Posts

To connect to a Redis server with Python, one can use python3-redis module. First verify that python3-redis module is installed. I’m showing the package name in Fedora 39, if you use a different distro, then check for the relevant package name. $ rpm -q python3-redis python3-redis-4.3.3-1.el9.noarch Here is the sample code to connect to a non-cluster Redis server: import redis # Connect to Redis r = redis.Redis(host='10.97.147.175', port=6379) # Set a key-value pair r.set('my_key', 'Hello, Redis!') # Get the value of the key value = r.get('my_key') print(value.decode('utf-8')) If you want to connect to a Redis cluster (that has both master and replicas), use this version instead: ...

Assuming that you use brew on your macOS, converting a ppk file to pem file is relatively easy. Install putty on your mac ➜ brew install putty Generate the key ➜ puttygen existing_key.ppk -O private-openssh -o new_key.pem Here are the options used in above command: -O private-openssh : save the output as a SSH-2 private key -o new_key.pem : save the output to new_key.pem Full credit go to this blog post [1], where I had learned to convert a PPK to PEM file. ...

I’ve been running Uptime Kuma on a podman-container for a long time with no problem. Recently, though, I’ve been running a mini Kubernetes cluster at home, and decided to move this conatainer to the same cluster. The following is to document how I deploy Uptime Kuma on a Kubernetes cluster. As I’m new to Kubernetes world, I broke down the tasks I need to do in 6 pieces: $ ls -1 1.namespace.yaml 2.service.yaml 3.pvc.yaml 4.deployment.yaml 5.tls-secret.yaml 6.ingress.yaml The first step is to create a new namespace for this application or deployment. It’ll be called ‘uptime-kuma’. $ cat 1.namespace.yaml kind: Namespace apiVersion: v1 metadata: name: uptime-kuma $ kubectl apply -f ./1.namespace.yaml Create a new service, which will listen on port 3001. $ cat 2.service.yaml apiVersion: v1 kind: Service metadata: name: uptime-kuma-svc namespace: uptime-kuma spec: selector: app: uptime-kuma ports: - name: uptime-kuma port: 3001 targetPort: 3001 protocol: TCP Next is to create a persistent volume claim for Uptime Kuma’s app data. Based on the current usage on my existing podman-container, 512 MiB is plenty. In my cluster, I use Longhorn as the persistent block storage. $ cat 3.pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: uptime-kuma-pvc namespace: uptime-kuma spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 512Mi Here is the deployment file. $ cat 4.deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: uptime-kuma namespace: uptime-kuma spec: selector: matchLabels: app: uptime-kuma replicas: 1 strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 1 template: metadata: labels: app: uptime-kuma spec: containers: - name: uptime-kuma image: louislam/uptime-kuma:1.23.11 imagePullPolicy: IfNotPresent ports: - containerPort: 3001 name: web-ui resources: limits: cpu: 200m memory: 512Mi requests: cpu: 50m memory: 128Mi livenessProbe: tcpSocket: port: web-ui initialDelaySeconds: 60 periodSeconds: 10 readinessProbe: httpGet: scheme: HTTP path: / port: web-ui initialDelaySeconds: 30 periodSeconds: 10 volumeMounts: - name: data mountPath: /app/data volumes: - name: data persistentVolumeClaim: claimName: uptime-kuma-pvc (Optional) I want to use SSL when accessing the web UI of Uptime Kuma, therefore I need to create a new TLS secret. $ cat 5.tls-secret.yaml apiVersion: v1 data: tls.crt: VERY-LONG-BASE-64-ENCODED-STRING tls.key: ANOTHER-LONG-BASE-64-ENCODED-STRING kind: Secret metadata: name: wildcard-tls-secret namespace: uptime-kuma type: kubernetes.io/tls The last file 6.ingress.yaml contains the manifest for ingress-nginx which allows me to access the Uptime Kuma at https://uptime.home-lab-internal-domain.com: $ cat 6.ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: uptime-kuma-ingress namespace: uptime-kuma spec: ingressClassName: nginx tls: - hosts: - uptime.home-lab-internal-domain.com secretName: wildcard-tls-secret rules: - host: uptime.home-lab-internal-domain.com http: paths: - path: / pathType: Prefix backend: service: name: uptime-kuma-svc port: number: 3001 References: ...

This is a quick note to remind me on how to attach or associate an instance profile (IAM role) to an EC2 instance using AWS CLI. There is a bonus section at the end to show how to replace one IAM role with another one directly. In this example, I already have a running EC2 instance i-0357ecc1111111111 running. I want to attach a new instance profile called SSMInstanceProfile to this instance. But as we all know, only one instance profile can be associated with an EC2 instance at one time. So, let’s check to see if our instance already has one attached: ...

We all know that the content of SSL CRT and KEY is a long string of characters broken by new line characters. If we want to use those SSL .crt and .key files with Kubernetes as a TLS secret, they required to be encoded as base64 and be in one-line. How to do this? Well, there are at least two ways. The first one is my favorite: $ base64 -w0 drone.example.com.crt LS0tLS1CRUdJTiBDRVJUSUXXX0FURS0tLS0tCk11SOQrekNDQXVPZ0F3SUJBZ0lVZW5BejFjb0ptakd4Q1dGVHRhOWVzeUM2WHZRd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZUXhDekFKQmdOVkJBWVRBa0ZWTVJnd0ZnWURWUVFJREE5T1pYY2dVMjkxZEdnZ1YyRnNaWE14RHpBTgpCZ05WQkFjTUJsTjVaRzVsZVRFUk1BOEdBMVVFQ2d3SVUyRnV0eUJKYm1NeEV6QVJCZ05WQkFNTUNsTmhibmtnClUyVjJaVzR4SWpBZ0Jna3Foa2lHOXcwQkNRRVdFMjV2Y21Wd2JIbEFjMkZ1TjJsdVl5NWpiMjB3SGhjTk1qTXcKTmpFNE1ETTFOVFV4V2hjTk1qVXdPVEl3TURNMU5UVXhXakNCalRFTE1Ba0dBMVVFQmhNQ1FWVXhHREFXQmdOVgpCQWdNRDA1bGR5QlRiM1Yw ... w0 : disable line wrapping Another way is to use the good old tr command: ...