I’m pleased to announce the release of k8s-ecr-login-renew (GitHub / Docker). It’s a small tool written in Go that simplifies working with Amazon’s Elastic Container Registry (ECR). It addresses the fact that ECR Docker login credentials expire every 12 hours. k8s-ecr-login-renew solves this by:
Fetching Docker login credentials from an AWS Creating/Updating a Docker login secret in Kubernetes Running as a cron job to prevent the Docker secret from expiring The source code and Docker image are published here:
A few months ago, I wrote about a side project I intended to work on. The idea was to extend the community version of Traefik by implementing an ACME cert store backed by Azure Table Storage. I made some pretty good progress on the feature, but have finally decided not to continue.
The intermediate progess can be found here. If anyone wishes to continue this work, please have at it!
Last week I took the CKAD exam. This is actually the first official certification I’ve ever done. I don’t really need it for work, but I bought it when it was on discount last year. You have to take the exam within a year of purchasing it, so I naturally waited till the last minute to get it done.
To prepare for the exam, I watched this O’Reilly tutorial.
Traefik is great. It’s easy to setup and has sensible default settings that allow you to get up and running really fast. With just a couple of steps, you can deploy it as your Kubernetes Ingress controller, and it will automatically create and manage Let’s Encrypt certificates right out of the box.
There is one downside to the Let’s Encrypt functionality in Traefik: The community version only supports storing certificates to disk.
Sometimes the easiest way to test or debug a service is to have it running on your local machine. Oftentimes however, your service may be handling requests from an external system that you cannot run locally. Since your local machine is not usually accessible from the public internet, the easies thing to do is route requests from some public facing server to your local machine.
In the past I have done this using ngrok.
Meetings become necessary as soon as you have more than one person working on the same thing. And while none of us are ever perfectly efficient, time wasted in meetings is multiplied by the number of attendees. Ten minutes lost in a meeting of six people adds up to an hour of total wasted time.
For this reason, I believe we should be extra careful with how we spend time in meetings.
I had a couple of weeks off recently where I was staying at home for most of that time. I intended to relax and have fun, but there were also a few side projects I wanted to make sure I worked on. I thought: “I should keep myself reminded of how many days left I have before going back to work.”, the hope being that the frequent reminder keeps me motivated to get my stuff done.
Summary C++ Primer: book Head First Design Patterns: book Designing Data-Intensive Applications: book Data Structures and Algorithms: book Cracking the Coding Interview: book C++ Primer The last time I used C++ seriously was in 2009. I know that the language has evolved and changed quite a bit since then, so I’m not sure how relevant this book has remained. However, this book gave me both a deep understanding of the language as well as a great overview of OOP priniciples.
Just a friendly reminder: Keep backups of all your important files. Hard disks can fail any time.
My personal recommendations on this topic:
Use Google, OneDrive, Dropbox or equivalent for your day-to-day files Restic is a great tool for backing data up Use a service like Backblaze to backup online
This is the second article in a series I plan to write about my experience learning and using Kubernetes. In the previous post I talked about why I wanted to use Kubernetes. In this post I will go over the main concepts of Kubernetes.
Summary If you don’t have time to read the entire article, here are the most important things to know.
Key Components of Kubernetes:
Node: A machine (or VPS) in your cluster Pod: One or more containers that run together ReplicaSet: Manages multiple pods and controls concurrency/redundancy Deployment: Manages deploying new versions of pod by spinning ReplicaSets up and down Service: Routes communication between pods Ingress: Routes requests from the outside world into your cluster Secret: Manages secrets that are deployed to pods Important concepts: