Better k8s monitoring part 3: Adding request tracing with OpenTracing (powered by Jaeger)

Deploying Jaeger to enable tracing support for an application on my kubernetes cluster

vados

61 minute read

tl;dr - I spent a bunch of time stumbling through getting kim/opentracing integrated into my small Servant powered web app. In the end I actually switched to servant-tracing due to some issues integrating, and was able to get it working – there’s a TON of wandering in this post (basically half the time you’re reading an approximation of my stream of consciousness, some might consider the experiments with kim/opentracing a waste of time, but I do not), so please check out the…

Switching From kube-lego To cert-manager

Switching from kube-lego to cert-manager (without Helm)

vados

16 minute read

tl;dr - I switched from Jetstack’s kube-lego to cert-manager (it’s natural successor), and am pretty happy with the operator pattern they’ve decided to adopt, switch over was easy, but I tripped myself up for a bit because I don’t like using Helm. Complete resource definitions (that worked for me, YMMV) are in the TLDR section @ the bottom.

Better k8s Monitoring Part 2: Adding logging management with the EFKK stack

(FluentD + ElasticSearch + Kibana) x Kubernetes

vados

44 minute read

tl;dr - I started trying to set up EFK (Elastic, FluentD, Kibana), and hit frustrating integration issues/bugs with Elastic+Kibana 6.x, tripped myself up a LOT, almost gave up and went with Graylog, but then rallied to finish setting everything up by basically fixing my own bad configuration. Skip to the TLDR section for the hand-written working k8s configuration.

Better K8s Monitoring Part 1: Adding Prometheus

Adding better monitoring for applications running in my k8s cluster using Prometheus.

vados

10 minute read

It’s been a while since I learned of the wonders (and cleared up my misconceptions) of dedicated hosting and set up a “Baremetal” CoreOS single-node k8s cluster. For a while now I’ve maintained a single large (by my standards) machine that has been running Kubernetes, and purring right along – outside of the occasional restart or operator error, it hasn’t gone down and has kept my applications running. While most of the applications don’t get much…

Switch From ployst/docker-letsencrypt to Jetstack's kube-lego

Switching from ployst/docker-letsencrypt to jetstack/kube-lego for auto-generated SSL certs with Kubernetes.

vados

7 minute read

tl;dr - I switched from ployst/docker-letsencrypt which I considered less complicated than jetstack/kube-lego initially. Turns out jetstack/kube-lego is pretty simple and *just works* which is amazing, props to the team over at jetstack and as always the kubernetes team, for making this more intelligent automation possible. You could honestly just read the jetstack/kube-lego guide, it’s real good. If you wanna see my path through it, keep reading.

Serving email on Kubernetes with Mailu

How I set up mailu on Kubernetes.

vados

20 minute read

tl;dr - Setting up Mailu on Kubernetes was pretty simple, once TLS and Ingress are all set up. It’s just a matter of configuring the ingress controller, adding the right ingress resources, and making the right resource configuration for Mailu. I encounter some (mostly self-inflicted) issues along the way, but you can find the resource config that worked for me at the end.

Kicking The Tires On Rancher 2.0

Checking out Rancher 2.0

vados

19 minute read

tl;dr - Rancher 2.0 is out, Check out the demo video, it’s pretty slick. I start to set up Rancher, mess up, do some debugging, and eventually get it working with a bit of a hack. Skip to the end section (named “The whole process, abdridged”) before wrap up to see the full list of steps I took for getting Rancher running on my own local single node Kubernetes cluster.

Serving a HTTPS enabled application on Kubernetes

How I went about serving a full HTTPS enabled 3 tier application application on Kubernetes

vados

7 minute read

tl;dr - It’s pretty easy if you have let’s encrypt certificates set up, and Kubernetes Ingress/DNS working properly (I’ve covered how I set these up in previous posts so check them out for reference). Skim through to see the final Kubernetes resource configuration that I use in production for Passcue.me