A Step-by-Step Guide to Setting Up an Azure Container Registry and Managing Access
Introduction In the modern era of containerized applications and microservices, efficient management of container images becomes paramount for enterprises. Azure Container Registry (ACR) offers a robust solution, allowing organizations to securely store, manage, and deploy container images. In this comprehensive guide, we’ll walk you through setting up an end-to-end ACR infrastructure tailored for enterprise needs. In this post I want to cover end to end secure Public ACR architecure with scope base access....
AWS S3 Event Notification
In this post I will show how to work with S3 event notification to send an email. What we plan to do is here that when we upload or modify a file in a specific folder in the S3 bucket, then we generate a notification; send an email. Resources we are creating S3 Bucket SNS Topic SNS Topic Policy Important! When working with SNS topic, SNS Topic Policy is vital. Because without the SNS Topic Policy you won’t be able to trigger the SNS Topic....
Kubernetes Demo App using GKE
Today, I am going to show a demo app which shows you the running containers of your GKE cluster. There was a time that we need to demonstrate Kubernetes to several parties, and we find it difficult to show them graphically when we do scale up and scale down. There is cool Hexboard app which demonstrate during a Redhat Openshift demo, but it was keep crashing when I do a refresh....
Production grade GKE cluster
In this post, I am planning to discuss what are the things that we want to decide when creating a GKE cluster for your production environment. There are several flavours of settings you can select when creating a GKE cluster. I came across these settings with the help of my friend Chanux, and you can visit his blog for more awesome stuff. Cluster Types There are two major types of GKE clusters; Regional GKE cluster and Zonal GKE clusters....
High Available Web Server with Terraform in AWS
Everyone is talking about high available systems. Today we are going to build high available design in Amazon Web Services. To provision resources I am going to use Terraform. I hope you have prior experience working with Terraform. In this example I am not going to talk about database layer, I am planning to extend this post with db layer in future. First, we’ll look at what are the resources we are going to provision during this example....
Running GKE cluster under 10$/Month: Part 3 Access App
In my previous post we discussed about deploying a app to the created GKE cluster. Now we will focus how we can access this app using a cost effective method. Typically to access a application deployed in GKE you can use HTTP LoadBalancers, but Google LoadBalancers are pretty expensive. As solution we are deploying a nginx pod to every node (as a Daemonset) with a config map which will contain nginx configs....
Running GKE cluster under 10$/Month: Part 2
In my previous post we discussed about creating a GKE cluster to deploy your apps. In this post I am planning to walk you through how to deploy apps to your GKE cluster, and we will automate the entire process. Architecture My app is a simple index.html which prints “Hello World”. I am building this app using nginx docker images and I am using Google Cloud Build to build the image and push it to the container registry....
Running GKE cluster under 10$/Month: Part 1
I have couple of applications that I need to run on public. At the beginning I was running them in docker containers using a GCE instance. The problem I was facing is to update the code and push the changes into my live site. The ideal option to manage docker containers is to deploy them using Kubernetes. When using Kubernetes you can easily deploy and update your changes to production environment....
Vault with Terraform
In this post we are going to look at how we can use terraform to create and update your vault configurations. I am using GCP for my resources. Setup remote backend end. In this step we are creating a service account which has storage.admin permission for the bucket where you store your terraform. Following is granting permission via terraform. If you don’t have terraform configure with GCP, you can create the SA manually and grant the storage....
Monitoring kube-dns pods in GKE
Problem! I have deployed GKE cluster and run our workloads in there. As a monitoring stack I deployed Prometheus and Grafana using stable helm charts. Problem here is, how we can monitor these kube-dns pods? I can get cpu and memory usage of these kube-dns pods, but other metrics like skydns_skydns_dns_error_count_total etc won’t scrape by prometheus, by default. The reason for this is those metrics endpoint are not exposed yet....