Unveiling the Simplicity of Cluster Mesh for Kubernetes Deployments

Federico Sismondi, April 16, 2024 01:30 PM | Source: Camptocamp Blog

Unveiling the Simplicity of Cluster Mesh for Kubernetes Deployments

During Kubecon EU 2024, among a crowd of tech enthusiasts and Kubernetes aficionados, Liz Rice the Queen bee, demo’ed multi-cluster networking. This is Cluster Mesh 101 with Cilium.

Here are a few paragraphs summarizing the experience.

Overview

Cluster Mesh extends the networking plane across multiple clusters. It enables connection among endpoints of connected clusters. Two noticeable features are:
i) Network Policy Enforcement as implemented by Cilium prevails even under this network setup
ii) Services can load balance requests among clusters just by using annotations

Networking Adventures Begin

To the surprise of ...

[ Read More ]

Lab Infra Rebuild Part 4

Anonymous, April 11, 2024 09:00 AM | Source: R.I.Pienaar - www.devco.net

This is an ongoing post about rebuilding my lab infrastructure, see the initial post here.

Today I’ll talk about my physical office and office hardware.

Office Space

When my son started going to school I did not look forward to all the driving so figured a office near his school would be good, I’d spend the days there and come home after pick up. I rented a nice place in a town called Mosta, it was nice and had ample storage and would have made a really great maker space as it had about 4 car garages worth ...

[ Read More ]

Beyond the Buzz: Embracing the Magic of eBPF in Kubernetes

Julien Acroute, April 10, 2024 02:02 PM | Source: Camptocamp Blog

Beyond the Buzz: Embracing the Magic of eBPF in Kubernetes

In a time where the buzz around Artificial Intelligence (AI) seems to overshadow everything else, this year's KubeCon Europe offered a refreshing perspective. While AI continues to be a hot topic, some in the Kubernetes community are starting to feel a bit tired of it. With all the hype and uncertainty surrounding AI, another hero has emerged: eBPF (Extended Berkeley Packet Filter).

AI: A Distant Shining Horizon

AI has certainly added some excitement to discussions about cloud-native technologies, from automating cluster troubleshooting to hosting AI on Kubernetes. But not everyone ...

[ Read More ]

Lab Infra Rebuild Part 3

Anonymous, April 07, 2024 08:00 AM | Source: R.I.Pienaar - www.devco.net

This is an ongoing post about rebuilding my lab infrastructure, see the initial post here.

Today I’ll talk a bit about Configuration Management having previously mentioned I am ditching Kubernetes.

Server Management

The general state of server management is pretty sad, you have Ansible or Puppet and a long tail of things that just can’t work or are under terrible corporate control that you just can’t touch them.

I am, as most people are aware, a very long term Puppet user since almost day 1 and have contributed significant features like Hiera and the design of Data in ...

[ Read More ]

Lab Infra Rebuild Part 2

Anonymous, March 21, 2024 08:00 AM | Source: R.I.Pienaar - www.devco.net

Previously I blogged about rebuilding my personal infra, focussing on what I had before.

Today we’ll start into what I used to replace the old stuff. It’s difficult to know where to start but I think a bit about VM and Container management is as good as any.

Kubernetes

My previous build used a 3 node Kubernetes Cluster hosted at Digital Ocean. It hosted:

• Public facing websites like this blog (WordPress in the past), Wiki, A few static sites etc
• Monitoring: Prometheus, Grafana, Graphite
• A bridge from The Things Network for my LoRaWAN devices
• 3 x redundant Choria Brokers and ...

[ Read More ]

Cranky community members

Anonymous, March 21, 2024 12:00 AM | Source: binford2k.com

You know the kind. There’s that one person who always has all the opinions. Sometimes there are many of them. But they’re critical about that thing you built, or the workflow you designed, or that issue that you haven’t responded to since they filed it last year. Especially if you hear it long enough, this criticism can cut deeply.

Technical Open Source community members always have something to complain about. Maybe they don’t feel like their work is appreciated. Maybe bugs or pull requests aren’t addressed in a timely manner. Maybe they have opinions about your product’s functionality. Maybe your ...

