Tracking Kubernetes resource origin with kustomize
kustomize is a configuration management tool, which allows you to manage Kubernetes resources in a template-free way.
A place about Open Source Software, Operating Systems and some random thoughts
kustomize is a configuration management tool, which allows you to manage Kubernetes resources in a template-free way.
Anyone who has done any kind of programming at some point comes across
GNU Make and Makefile
.
Recently I was looking for a way to implement a Kubernetes controller which is triggered on regular basis, e.g. it reconciles whatever objects it is concerned about every Nth seconds.
For the last ~ 11 years of my professional life I have been with the VMware family.
Version v0.4.0
of clingon is
ready and tagged.
In this post we will see how to configure and use GnuPG keys for authentication against remote OpenSSH servers.
After some time it becomes tedious to bootstrap a new project, and for that reason I’ve decided to create my personal project template for Common Lisp.
I’ve been looking recently for a Common Lisp system, which would allow me to expose a service I am developing over a REST API and honestly the options available right now in the Common Lisp ecosystem may be a bit overwhelming at first.
I’ve been checking out some old code of mine, which I’ve written years ago. Some of it dates back almost 20 years ago, and contains my first ever programming projects, which consist of some games written in C using the Allegro library, a program for locking binaries by doing a simple xor, and some implementations of various algorithms I’ve read about back then.
A new version of go-vcr has been released today.
A new version of cl-migratum has been released.
A new version of clingon has been released.
Back in the 90s IBM and Intel got together and came up with a technology that is able to power on remote systems on the network by sending a special packet known as the magic packet.
In a previous post I’ve introduced a new Common Lisp system for parsing command-line options named clingon.
Not long ago I’ve decided I would spend more time with Common Lisp. This is how my journey in the world of Common Lisp started.
If you are running SLIME with SBCL on macOS you may notice that the REPL output seems to experience a bit of delay when compared to other implementations like Clozure CL or ECL for example.
I’ve always been fascinated by old retro computers, even though I didn’t have one, so it is hard for me to explain why I feel such a connection with these old machines.
RSASSA-PKCS1-v1_5 signature scheme with Appendix is defined as part of RFC 8017.
This is a follow up of my previous post about parsing and generating OpenSSH keys in Common Lisp.
Native support for bcrypt password hashes was somewhat missing in the Common Lisp ecosystem, unless you count the various CFFI wrappers.
Support for ECDSA private and public keys in ironclad has been implemented.
In previous posts I’ve discussed how you can decode and encode data in RFC 4251 binary format using Common Lisp.
Public key fingerprint represents the identity of a public key, which you get after applying a hashing function to the binary blob that makes up a public key.
I have been messing around recently with the binary format used for OpenSSH private keys, and got a bit confused about the format when I had to decode the various parts of it.
In a previous post I’ve discussed how to decode RFC 4251 binary data in Common Lisp. In this one we are going to see how to encode data in RFC 4251 compliant format.
RFC 4251 describes the Secure Shell (SSH) Protocol Architecture, which also contains a section of the various Data Type Representations Used in the SSH Protocols.
This is a follow up of a recent post about exploring COVID-19 data with Common Lisp.
Considering the current COVID-19 pandemic and the lockdown period in my country, which lasted for a few months, I’ve been thinking about spending some time exploring the data about the virus spread.
Today I’ve got my copy of Programming Algorithms, which is a book about algorithms and data structures using Lisp.
Continuing my Lisp journey over the past few months I went ahead and started another side project, so I could spend more time with Common Lisp.
In this post we will see how to install and configure a Kubernetes cluster on Arch Linux nodes.
Python provides a useful function for enumerating a sequence of
numbers in the form of the range
function.
If you are looking for range
function in Common Lisp you would find
lots of various implementations.
Emacs provides a mechanism for advising functions, which is useful in situations when you need to override the original function with your own one, transform the arguments before passing them down to the advised function, execute some code before, or after the function being advised is called, etc.
Common Lisp provides a variety of data structures for mapping key/value pairs.
