Posts by Tag

kubernetes

Change Kubernetes service type from LoadBalancer to NodePort and viceversa

2 minute read

Changing the Service type from NodePort to LoadBalancer and viceversa is useful depending on the cluster you are working on. If you are doing experiments in a local development cluster, like Kind, you don’t have a real load balancer in front of your cluster and you need to expose your services externally using a NodePort service. On contrary, if you are w...

Kubernetes ephemeral containers

1 minute read

Removing building and debugging tools from the images we use to run services on containers is one of the security best practices. However, you can’t debug a container if it is not shipped with the debugging tools. Security and easy of debug seems to mutual exclusive but Kubernetes provides a solution: ephemeralContainers. As the name suggests, they are ep...

Kubernetes operator from scratch

5 minute read

A Kubernetes operator is an extension of Kubernetes that allows to use custom resources to manage applications and their components. Writing a proper Kubernetes operator from scratch isn’t a trivial task. For this reason, there exists SDKs and frameworks that take care of boiler plate code and allow developers to focus on the business logic. However, if y...

Troubleshooting Kyverno webhooks

2 minute read

Kyverno is a policy engine designed specifically for Kubernetes. It is based on validanting and mutating webhooks that intercept resources before they are created. This post will show how to troubleshoot Kyverno and it will dive into Kyverno resources when it seems that your policy is not applied.

Testing Kubernetes resources with Kuttl

1 minute read

In Kubernetes the infrastructure that runs an application is described by some YAML manifests. While application source code is tested with additional code written almost always in the same language, manifest describing the architecture are almost never tested. It means that changes in the manifests affect immediately the infrastructure.

Back to top ↑

go

Kubernetes operator from scratch

5 minute read

A Kubernetes operator is an extension of Kubernetes that allows to use custom resources to manage applications and their components. Writing a proper Kubernetes operator from scratch isn’t a trivial task. For this reason, there exists SDKs and frameworks that take care of boiler plate code and allow developers to focus on the business logic. However, if y...

Customize Go tests with Flag options

1 minute read

Often some tests of a Go package need to interact with another system. You can mock it but at a certain point, the tests should run against a real system located at a certain address, using a some credentials, and so on. The real system has some parameters that should not be hardcoded because they are ephemeral or because is not safe. To customize these p...

Back to top ↑

terraform

Avoid name conflicts in Terraform workspaces

2 minute read

Terraform workspaces are a feature of some backends to associate many terraform states to the same configuration. It is convenient to have a workspace where you can try changes to infrastructure. When the changes have been tested, you can switch to the production workspace and apply the changes.

How to use Terraform for_each correctly

3 minute read

Terraform language provides the for_each meta-argument to create many resources from a key-value data structure. However, if not used properly, the for_each meta-argument can produce unexpected results.

Testing Infrastructure as Code with Python

2 minute read

Infrastructure code is considered 100% code but often good software principle, like testing, are not applied. Apart from checking the correctness of code, testing documents how code should behave, as well. In this post I will show how to test a Terraform module using the Python module tftest along with the testing framework pytest.

Kubernetes The Hard Way - Write Ansible inventory from template with Terraform

1 minute read

Once the instances are provisioned to AWS using a Terraform script, I need to configure them using Ansible. To tell Ansible the remote targets to configure, I wrote an inventory file that lists the IP addresses and the hostnames. Each time I created the AWS sandbox, the IP addresses changed and I needed to copy-paste them on the inventory file. Since this...

Back to top ↑

weekly

Back to top ↑

aws

Debugging EC2 user_data script

1 minute read

AWS EC2 instances can be initialized easily at startup using a custom script in the user_data field. Our instances will be ready to use and have all tools installed. It is a great advantage when the initialization script is easy, because we don’t need to use separate tool like Ansible. However, user_data can be tricky because it is not so friendly to debu...

Inspecting HTTP Cache-Control

4 minute read

I was following the ACloudGuru tutorial to setup a web server with httpd on a EC2 instance and a AWS Cognito Identity Pool.

