Providing access to AWS resources from Kubernetes using OIDC

If you're running a Kubernetes cluster with workloads that need access to AWS services you probably wondered what's the best way of granting that access. There are number of solutions that can be deployed: Use static user credentialsIf the cluster is running in AWS - use EC2 instance profileUse projects…

Comparison of small Kubernetes distributions

Kubernetes is quickly becoming the default when it comes to application deployment and management. Even though originally it was geared towards very large clusters it can also be deployed on individual devices, such as a Raspberry Pi. There's a number of Kubernetes distributions that offer all-in-one, single node clusters. I…

Using Terraform with Kubernetes

Terraform is an extremely flexible framework that allows for intent-based resource management. Its commonly used to provision various types of infrastructure as well as services and applications. Terraform also has a number of official and unofficial providers that can be used to manage workloads inside Kubernetes clusters. This posts captures…

Running (and debugging) iptables inside a Docker container

Sometimes there's a need to run iptables inside a Docker container. The most common scenario is probably when the container is attached not to a standard Docker bridge (which provides network connectivity using iptables) but to a network configured using macvlan or ipvlan driver. In that scenario the container is…

Automatically mounting an EBS volume using Ansible

When creating new EC2 instances that require persistent EBS volumes there's a number of steps that have to be carried out before the disk can be used. This post shows how to automate them. Definitions of the tasks presented below are also in https://github.com/pshemk/ec2-base. Please note…