In my spare time (whenever I get to have some these days) I like to poke around in the world of Lisp.
The vSAN Management SDK for Python is distributed as a Zip archive available at code.vmware.com. The latest version as of writing this document is 6.7.0 and can be found here.
In Clojure when you need to work with maps you get the option to choose from a number of builtin core functions such as get, assoc, dissoc, merge, select-keys, zipmap, keys, vals and many others.
For the past couple of months or so I’ve been programming in Clojure and I really enjoy it.
One of the API services that I have developed recently for internal project returns a flat sequence of items, where each item in the sequence may or may not be related to other items with a parent-child relationship.
As mentioned in a previous blog post one of the past projects I’ve been involved in was an internal CMDB system and the development of collection of Cisco UCS Configuration Items (CIs) such as Fabric Interconnects, Chassis and Blade servers.
One of the recent projects that I’m working on is an internal CMDB system.
Recently I had a need to parse some OpenSSH certificate keys, and since it’s been a while since I’ve written anything in Rust I thought I’d dive into the language again and create a library for parsing OpenSSH certificates in it.
When Nintendo first announced the NES Classic Edition I was sure I would get one of these consoles.
Amongst the various improvements and fixes in Gru orchestration framework one of the highlights of version 0.5.0 of the project is the added support for managing VMware vSphere environments.
Latest version of Gru orchestration framework ships with a new feature called triggers.
Traditional configuration management systems perform operations on the target systems they manage after doing topological sorting of the operations that need to be performed.
One of the projects I work on during my spare time these days is Gru, which is an orchestration and configuration management framework written in Go and Lua.
The membership test operators in Python make things easy when we need to test whether a given item is contained within a given container or mapping object instance.
Gopher Lua is a Lua 5.1 VM and compiler written in Go.
For the past few months I’ve continued working on my first Go project and overall I am very pleased with how the project evolved as a whole.
I’ve been continuing to improve Gru over the past days and one thing I thought would be nice to have is a way to express commands in Gru in a declarative way. That way I would not have to bother about the underlying details about a minion and have an easy way to express things, e.g. install packages, manage services, deploy configurations, etc.
During the last few months or so I’ve been playing with Go in my spare time in order to get myself familiar with the language and build some experience with it.
go-vcr is a Go package which allows you to record and replay your HTTP interactions, in order to provide fast, deterministic and accurate testing of your code.
Go is a language well known for it’s concurrency primitives.
Testing is an important part of software development, which gives information about the quality of a product. It is that process by which we ensure that the product we deliver meets the expectations and requirements by testing and verifying its functionality, performance and reliability.
So, I’ve finally received my copy of The Go Programming Language by Alan A. A. Donovan and Brian W. Kernighan!
Pulp is a platform for managing repositories of content, such as software packages, and pushing that content out to large numbers of consumers.
Since Zabbix release 2.2.0, users and developers of Zabbix can now extend Zabbix monitoring features by using loadable modules.
ZeroMQ is a lightweight messaging library which makes it fairly easy for developers to design and implement distributed systems.
A few days ago I’ve received my copy of the Zabbix Cookbook by Patrik Uytterhoeven.
Security Account Manager (SAM) in Windows is used to store users’ passwords and can be used to authenticate local users on your Windows systems.
traceroute(8)
is one of these tools that sysadmins often use
when a networking issue arises and needs troubleshooting.
A process holding an open handle to a file and eventually removing that file while the process still runs often results in a stale file handle.
Network Connect has been replaced by Junos Pulse for some time already, but GNU/Linux users were left in the dark, since there is currently no official package provided by Juniper for Junos Pulse on GNU/Linux.
Connecting to a Juniper VPN from a GNU/Linux system using Network Connect could be a bit tricky, so here are instructions on how to properly configure your GNU/Linux system for establishing connection to a Juniper VPN using Network Connect.
PVC is an interactive text-mode VMware vSphere Client with a dialog(1) interface for GNU/Linux systems built on top of the pyVmomi VMware vSphere API Python bindings.
