Mon 11 October 2021
GKE by default deploys kube-dns and other system services to any of your
nodepools. This is probably fine for most cases, but certain use cases
might require preventing system services from running on the same nodes as
your where your applications are running. This blog post provides instructions
on how …
Continue reading »
Fri 21 May 2021
You are at one of those places that requires you to use a proxy to access
your company wide Docker registry. Sometimes HTTP proxies are used to supposedly
improve security or to workaround IP based rate limits.
Well good luck, you're in for a ride on how to do this …
Continue reading »
Fri 12 March 2021
This blog post described how to deploy your own K8s cluster autoscaler instead
of the cluster autoscaler that's bundled with GKE. This can be helpful in the
rare case that the bundled GKE cluster autoscaler doesn't work for you.
Note that the GKE bundled cluster autoscaler is vastly different from …
Continue reading »
Thu 11 March 2021
An example use case that I've seen is where you have a K8s service exposed
on the ClusterIP and you want to make that service accessible over a domain
name that you don't control.
You can do to the following steps to set this up:
- Deploy CoreDNS with custom DNS …
Continue reading »
Tue 02 March 2021
This might become a full blog post but for now read the steps here:
https://github.com/samos123/gke-gcs-fuse-unprivileged
Continue reading »
Mon 28 December 2020
Istio is daunting and not all use cases are well documented. The public docs
focus mostly on using the egress gateway for TLS orignation. The use case
of using the sidecar for TLS origination with a database isn't documented
well. This blog post hopes to solve that.
So you've actually …
Continue reading »
Sat 07 November 2020
You want private cloud inside public cloud for additional security,
improved agility, lower opex and ultimate flexibility? I present you
OpenStack running on Google Compute Engine (GCE). I hope you got the
joke, if not, let me explain there are no benefits to running OpenStack
on GCP. OpenStack on GCP …
Continue reading »
Sun 13 September 2020
Cloud providers often prevent you from using L2 protocols such as ARP. These
protocols however are heavily used in existing software such as keepalived.
This can make it hard for to move certain workloads to the cloud.
This blog post demonstrates a method for creating L2 connectivity between
Virtual Machines …
Continue reading »
Mon 30 December 2019
You might be in a situation where you need to troubleshoot the networking
stack on a container where you don't have the tools necessary. Or you might
need to figure out which veth belongs to a container. For both these
scenarios you will need to be able to get into …
Continue reading »
Mon 10 June 2019
Inpatient people who just want the end-result, please go to:
GitHub: GCP Cloud Shell image with Terraform and Helm
Cloud Shell is one of the convenient features of Google Cloud providing
you with a secure CLI directly from the browser. The default image contains
almost all the tools you could …
Continue reading »