[ Read More ]

Lab Infra Rebuild Part 1

Anonymous, March 20, 2024 08:00 AM | Source: R.I.Pienaar - www.devco.net

I’ve been posting on socials a bit about rebuilding my lab and some opinions I had on tools, approaches and more. Some people have asked for a way to keep up with my efforts, so I figured it might be time to post here for the first time since 2018!

In this post I’ll focus on what came before, a bit of a recap of my previous setup. Additionally, to a general software refresh I have also been in Malta now 8 years and a lot of my office hardware was purchased around the time of moving here, so we’ll ...

[ Read More ]

Recovering archived Puppet blog posts

Anonymous, February 27, 2024 12:00 AM | Source: binford2k.com

The Puppet blog has long been a treasure trove of content. You never knew what you might find; a product announcement, an industry analysis, a user interview, a technical post. And it never deleted content, so people got into the habit of linking to blog posts to use as reference or documentation.

This was really great in a lot of ways, but it came with its downsides. Outdated content didn’t always get updated expediently and the amount of content just kept growing so there really wasn’t a good way to manage updates. Only the content that was actively noticed and ...

[ Read More ]

Emerging from a year long apnoea

Anonymous, January 19, 2024 12:00 AM | Source: Example 42

The last post on example42’s blog was from December 2022, more than a year ago. I was introducing tp desktop which is a quick and easy way to manage your desktops with Puppet and I was actively working on the new version of Tiny Puppet which was expecting to deliver the huge promise of being able to install EVERY application on EVERY Operating System (this is already happening for years) in EVERY way (OS packages, upstream repo packages, source code, release tarballs, containers…) with a single Puppet module. Works on this release peaked at last Configuration Management Camp and then ...

[ Read More ]

Use Tetragon to Limit Network Usage for a set of Binary

Julien Acroute, August 03, 2023 07:39 AM | Source: Camptocamp Blog

A matter of trust

Many interesting software are coming from the community, many are distributed through the package manager of the operating system. But for the others, you can download them from Github release pages, use snap or homebrew to cite a few. But this last installation method bypasses the security team that tries to improve the security of your operating system. By doing so, you are implicitly trusting the author he is not distributing malware or implementing backdoors. How many tools did you install by hand? Do you really trust all of them? Confidence is very important, yet it ...

[ Read More ]

Puppet rspec testing and hiera

Martin Alfke (noreply@blogger.com), May 12, 2023 07:08 AM | Source: Unix Freak

Rspec testing your puppet modules supports you in having stable and functional modules.
For a couple of weeks there is hiera integration in rspec-puppet.

Basic Spec setup

You will need a couple of files for puppet module rspec testing:

Gemfile

# Install via
# bundle install --path vendor/gems
#

source "https://rubygems.org"

gem "mocha", :require => false
gem 'puppet',       '>= 3.1.1'
gem 'puppet-lint'
gem 'facter',       '>= 1.6.10'
gem 'rspec-puppet', :git => "https://github.com/rodjek/rspec-puppet.git"
gem 'rake',         '>= 0.9.2'
gem 'puppetlabs_spec_helper', '0.3.0'
gem 'test-unit'

Rakefile

require 'rake'
require 'rake/tasklib'
require 'rspec/core/rake_task'
require 'rubygems'
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-lint'

desc "Run the tests"
RSpec::Core::RakeTask.new(:test) do |t| ...

[ Read More ]

Puppet rspec testing with automatic hiera lookups (implicit hiera lookup like puppet 3.x)

Martin Alfke (noreply@blogger.com), May 12, 2023 07:08 AM | Source: Unix Freak

This article is an add-on to my other article regarding puppet & rspec.
This article only covers automatic hiera lookups used during rspec puppet runs.
Many thanks to Jan (janwaech<at>gmail<dot>com) who spend the time digging into rspec-puppet code finding this nice solution.