With Python 2.7.9 release the default HTTPS behaviour has changed, which is now to always verify the remote HTTPS certificate to which you are initiating a connection.
Another day, another Python project: vEvents - an application that allows you to view and monitor VMware vSphere Events from the command-line.
In this post we will see how we can export data from a VMware vSphere environment from the command-line and then plot some nice graphs of it, because everybody loves graphs, right? :)
I’ve been a Zabbix user for quite some time already, but one thing that Zabbix lacked for a long time is the ability to monitor VMware vSphere environment.
In a previous post we have seen how we can use Zabbix with vPoller working together in order to perform monitoring of our VMware vSphere environment.
Some time ago I’ve been testing the security of groklearning.com - a platform for online education using Python.
In this post we will see how we can use the Python vSphere API bindings in order to login to a VMware Virtual Machine and run some commands.
The v0.2.0 release of vPoller comes with a lot of new features, bug fixes and lots of new methods for discovery and collecting of vSphere Object properties!
As a sysadmin I often have the need to get information about an environment quickly and efficiently. I am sure that most of the fellow sysadmins out there also automate their daily tasks in some form of scripts and tools, which make their life easier.
Some time ago, I’ve started a project with educational purposes
called the UNIX/Linux Wargames
.
I’ve been an owner of an Arduino board for some time already, but until very recently I didn’t really find some time to play with it.
groklearning.com provides a platform for online education where one can learn how to program in Python.
Another project I’ve been playing with recently is the
Asynchronous Service Manager
.
Infoblox develops some really nice products for automating and managing your network infrastructure services such as DNS, DHCP, IP Address Management (IPAM) and others.
I’ve been a Zabbix user for quite some time already, but one thing that I always wanted and which Zabbix lacks as a feature so far is the ability to import AD/LDAP users and groups.
The VMware vSphere Distributed Pollers, a.k.a vPoller has reached version 0.1.1.
vPoller is a distributed system written in Python for discoverying and polling of vSphere Objects properties.
Recently I had the need of an Apache module, which would allow me to browse Zip archives on a remote server, without having the need to download first the whole Zip archive.
For the past few weeks I’ve been working on a Python project and since then I really enjoy using Python everyday.
It is time again to add a few more metrics to be monitored on my FreeBSD systems and I thought I’d add monitoring of the CPU temperature this time.
This post is about Python and FreeBSD Jails.
Yesterday, while browsing on the Net, I’ve stumbled upon the website of edX - The Future of Online Education.
In the first post about monitoring FreeBSD pkgng in Zabbix, Part I, we’ve seen how to get some nice graphs of the disk space usage and number of packages installed on our systems.
In this post I’m going to show you how to do monitoring of your FreeBSD pkgng-ready system in Zabbix.
In this post we’ll see how we can setup Zabbix in order to monitor our ZFS pools.
In a previous post we’ve seen how to resize a KVM disk image on LVM, which was explained in the Resizing a KVM disk image on LVM, The Hard Way post.
Continuing our CFEngine saga in this post I’m going to show you how to do basic monitoring of the CFEngine’s services in Zabbix.
Knowing that your CFEngine agents are complying to the promises is nice to have in your monitoring system, if not even required.
In this post we’ll see how to find and remove locked files on a NetApp filer.
Sometimes when working with OpenVPN it is nice to have a way to tell the OpenVPN server that you’d like to get the same IP address each time you connect to it, or in other words you’d like to get a static IP address instead a dynamic one from the IP pool.
Some time ago in a previous handbook I’ve posted about how to install and configure OpenVPN on FreeBSD.
This post is a follow-up of installing OpenVPN on Debian GNU/Linux post and provides information on setting up your firewall rules with iptables(8) for OpenVPN.
Kernel Samepage Merging is a cool feature of the Linux kernel, which you would really want to have if you are running a virtualized environment, but you would also benefit from it on a regular system as well.
In this post I’m going to show you how to resize your KVM Virtual Machine guest disk images.
In this blog post I’ll share with you how to setup the networking part of your virtualization solution using KVM.
Login to the system you want to install MySQL and install the mysql-server package.
