Archive

Why should you care about secrets management? There are very few applications out there that don’t require a secret, an API key or a password of some kind. Secrets and sensitive values are a natural part of a software developer’s life and are tightly incorporated into software development process. With the vast and diverse amount of cybersecurity threats in the modern world proper secrets management hasn’t been as crucial and important as it is now. ...

Have you ever heard of or used query parameter when running Azure CLI commands? If not, I do recommend you checking it out because this is a pretty powerful parameter that can help you with much faster and efficient data retrieval and filtering! Let's use DNS records retrieval as an example: I need to update DNS records pointing to a specific IP, f.ex. 192.0.2.146. So, in order to retrieve all DNS records in respective DNS zone pointing to 192.0.2.146 with Azure CLI I could either: ...

Introduction to the needs for upgrading Ingress Controller In some scenarios you may need to perform maintenance work on the Ingress Controller which can potentially result in downtime - in my case the time has come to move away from NGINX Ingress Controller for Kubernetes Helm chart located in stable repo and fully embrace the new Helm chart located in ingress-nginx repository. The reason for that is related to higher maintenance costs for the Helm repositories’ maintainers which has become significantly more challenging with release of Helm 3. Therefore EOL timeline has been officially announced by CNCF and Helm back in 2020. You can read the official announcement as well as the reasoning behind deprecation of Helm repositories here: Important Helm Repo Changes & v2 End of Support in November. ...

Helm is extremely useful and efficient when it comes to distributing, installing and upgrading applications hosted in Kubernetes. But sometimes you may have a need to patch an existing release and there is a quick way to do that which I would like to share with you today. A scenario I had to face was that I discovered missing PodDisruptionBudget on one of the production deployments and after this has been fixed in the source code I had therefore a need to add it to the existing Helm release to ensure configuration consistency. ...

So, recently I’ve faced a scenario where I got a chance to dig more into different Kubernetes Service types and experiment with those. I would like to share about one of the experiments where I tested several Kubernetes Service types in order to implement proxying of the requests to external services from Kubernetes cluster. Why would proxying to external services from Kubernetes cluster be relevant? There may be multiple reasons for why you would look into setting up this kind of proxying to external services from Kubernetes cluster. ...