Host a Go Gin web application with AWS S3 and EC2

2 minute read

Few months ago I wrote a REST API service with Go and the Gin Web Framework that performs basic CRUD operations on PostgreSQL database. I was using it through curl and Postman but I wanted the freedom to call the API from every device and location. So, I needed a web page to make HTTP requests from a smartphone as well and a machine running 24/7.

Back to top ↑

testing

Testing Kubernetes resources with Kuttl

1 minute read

In Kubernetes the infrastructure that runs an application is described by some YAML manifests. While application source code is tested with additional code written almost always in the same language, manifest describing the architecture are almost never tested. It means that changes in the manifests affect immediately the infrastructure.

Testing Infrastructure as Code with Python

2 minute read

Infrastructure code is considered 100% code but often good software principle, like testing, are not applied. Apart from checking the correctness of code, testing documents how code should behave, as well. In this post I will show how to test a Terraform module using the Python module tftest along with the testing framework pytest.

Back to top ↑

python

Testing Infrastructure as Code with Python

2 minute read

Infrastructure code is considered 100% code but often good software principle, like testing, are not applied. Apart from checking the correctness of code, testing documents how code should behave, as well. In this post I will show how to test a Terraform module using the Python module tftest along with the testing framework pytest.

Back to top ↑

gitops

Back to top ↑

ctf

Back to top ↑

cpp

Where to implement C++ function templates

1 minute read

I was implementing a template function inside a class. As usual, I wrote the prototype in .h file and the definition in a .cpp file. This templated method is then called in other part of the software. When I hit the compile button, the compiler complained about an undefined reference where I called the template function.

Back to top ↑

git

Merging a local repository to an existing remote repository

1 minute read

Very often happens that I start versioning some software locally and I push it remotely later :octocat:. When I decide it is the moment to keep the code safe and sound on Github, the procedure to merge a local-only repository to a fresh remote repository is not straight forward.

Back to top ↑

azure

Github ci/cd pipeline to deploy Azure App Service

2 minute read

For the Microsoft Azure Trial Hackathon on DEV I created a web application to basically perform CRUD operations on a Azure SQL Database. The source code is hosted on GitHub and I decided to use GitHub Actions to create a CICD pipeline.

Back to top ↑

github

Github ci/cd pipeline to deploy Azure App Service

2 minute read

For the Microsoft Azure Trial Hackathon on DEV I created a web application to basically perform CRUD operations on a Azure SQL Database. The source code is hosted on GitHub and I decided to use GitHub Actions to create a CICD pipeline.

Back to top ↑

cors

Host a Go Gin web application with AWS S3 and EC2

2 minute read

Few months ago I wrote a REST API service with Go and the Gin Web Framework that performs basic CRUD operations on PostgreSQL database. I was using it through curl and Postman but I wanted the freedom to call the API from every device and location. So, I needed a web page to make HTTP requests from a smartphone as well and a machine running 24/7.

Back to top ↑

httpd

Inspecting HTTP Cache-Control

4 minute read

I was following the ACloudGuru tutorial to setup a web server with httpd on a EC2 instance and a AWS Cognito Identity Pool.

Back to top ↑

docker

Back to top ↑

policy

Troubleshooting Kyverno webhooks

2 minute read

Kyverno is a policy engine designed specifically for Kubernetes. It is based on validanting and mutating webhooks that intercept resources before they are created. This post will show how to troubleshoot Kyverno and it will dive into Kyverno resources when it seems that your policy is not applied.

Back to top ↑

make

Makefile tips

2 minute read

This post talks about three basic features that you need when writing basic makefiles:

Back to top ↑

operator

Kubernetes operator from scratch

5 minute read

A Kubernetes operator is an extension of Kubernetes that allows to use custom resources to manage applications and their components. Writing a proper Kubernetes operator from scratch isn’t a trivial task. For this reason, there exists SDKs and frameworks that take care of boiler plate code and allow developers to focus on the business logic. However, if y...

Back to top ↑