Posts

This is a short note on how to install metrics-server using Helm on my k8s cluster. $ kubectl version Client Version: v1.29.3 Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.29.3 $ helm version --short v3.14.4+g81c902a Before we can install the chart, we will need to add the metrics-server repo to Helm. $ helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/ Update the repo: $ helm repo update Hang tight while we grab the latest from your chart repositories... ...Successfully got an update from the "metrics-server" chart repository Update Complete. ⎈Happy Helming!⎈ I also need to make a small customization to the chart’s default value since my k8s cluster uses self-signed certificates. ...

To connect to a Redis server with Python, one can use python3-redis module. First verify that python3-redis module is installed. I’m showing the package name in Fedora 39, if you use a different distro, then check for the relevant package name. $ rpm -q python3-redis python3-redis-4.3.3-1.el9.noarch Here is the sample code to connect to a non-cluster Redis server: import redis # Connect to Redis r = redis.Redis(host='10.97.147.175', port=6379) # Set a key-value pair r.set('my_key', 'Hello, Redis!') # Get the value of the key value = r.get('my_key') print(value.decode('utf-8')) If you want to connect to a Redis cluster (that has both master and replicas), use this version instead: ...

Assuming that you use brew on your macOS, converting a ppk file to pem file is relatively easy. Install putty on your mac ➜ brew install putty Generate the key ➜ puttygen existing_key.ppk -O private-openssh -o new_key.pem Here are the options used in above command: -O private-openssh : save the output as a SSH-2 private key -o new_key.pem : save the output to new_key.pem Full credit go to this blog post [1], where I had learned to convert a PPK to PEM file. ...

I’ve been running Uptime Kuma on a podman-container for a long time with no problem. Recently, though, I’ve been running a mini Kubernetes cluster at home, and decided to move this conatainer to the same cluster. The following is to document how I deploy Uptime Kuma on a Kubernetes cluster. As I’m new to Kubernetes world, I broke down the tasks I need to do in 6 pieces: $ ls -1 1.namespace.yaml 2.service.yaml 3.pvc.yaml 4.deployment.yaml 5.tls-secret.yaml 6.ingress.yaml The first step is to create a new namespace for this application or deployment. It’ll be called ‘uptime-kuma’. $ cat 1.namespace.yaml kind: Namespace apiVersion: v1 metadata: name: uptime-kuma $ kubectl apply -f ./1.namespace.yaml Create a new service, which will listen on port 3001. $ cat 2.service.yaml apiVersion: v1 kind: Service metadata: name: uptime-kuma-svc namespace: uptime-kuma spec: selector: app: uptime-kuma ports: - name: uptime-kuma port: 3001 targetPort: 3001 protocol: TCP Next is to create a persistent volume claim for Uptime Kuma’s app data. Based on the current usage on my existing podman-container, 512 MiB is plenty. In my cluster, I use Longhorn as the persistent block storage. $ cat 3.pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: uptime-kuma-pvc namespace: uptime-kuma spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 512Mi Here is the deployment file. $ cat 4.deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: uptime-kuma namespace: uptime-kuma spec: selector: matchLabels: app: uptime-kuma replicas: 1 strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 1 template: metadata: labels: app: uptime-kuma spec: containers: - name: uptime-kuma image: louislam/uptime-kuma:1.23.11 imagePullPolicy: IfNotPresent ports: - containerPort: 3001 name: web-ui resources: limits: cpu: 200m memory: 512Mi requests: cpu: 50m memory: 128Mi livenessProbe: tcpSocket: port: web-ui initialDelaySeconds: 60 periodSeconds: 10 readinessProbe: httpGet: scheme: HTTP path: / port: web-ui initialDelaySeconds: 30 periodSeconds: 10 volumeMounts: - name: data mountPath: /app/data volumes: - name: data persistentVolumeClaim: claimName: uptime-kuma-pvc (Optional) I want to use SSL when accessing the web UI of Uptime Kuma, therefore I need to create a new TLS secret. $ cat 5.tls-secret.yaml apiVersion: v1 data: tls.crt: VERY-LONG-BASE-64-ENCODED-STRING tls.key: ANOTHER-LONG-BASE-64-ENCODED-STRING kind: Secret metadata: name: wildcard-tls-secret namespace: uptime-kuma type: kubernetes.io/tls The last file 6.ingress.yaml contains the manifest for ingress-nginx which allows me to access the Uptime Kuma at https://uptime.home-lab-internal-domain.com: $ cat 6.ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: uptime-kuma-ingress namespace: uptime-kuma spec: ingressClassName: nginx tls: - hosts: - uptime.home-lab-internal-domain.com secretName: wildcard-tls-secret rules: - host: uptime.home-lab-internal-domain.com http: paths: - path: / pathType: Prefix backend: service: name: uptime-kuma-svc port: number: 3001 References: ...

This is a quick note to remind me on how to attach or associate an instance profile (IAM role) to an EC2 instance using AWS CLI. There is a bonus section at the end to show how to replace one IAM role with another one directly. In this example, I already have a running EC2 instance i-0357ecc1111111111 running. I want to attach a new instance profile called SSMInstanceProfile to this instance. But as we all know, only one instance profile can be associated with an EC2 instance at one time. So, let’s check to see if our instance already has one attached: ...