Everyone is welcome, everyone can contribute, everyone is unique and these are your strengths too!

20. #everyonecancontribute cafe: Securing Kubernetes with Kyverno

Highlights We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series: cafe: Provisioned the server and agent VMs with Terraform and Ansible in the first session with Max. cafe: Deployed k3s as Kubernetes distribution with Max. cafe: Learned about pods and the Hetzner load balancer with Max. cafe: Ingress controller for load balancer cost savings with Max. Read More…


Date published: March 10, 2021

19. cafe: Break into Kubernetes Security

Highlights We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series: cafe: Provisioned the server and agent VMs with Terraform and Ansible in the first session with Max. cafe: Deployed k3s as Kubernetes distribution with Max. cafe: Learned about pods and the Hetzner load balancer with Max. cafe: Ingress controller for load balancer cost savings with Max. Read More…


Date published: March 3, 2021

18. Cafe: Kubernetes authentication and authorization with user management and RBAC

Highlights We are learning how to deploy Kubernetes into Hetzner cloud in this series: Provisioned the server and agent VMs with Terraform and Ansible in the first session Deployed k3s last week Learned about pods and the Hetzner load balancer Ingress controller for load balancer cost savings We’ll take a break from deploying a Kubernetes cluster this week, and get to know Kubernetes user authentication and authorization from Niclas Mietz. Read More…


Date published: February 24, 2021

17. Cafe: Kubernetes deployments to Hetzner Cloud, step 4: Ingress controller for load balancer cost savings

Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you! This session covers the fourth step, after having provisioned the server and agent VMs with Terraform and Ansible in the first session, deployed k3s last week and learned about pods and the Hetzner load balancer. This week we’ll use a single load balancer for multiple websites to save costs - with an Ingress Controller. Read More…


Date published: February 17, 2021

16. Cafe: Kubernetes deployments to Hetzner Cloud, step 3: k3s load balancer & pod resources

Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you! This session covers the third step, after having provisioned the server and agent VMs with Terraform and Ansible in the first session and deployed k3s last week: Fix the cluster IPs with deploying the config with Ansible Inspect pod resources on error Learn about taint and tolerate error patterns Use Hetzner resources to manage the load balancer Encrypted secrets: at rest or HashiCorp Vault Pods as group of containers, in a Deployment or ReplicaSet (which maintains a stable set of running pods) Deployments are the recommended way to manage Pods as they are a higher-level concept that manages ReplicaSets and provides declarative updates to Pods along with a lot of other useful features like rollout history and rollbacks. Read More…


Date published: February 10, 2021

15. Cafe: Kubernetes deployments to Hetzner Cloud, step 2: k3s with Ansible

Highlights Max Rosin kindly prepared a series of workshops to learn how to deploy Kubernetes in Hetzner Cloud. Hetzner generously sponsored cloud minutes for our sessions, thank you! This session covers the second step, after having provisioned the server and agent VMs with Terraform and Ansible last week: Install wireguard to use with Flannel and encrypt the network traffic Install the k3s binary and deploy a systemd unit using Ansible Jinja templates k3s agent setups requires an auth token on the master. Read More…


Date published: February 3, 2021