Recently I keep playing with KVM and testing things out, and today I started noticing strange networking issues with the communication between the VM guest domains after migration to a brand new Debian Wheezy B2 hypervisor.
In this short blog I’ll show you how to migrate a KVM guest machine from host to another by using virsh(1).
Following up the CFEngine series of OpenStack for Debian and Ubuntu here’s another one, but this time for Proxmox VE and Debian.
As promised in previous post it is time to post the Cfengine configuration of OpenStack for Debian Wheezy!
Probably this is something that most people working with Proxmox VE have stumbled upon.
These are just some notes I was keeping around for installing a KVM machine that can be used as a template for creating new KVM instances.
If you’ve seen the blog post about creating a template for KVM virtual machines then you probably were wondering how to actually clone an already existing template system.
In a previous post I’ve blogged about the OpenStack Folsom installation under Ubuntu 12.04 Server system.
If you are a Star Wars fan and also like ASCII art, then you would really enjoy this one.
Had to install OpenStack recently for our internal cloud management solution and just wanted to share with you my experience.
Sometimes when a Blade’s MM goes down and you cannot access the web interface of the MM your last resort is the SSH and/or Telnet interface.
CFEngine 2 does not provide a native class to determine a VMware machine, thus if you want to put VMware machines under CFEngine 2 control you have no native way of recognizing these machines by CFEngine 2.
CFEngine 2 does not provide interfaces for direct manipulation of users and groups on a UNIX/Linux system, but it provides the primitives we need in order to create our own.
Another nice feature of CFEngine is that you are able to do process accounting as well.
In this handbook we we will see how to install and do the initial configuration of Gerrit - a code review and project management system for Git based project.
Soon after the 1.0 release announcement of pkgng, the development branch of pkgng got support for plugins.
In a previous handbook about Jenkins we have shown you how to install and configure Jenkins and how to set up a Jenkins job for building a software project.
In this handbook we will see how we can use Jenkins and the Clang static analyzer scan-build for analyzing our project’s code.
In a previous handbook about Jenkins we have shown you how to install and configure Jenkins and how to set up a Jenkins job for building a software project.
In this post we will see how to install and configure Jenkins CI on FreeBSD.
In a previous handbook about CFEngine 3 on FreeBSD we have seen how to install, configure and do configuration management of our FreBSD systems using CFEngine 3.
In this handbook we will see how to install and configure a Postfix server which relays through Gmail.
In the following handbook we will show you how to install and configure Squid acting as a transparent proxy server and DansGuardian for content filtering on a FreeBSD system.
Tinderbox is a package building system system, which we will be using in order to build our packages and then install them to our FreeBSD hosts and jails.
If you’ve followed the handbook by this step, that means that now you have a basic CFEngine 3 policy server and clients already installed and configured.
Now that we have our CFEngine policy servers configured properly and running, the next thing we are going to do is to configure the clients (agents), that will be controlled via CFEngine.
The work directory of CFEngine consists of a number of other directories and files:
Administrating a couple hundreds of systems might easily become a tedious tasks, even for the very experienced system administrators.
In this handbook we will have a look at OpenVPN - a full-featured open-source SSL VPN solution and see how to install and configure it under FreeBSD.
In this handbook we will have a look at Cacti - The complete RRDTool based graphing solution.
In this post we will see how you can find and remove locked files on a GNU/Linux system.
Sometimes when connecting to a Windows(R) machine you might see an error messsage saying that the maximum number of remote connections has exceeded.
In this document we will see how to install and configure
Mpd5
- a netgraph(4)
based impelementation of the multi-link
PPP protocol for FreeBSD.
In this handbook we will see how to install and configure the Very Secure FTP Daemon - vsftpd
In this article we will see how you can configure Apache to as a reverse proxy server.
MySQL is an RDBMS database that is freely distributed under the terms of the GPL license.
In this handbook we will see how you can create a software RAID-1 with GPT on a FreeBSD host.
The Apache web server is a free open-source HTTP server, that powers most of the web servers accross the Internet.