Basic Setup:

Gemfile

# Install via
# bundle install --path vendor/gems
#

source "https://rubygems.org"

gem "mocha", :require => false
gem 'puppet',       '>= 3.1.1'
gem 'puppet-lint'
gem 'facter',       '>= 1.6.10'
gem 'rspec-puppet', :git => "https://github.com/rodjek/rspec-puppet.git"
gem 'rake',         '>= 0.9.2'
gem 'puppetlabs_spec_helper', '0.3.0'
gem 'test-unit'

Rakefile

require 'rake'
require 'rake/tasklib'
require 'rspec/core/rake_task'
require 'rubygems'
require 'puppetlabs_spec_helper/rake_tasks'
require 'hiera'
require ...

[ Read More ]

Using ArgoCD Pull Request Generator to review application modifications

Julien Acroute, April 11, 2023 02:29 PM | Source: Camptocamp Blog

As a developer, when modifications are pushed to a feature branch, you and your team want to test this new feature. If you have the chance to work with a stateless application, you can deploy another instance of the application with modifications from the feature branch.

An interesting feature of ArgoCD is the Pull Request Generator. It's a generator for ApplicationSet. An ApplicationSet is a template of ArgoCD Application associated with a generator. Generator can be a directory: an application will be created for every sub-folder. There is also the Cluster generator that deploy the same Application ...

[ Read More ]

Puppet Containment Demystified

Anonymous, January 20, 2023 12:00 AM | Source: binford2k.com

Containment has always been kind of a sticky subject in the Puppet world. Part of the confusion is that that Puppet tries really hard to handle on its own so that you don’t have to care about the weird little implementation details of how ordering relationships are resolved.

But that just means you’re not expecting it when it does raise its nasty little hobbit head.

Let’s talk a bit about how containment works so that you’re not surprised by an unexpected production outage caused by an unforeseen dependency issue.

We’ll start with ordering and the DAG. Directed Acyclic Graph is ...

[ Read More ]

Puppet Containment Demystified

Anonymous, January 20, 2023 12:00 AM | Source: binford2k.com

Containment has always been kind of a sticky subject in the Puppet world. Part of the confusion is that that Puppet tries really hard to handle on its own so that you don’t have to care about the weird little implementation details of how ordering relationships are resolved.

But that just means you’re not expecting it when it does raise its nasty little hobbit head.

Let’s talk a bit about how containment works so that you’re not surprised by an unexpected production outage caused by an unforeseen dependency issue.

We’ll start with ordering and the DAG. Directed Acyclic Graph is ...

[ Read More ]

Desktop as Code with TP Desktop

Anonymous, December 13, 2022 12:00 AM | Source: Example 42

We manage via code the configurations of servers, cloud resources and infrastructures. Are we doing the same with our desktop setups, on our laptop, desktop, remote VDI? Do we manage as code the usual files we have, or would like to have, in our home configurations on remote servers? You may wonder what’s the benefit of adding the complexity of developing configurations that are applied one time and are usually managed manually. Well, let’s see if any of these use cases may be of interest for us: We do not setup our desktop only once. We do it whenever we ...

[ Read More ]

Puppet consulting, the example42 way

Anonymous, November 06, 2022 12:00 AM | Source: Example 42

If you think that this is a mere low budget marketing self-promoting post, you are right. Still, if you are interested in Puppet consulting, or, for some really arcane reason, in example42, keep on reading, as I guarantee that everything written here is true and happened for real. example42, an idea, an approach to work Example42 started in 2008 as an Open Source project, then, in 2015, it became a company based in Berlin, and finally, at the beginning of this year it turned into a brand of Lab42 Srl, my company, based in Italy. The idea behind example42 is ...

[ Read More ]

Puppet supports DoD continuous compliance and configuration management

Anonymous, October 24, 2022 12:00 PM | Source: Puppet

Learn how federal IT teams use Compliance Enforcement Modules to automate continuous compliance without the delay, risk and cost of manual approaches.

[ Read More ]

How to rein in cloud chaos with Puppet

Anonymous, October 18, 2022 03:00 PM | Source: Puppet

Join us for a webinar on how Puppet Enterprise, Bolt, and Puppet code work together to deploy and maintain your cloud infrastructure.

[ Read More ]

Get your time back by getting rid of unused modules with Dropsonde

Anonymous, October 11, 2022 03:53 PM | Source: Puppet

Clean up dead weight in your Puppet codebase (and save time) by getting rid of modules you no longer use. We’ll show you how.

[ Read More ]