod Identity which simplifies how cluster administrators can configure Kubernetes applications to obtain AWS IAM permissions. With Pod Identity you can assign an IAM role to a K8s service account using the new AWS API create-pod-identity-association and the EKS pod identity agent. When a pod starts with the associated service account, … Read More
Lear how to fetch metrics and create custom endpoints for a Prometheus ServiceMonitor to scrape using the prometheus_client library in Python.
When Kubernetes first hit the scene for container orchestration, devops engineers all asked, “Can I run my database in here?” We quickly learned the answer, “Hell no!”
In the following examples, I’ll show how to renew certs with domains hosted on AWS/Route53 and GoDaddy. I run certbot with scripts within a docker container (to simplify automation), however you can use CLI.
qemu-img is a tool apart of the qemu-utils package that lets you convert a wide variety of disk images from one hypervisor to another. However Citrix Xenserver image format XVA is not an option for qemu-img, so lets add it! Here’s how to convert an XVA image to KVM. Extract the XVA image. A XVA … Read More
Nagios, the popular open source system and networking monitoring service, is awesome. It gives you so much flexibility that expensive commercial software like Solarwinds and Spiceworks just doesn’t have. However after I moved my infrastructure to Chef, Nagios was constantly giving me issues. The configuration scheme just doesn’t fit well in an autonomous environment. In this blog article I review how I found a replacement for Nagios,
