18. Cafe: Kubernetes authentication and authorization with user management and RBAC
Highlights We are learning how to deploy Kubernetes into Hetzner cloud in this series:
Provisioned the server and agent VMs with Terraform and Ansible in the first session Deployed k3s last week Learned about pods and the Hetzner load balancer Ingress controller for load balancer cost savings We’ll take a break from deploying a Kubernetes cluster this week, and get to know Kubernetes user authentication and authorization from Niclas Mietz.
Read More…
Written by: Michael Friedrich
17. Cafe: Kubernetes deployments to Hetzner Cloud, step 4: Ingress controller for load balancer cost savings
Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you!
This session covers the fourth step, after having provisioned the server and agent VMs with Terraform and Ansible in the first session, deployed k3s last week and learned about pods and the Hetzner load balancer.
This week we’ll use a single load balancer for multiple websites to save costs - with an Ingress Controller.
Read More…
Written by: Michael Friedrich
16. Cafe: Kubernetes deployments to Hetzner Cloud, step 3: k3s load balancer & pod resources
Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you!
This session covers the third step, after having provisioned the server and agent VMs with Terraform and Ansible in the first session and deployed k3s last week:
Fix the cluster IPs with deploying the config with Ansible Inspect pod resources on error Learn about taint and tolerate error patterns Use Hetzner resources to manage the load balancer Encrypted secrets: at rest or HashiCorp Vault Pods as group of containers, in a Deployment or ReplicaSet (which maintains a stable set of running pods) Deployments are the recommended way to manage Pods as they are a higher-level concept that manages ReplicaSets and provides declarative updates to Pods along with a lot of other useful features like rollout history and rollbacks.
Read More…
Written by: Michael Friedrich
15. Cafe: Kubernetes deployments to Hetzner Cloud, step 2: k3s with Ansible
Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you!
This session covers the second step, after having provisioned the server and agent VMs with Terraform and Ansible last week:
Install wireguard to use with Flannel and encrypt the network traffic Install the k3s binary and deploy a systemd unit using Ansible Jinja templates k3s agent setups requires an auth token on the master.
Read More…
Written by: Michael Friedrich
14. Cafe: Kubernetes deployments to Hetzner Cloud, step 1: Terraform & Ansible
Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you!
This session covers the first steps with Terraform and Ansible, next week, Kubernetes will be deployed on top.
Max’s demo repository with Terraform code and Ansible code GitLab Direction for Infrastructure as Code GitLab features:
Protected Terraform states (developer access) Terraform MR widget integration, next steps 5 minute production app with Terraform in the background Terraform Registry Move Kubernetes cluster creation into Terraform Recording Enjoy the session!
Read More…
Written by: Michael Friedrich
13. Cafe: Auto-scaling GitLab runners in Hetzner Cloud
Highlights When Patricia tweeted on a Monday about compiling Chromium and asked for self-hosting and cloud environments, we quickly jumped into trying it out on Wednesday with GitLab and auto-scaling the Runners in Hetzner Cloud. Niclas Mietz on the keyboard, Max Rosin stepping through his great blog post.
Documentation Blog post from Max Rosin CI autoscaling research docker-machine direction in GitLab Hetzner Cloud curated lists Workaround for Docker problem.
Read More…
Written by: Michael Friedrich
29. Kaeffchen: Newsletters, HashiCorp CDK for Terraform, Service Meshes
Highlights We’ve looked into Hashicorp’s CDK for Terraform announcement, newsletters to follow and service meshes.
Recording Enjoy the session!
Written by: Michael Friedrich
12. Cafe: GitLab CI/CD & C++ ABI checks
Highlights We started from this tweet asking about C++ ABI compatibility support in GitLab MRs. The discussion included some theoretical algorithm with a caching state machine inside the CI/CD pipeline. Michael Aigner prepared the C++ project and we implemented the solution together in the session.
Dynamic CI/CD pipeline generation was also touched, and the for loop to generate parent/child pipelines in GitLab CI/CD.
Recording Enjoy the session! 🦊
Written by: Michael Friedrich
11. Cafe: 5 min prod app with Vue & GitLab CI template insights
Highlights Michael provided development insights into the 5 min production app and the live demo with VueJS he was working on at AWS re:invent (Tweet thread).
We’ve also discussed CI/CD templates with GitLab and found valuable resources:
Includes Built-in templates Blog: 3 YAML tips for better pipelines Security Webcast CI configuration Test includes with the same job name Anchors and extends example Recording Enjoy the session! 🦊
Written by: Michael Friedrich