If you're running a Kubernetes cluster with workloads that need access to AWS services you probably wondered what's the best way of granting that access. There are number of solutions that can be deployed: Use static user credentialsIf the cluster is running in AWS - use EC2 instance profileUse projects…
Kubernetes is quickly becoming the default when it comes to application deployment and management. Even though originally it was geared towards very large clusters it can also be deployed on individual devices, such as a Raspberry Pi. There's a number of Kubernetes distributions that offer all-in-one, single node clusters. I…
Terraform is an extremely flexible framework that allows for intent-based resource management. Its commonly used to provision various types of infrastructure as well as services and applications. Terraform also has a number of official and unofficial providers that can be used to manage workloads inside Kubernetes clusters. This posts captures…
ENIs come with a number of IPv4 and IPv6 interfaces (current numbers are here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI), but what happens if for some reason we need more than what a single ENI can support? The answer is to use multiple ENIs attached…
Sometimes there's a need to run iptables inside a Docker container. The most common scenario is probably when the container is attached not to a standard Docker bridge (which provides network connectivity using iptables) but to a network configured using macvlan or ipvlan driver. In that scenario the container is…
In two previous posts I showed how to use Ansible to configure an EC2 instance, after it was created. Even though that might be useful at times having a completely automated process that can be invoked directly from Cloudformation when the instance is being built could be even more useful.…
It might be useful to copy files into an EC2 instance whilst it's being built. Those can be configuration files for the application, authentication keys or even the whole pre-built application stack. One way of doing that is to use CloudFormation's Metadata and copy files from an S3 bucket. This…
When creating new EC2 instances that require persistent EBS volumes there's a number of steps that have to be carried out before the disk can be used. This post shows how to automate them. Definitions of the tasks presented below are also in https://github.com/pshemk/ec2-base. Please note…